Skip to content

O
openssl

btwise / openssl

通知 1
Star 0
Fork 0
O
openssl

体验新版 GitCode,发现更多精彩内容 >>

提交 2ac6bdc0 编写于 作者: E Emilia Kasper
浏览文件
操作

NPN and ALPN: test resumption 

In NPN and ALPN, the protocol is renegotiated upon resumption. Test that
resumption picks up changes to the extension.
Reviewed-by: NRich Salz <rsalz@openssl.org>
上级 7b7cea6d
显示空白变更内容
内联 并排
Showing with 950 addition and 52 deletion
test/recipes/80-test_ssl_old.t
浏览文件 @ 2ac6bdc0
......@@ -79,7 +79,7 @@ my $client_sess="client.ss";
# new format in ssl_test.c and add recipes to 80-test_ssl_new.t instead.
plan tests =>
1 # For testss
+9 # For the first testssl
+8 # For the first testssl
;
subtest 'test_ss' => sub {
......@@ -526,22 +526,6 @@ sub testssl {
};
subtest 'Next Protocol Negotiation Tests' => sub {
######################################################################
plan tests => 2;
SKIP: {
skip "TLSv1.0 is not supported by this OpenSSL build", 2
if $no_tls1;
skip "Next Protocol Negotiation is not supported by this OpenSSL build", 2
if disabled("nextprotoneg");
ok(run(test([@ssltest, "-bio_pair", "-tls1", "-npn_client", "-npn_server", "-num", "2"])));
ok(run(test([@ssltest, "-bio_pair", "-tls1", "-npn_client", "-npn_server", "-num", "2", "-reuse"])));
}
};
subtest 'Custom Extension tests' => sub {
######################################################################
......
test/ssl-tests/08-npn.conf
浏览文件 @ 2ac6bdc0
# Generated with generate_ssl_tests.pl
num_tests = 12
num_tests = 20
test-0 = 0-npn-simple
test-1 = 1-npn-client-finds-match
......@@ -14,6 +14,14 @@ test-8 = 8-npn-selected-sni-server-supports-npn
test-9 = 9-npn-selected-sni-server-does-not-support-npn
test-10 = 10-alpn-preferred-over-npn
test-11 = 11-sni-npn-preferred-over-alpn
test-12 = 12-npn-simple-resumption
test-13 = 13-npn-server-switch-resumption
test-14 = 14-npn-client-switch-resumption
test-15 = 15-npn-client-first-pref-on-mismatch-resumption
test-16 = 16-npn-no-server-support-resumption
test-17 = 17-npn-no-client-support-resumption
test-18 = 18-alpn-preferred-over-npn-resumption
test-19 = 19-npn-used-if-alpn-not-supported-resumption
# ===========================================================
[0-npn-simple]
......@@ -438,3 +446,349 @@ NPNProtocols = bar
ServerName = server2
# ===========================================================
[12-npn-simple-resumption]
ssl_conf = 12-npn-simple-resumption-ssl
[12-npn-simple-resumption-ssl]
server = 12-npn-simple-resumption-server
client = 12-npn-simple-resumption-client
resume-server = 12-npn-simple-resumption-server
resume-client = 12-npn-simple-resumption-client
[12-npn-simple-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[12-npn-simple-resumption-client]
CipherString = DEFAULT
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-12]
ExpectedNPNProtocol = foo
HandshakeMode = Resume
ResumptionExpected = Yes
server = 12-npn-simple-resumption-server-extra
resume-server = 12-npn-simple-resumption-server-extra
client = 12-npn-simple-resumption-client-extra
resume-client = 12-npn-simple-resumption-client-extra
[12-npn-simple-resumption-server-extra]
NPNProtocols = foo
[12-npn-simple-resumption-client-extra]
NPNProtocols = foo
# ===========================================================
[13-npn-server-switch-resumption]
ssl_conf = 13-npn-server-switch-resumption-ssl
[13-npn-server-switch-resumption-ssl]
server = 13-npn-server-switch-resumption-server
client = 13-npn-server-switch-resumption-client
resume-server = 13-npn-server-switch-resumption-resume-server
resume-client = 13-npn-server-switch-resumption-client
[13-npn-server-switch-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[13-npn-server-switch-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[13-npn-server-switch-resumption-client]
CipherString = DEFAULT
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-13]
ExpectedNPNProtocol = baz
HandshakeMode = Resume
ResumptionExpected = Yes
server = 13-npn-server-switch-resumption-server-extra
resume-server = 13-npn-server-switch-resumption-resume-server-extra
client = 13-npn-server-switch-resumption-client-extra
resume-client = 13-npn-server-switch-resumption-client-extra
[13-npn-server-switch-resumption-server-extra]
NPNProtocols = bar,foo
[13-npn-server-switch-resumption-resume-server-extra]
NPNProtocols = baz,foo
[13-npn-server-switch-resumption-client-extra]
NPNProtocols = foo,bar,baz
# ===========================================================
[14-npn-client-switch-resumption]
ssl_conf = 14-npn-client-switch-resumption-ssl
[14-npn-client-switch-resumption-ssl]
server = 14-npn-client-switch-resumption-server
client = 14-npn-client-switch-resumption-client
resume-server = 14-npn-client-switch-resumption-server
resume-client = 14-npn-client-switch-resumption-resume-client
[14-npn-client-switch-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[14-npn-client-switch-resumption-client]
CipherString = DEFAULT
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[14-npn-client-switch-resumption-resume-client]
CipherString = DEFAULT
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-14]
ExpectedNPNProtocol = bar
HandshakeMode = Resume
ResumptionExpected = Yes
server = 14-npn-client-switch-resumption-server-extra
resume-server = 14-npn-client-switch-resumption-server-extra
client = 14-npn-client-switch-resumption-client-extra
resume-client = 14-npn-client-switch-resumption-resume-client-extra
[14-npn-client-switch-resumption-server-extra]
NPNProtocols = foo,bar,baz
[14-npn-client-switch-resumption-client-extra]
NPNProtocols = foo,baz
[14-npn-client-switch-resumption-resume-client-extra]
NPNProtocols = bar,baz
# ===========================================================
[15-npn-client-first-pref-on-mismatch-resumption]
ssl_conf = 15-npn-client-first-pref-on-mismatch-resumption-ssl
[15-npn-client-first-pref-on-mismatch-resumption-ssl]
server = 15-npn-client-first-pref-on-mismatch-resumption-server
client = 15-npn-client-first-pref-on-mismatch-resumption-client
resume-server = 15-npn-client-first-pref-on-mismatch-resumption-resume-server
resume-client = 15-npn-client-first-pref-on-mismatch-resumption-client
[15-npn-client-first-pref-on-mismatch-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[15-npn-client-first-pref-on-mismatch-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[15-npn-client-first-pref-on-mismatch-resumption-client]
CipherString = DEFAULT
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-15]
ExpectedNPNProtocol = foo
HandshakeMode = Resume
ResumptionExpected = Yes
server = 15-npn-client-first-pref-on-mismatch-resumption-server-extra
resume-server = 15-npn-client-first-pref-on-mismatch-resumption-resume-server-extra
client = 15-npn-client-first-pref-on-mismatch-resumption-client-extra
resume-client = 15-npn-client-first-pref-on-mismatch-resumption-client-extra
[15-npn-client-first-pref-on-mismatch-resumption-server-extra]
NPNProtocols = bar
[15-npn-client-first-pref-on-mismatch-resumption-resume-server-extra]
NPNProtocols = baz
[15-npn-client-first-pref-on-mismatch-resumption-client-extra]
NPNProtocols = foo,bar
# ===========================================================
[16-npn-no-server-support-resumption]
ssl_conf = 16-npn-no-server-support-resumption-ssl
[16-npn-no-server-support-resumption-ssl]
server = 16-npn-no-server-support-resumption-server
client = 16-npn-no-server-support-resumption-client
resume-server = 16-npn-no-server-support-resumption-resume-server
resume-client = 16-npn-no-server-support-resumption-client
[16-npn-no-server-support-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[16-npn-no-server-support-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[16-npn-no-server-support-resumption-client]
CipherString = DEFAULT
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-16]
HandshakeMode = Resume
ResumptionExpected = Yes
server = 16-npn-no-server-support-resumption-server-extra
client = 16-npn-no-server-support-resumption-client-extra
resume-client = 16-npn-no-server-support-resumption-client-extra
[16-npn-no-server-support-resumption-server-extra]
NPNProtocols = foo
[16-npn-no-server-support-resumption-client-extra]
NPNProtocols = foo
# ===========================================================
[17-npn-no-client-support-resumption]
ssl_conf = 17-npn-no-client-support-resumption-ssl
[17-npn-no-client-support-resumption-ssl]
server = 17-npn-no-client-support-resumption-server
client = 17-npn-no-client-support-resumption-client
resume-server = 17-npn-no-client-support-resumption-server
resume-client = 17-npn-no-client-support-resumption-resume-client
[17-npn-no-client-support-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[17-npn-no-client-support-resumption-client]
CipherString = DEFAULT
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[17-npn-no-client-support-resumption-resume-client]
CipherString = DEFAULT
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-17]
HandshakeMode = Resume
ResumptionExpected = Yes
server = 17-npn-no-client-support-resumption-server-extra
resume-server = 17-npn-no-client-support-resumption-server-extra
client = 17-npn-no-client-support-resumption-client-extra
[17-npn-no-client-support-resumption-server-extra]
NPNProtocols = foo
[17-npn-no-client-support-resumption-client-extra]
NPNProtocols = foo
# ===========================================================
[18-alpn-preferred-over-npn-resumption]
ssl_conf = 18-alpn-preferred-over-npn-resumption-ssl
[18-alpn-preferred-over-npn-resumption-ssl]
server = 18-alpn-preferred-over-npn-resumption-server
client = 18-alpn-preferred-over-npn-resumption-client
resume-server = 18-alpn-preferred-over-npn-resumption-resume-server
resume-client = 18-alpn-preferred-over-npn-resumption-client
[18-alpn-preferred-over-npn-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[18-alpn-preferred-over-npn-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[18-alpn-preferred-over-npn-resumption-client]
CipherString = DEFAULT
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-18]
ExpectedALPNProtocol = foo
HandshakeMode = Resume
ResumptionExpected = Yes
server = 18-alpn-preferred-over-npn-resumption-server-extra
resume-server = 18-alpn-preferred-over-npn-resumption-resume-server-extra
client = 18-alpn-preferred-over-npn-resumption-client-extra
resume-client = 18-alpn-preferred-over-npn-resumption-client-extra
[18-alpn-preferred-over-npn-resumption-server-extra]
NPNProtocols = bar
[18-alpn-preferred-over-npn-resumption-resume-server-extra]
ALPNProtocols = foo
NPNProtocols = baz
[18-alpn-preferred-over-npn-resumption-client-extra]
ALPNProtocols = foo
NPNProtocols = bar,baz
# ===========================================================
[19-npn-used-if-alpn-not-supported-resumption]
ssl_conf = 19-npn-used-if-alpn-not-supported-resumption-ssl
[19-npn-used-if-alpn-not-supported-resumption-ssl]
server = 19-npn-used-if-alpn-not-supported-resumption-server
client = 19-npn-used-if-alpn-not-supported-resumption-client
resume-server = 19-npn-used-if-alpn-not-supported-resumption-resume-server
resume-client = 19-npn-used-if-alpn-not-supported-resumption-client
[19-npn-used-if-alpn-not-supported-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[19-npn-used-if-alpn-not-supported-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[19-npn-used-if-alpn-not-supported-resumption-client]
CipherString = DEFAULT
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-19]
ExpectedNPNProtocol = baz
HandshakeMode = Resume
ResumptionExpected = Yes
server = 19-npn-used-if-alpn-not-supported-resumption-server-extra
resume-server = 19-npn-used-if-alpn-not-supported-resumption-resume-server-extra
client = 19-npn-used-if-alpn-not-supported-resumption-client-extra
resume-client = 19-npn-used-if-alpn-not-supported-resumption-client-extra
[19-npn-used-if-alpn-not-supported-resumption-server-extra]
ALPNProtocols = foo
NPNProtocols = bar
[19-npn-used-if-alpn-not-supported-resumption-resume-server-extra]
NPNProtocols = baz
[19-npn-used-if-alpn-not-supported-resumption-client-extra]
ALPNProtocols = foo
NPNProtocols = bar,baz
test/ssl-tests/08-npn.conf.in
浏览文件 @ 2ac6bdc0
......@@ -240,4 +240,181 @@ our @tests = (
"ExpectedServerName" => "server2",
},
},
{
name => "npn-simple-resumption",
server => {
extra => {
"NPNProtocols" => "foo",
},
},
client => {
extra => {
"NPNProtocols" => "foo",
},
},
test => {
"HandshakeMode" => "Resume",
"ResumptionExpected" => "Yes",
"ExpectedNPNProtocol" => "foo",
},
},
{
name => "npn-server-switch-resumption",
server => {
extra => {
"NPNProtocols" => "bar,foo",
},
},
resume_server => {
extra => {
"NPNProtocols" => "baz,foo",
},
},
client => {
extra => {
"NPNProtocols" => "foo,bar,baz",
},
},
test => {
"HandshakeMode" => "Resume",
"ResumptionExpected" => "Yes",
"ExpectedNPNProtocol" => "baz",
},
},
{
name => "npn-client-switch-resumption",
server => {
extra => {
"NPNProtocols" => "foo,bar,baz",
},
},
client => {
extra => {
"NPNProtocols" => "foo,baz",
},
},
resume_client => {
extra => {
"NPNProtocols" => "bar,baz",
},
},
test => {
"HandshakeMode" => "Resume",
"ResumptionExpected" => "Yes",
"ExpectedNPNProtocol" => "bar",
},
},
{
name => "npn-client-first-pref-on-mismatch-resumption",
server => {
extra => {
"NPNProtocols" => "bar",
},
},
resume_server => {
extra => {
"NPNProtocols" => "baz",
},
},
client => {
extra => {
"NPNProtocols" => "foo,bar",
},
},
test => {
"HandshakeMode" => "Resume",
"ResumptionExpected" => "Yes",
"ExpectedNPNProtocol" => "foo",
},
},
{
name => "npn-no-server-support-resumption",
server => {
extra => {
"NPNProtocols" => "foo",
},
},
resume_server => { },
client => {
extra => {
"NPNProtocols" => "foo",
},
},
test => {
"HandshakeMode" => "Resume",
"ResumptionExpected" => "Yes",
"ExpectedNPNProtocol" => undef,
},
},
{
name => "npn-no-client-support-resumption",
server => {
extra => {
"NPNProtocols" => "foo",
},
},
client => {
extra => {
"NPNProtocols" => "foo",
},
},
resume_client => { },
test => {
"HandshakeMode" => "Resume",
"ResumptionExpected" => "Yes",
"ExpectedNPNProtocol" => undef,
},
},
{
name => "alpn-preferred-over-npn-resumption",
server => {
extra => {
"NPNProtocols" => "bar",
},
},
resume_server => {
extra => {
"ALPNProtocols" => "foo",
"NPNProtocols" => "baz",
},
},
client => {
extra => {
"ALPNProtocols" => "foo",
"NPNProtocols" => "bar,baz",
},
},
test => {
"HandshakeMode" => "Resume",
"ResumptionExpected" => "Yes",
"ExpectedALPNProtocol" => "foo",
"ExpectedNPNProtocol" => undef,
},
},
{
name => "npn-used-if-alpn-not-supported-resumption",
server => {
extra => {
"ALPNProtocols" => "foo",
"NPNProtocols" => "bar",
},
},
resume_server => {
extra => {
"NPNProtocols" => "baz",
},
},
client => {
extra => {
"ALPNProtocols" => "foo",
"NPNProtocols" => "bar,baz",
},
},
test => {
"HandshakeMode" => "Resume",
"ResumptionExpected" => "Yes",
"ExpectedALPNProtocol" => undef,
"ExpectedNPNProtocol" => "baz",
},
},
);
test/ssl-tests/09-alpn.conf
浏览文件 @ 2ac6bdc0
# Generated with generate_ssl_tests.pl
num_tests = 10
num_tests = 16
test-0 = 0-alpn-simple
test-1 = 1-alpn-server-finds-match
......@@ -12,6 +12,12 @@ test-6 = 6-alpn-with-sni-no-context-switch
test-7 = 7-alpn-with-sni-context-switch
test-8 = 8-alpn-selected-sni-server-supports-alpn
test-9 = 9-alpn-selected-sni-server-does-not-support-alpn
test-10 = 10-alpn-simple-resumption
test-11 = 11-alpn-server-switch-resumption
test-12 = 12-alpn-client-switch-resumption
test-13 = 13-alpn-alert-on-mismatch-resumption
test-14 = 14-alpn-no-server-support-resumption
test-15 = 15-alpn-no-client-support-resumption
# ===========================================================
[0-alpn-simple]
......@@ -359,3 +365,255 @@ ALPNProtocols = foo,bar
ServerName = server2
# ===========================================================
[10-alpn-simple-resumption]
ssl_conf = 10-alpn-simple-resumption-ssl
[10-alpn-simple-resumption-ssl]
server = 10-alpn-simple-resumption-server
client = 10-alpn-simple-resumption-client
resume-server = 10-alpn-simple-resumption-server
resume-client = 10-alpn-simple-resumption-client
[10-alpn-simple-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[10-alpn-simple-resumption-client]
CipherString = DEFAULT
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-10]
ExpectedALPNProtocol = foo
HandshakeMode = Resume
ResumptionExpected = Yes
server = 10-alpn-simple-resumption-server-extra
resume-server = 10-alpn-simple-resumption-server-extra
client = 10-alpn-simple-resumption-client-extra
resume-client = 10-alpn-simple-resumption-client-extra
[10-alpn-simple-resumption-server-extra]
ALPNProtocols = foo
[10-alpn-simple-resumption-client-extra]
ALPNProtocols = foo
# ===========================================================
[11-alpn-server-switch-resumption]
ssl_conf = 11-alpn-server-switch-resumption-ssl
[11-alpn-server-switch-resumption-ssl]
server = 11-alpn-server-switch-resumption-server
client = 11-alpn-server-switch-resumption-client
resume-server = 11-alpn-server-switch-resumption-resume-server
resume-client = 11-alpn-server-switch-resumption-client
[11-alpn-server-switch-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[11-alpn-server-switch-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[11-alpn-server-switch-resumption-client]
CipherString = DEFAULT
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-11]
ExpectedALPNProtocol = baz
HandshakeMode = Resume
ResumptionExpected = Yes
server = 11-alpn-server-switch-resumption-server-extra
resume-server = 11-alpn-server-switch-resumption-resume-server-extra
client = 11-alpn-server-switch-resumption-client-extra
resume-client = 11-alpn-server-switch-resumption-client-extra
[11-alpn-server-switch-resumption-server-extra]
ALPNProtocols = bar,foo
[11-alpn-server-switch-resumption-resume-server-extra]
ALPNProtocols = baz,foo
[11-alpn-server-switch-resumption-client-extra]
ALPNProtocols = foo,bar,baz
# ===========================================================
[12-alpn-client-switch-resumption]
ssl_conf = 12-alpn-client-switch-resumption-ssl
[12-alpn-client-switch-resumption-ssl]
server = 12-alpn-client-switch-resumption-server
client = 12-alpn-client-switch-resumption-client
resume-server = 12-alpn-client-switch-resumption-server
resume-client = 12-alpn-client-switch-resumption-resume-client
[12-alpn-client-switch-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[12-alpn-client-switch-resumption-client]
CipherString = DEFAULT
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[12-alpn-client-switch-resumption-resume-client]
CipherString = DEFAULT
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-12]
ExpectedALPNProtocol = bar
HandshakeMode = Resume
ResumptionExpected = Yes
server = 12-alpn-client-switch-resumption-server-extra
resume-server = 12-alpn-client-switch-resumption-server-extra
client = 12-alpn-client-switch-resumption-client-extra
resume-client = 12-alpn-client-switch-resumption-resume-client-extra
[12-alpn-client-switch-resumption-server-extra]
ALPNProtocols = foo,bar,baz
[12-alpn-client-switch-resumption-client-extra]
ALPNProtocols = foo,baz
[12-alpn-client-switch-resumption-resume-client-extra]
ALPNProtocols = bar,baz
# ===========================================================
[13-alpn-alert-on-mismatch-resumption]
ssl_conf = 13-alpn-alert-on-mismatch-resumption-ssl
[13-alpn-alert-on-mismatch-resumption-ssl]
server = 13-alpn-alert-on-mismatch-resumption-server
client = 13-alpn-alert-on-mismatch-resumption-client
resume-server = 13-alpn-alert-on-mismatch-resumption-resume-server
resume-client = 13-alpn-alert-on-mismatch-resumption-client
[13-alpn-alert-on-mismatch-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[13-alpn-alert-on-mismatch-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[13-alpn-alert-on-mismatch-resumption-client]
CipherString = DEFAULT
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-13]
ExpectedResult = ServerFail
ExpectedServerAlert = NoApplicationProtocol
HandshakeMode = Resume
server = 13-alpn-alert-on-mismatch-resumption-server-extra
resume-server = 13-alpn-alert-on-mismatch-resumption-resume-server-extra
client = 13-alpn-alert-on-mismatch-resumption-client-extra
resume-client = 13-alpn-alert-on-mismatch-resumption-client-extra
[13-alpn-alert-on-mismatch-resumption-server-extra]
ALPNProtocols = bar
[13-alpn-alert-on-mismatch-resumption-resume-server-extra]
ALPNProtocols = baz
[13-alpn-alert-on-mismatch-resumption-client-extra]
ALPNProtocols = foo,bar
# ===========================================================
[14-alpn-no-server-support-resumption]
ssl_conf = 14-alpn-no-server-support-resumption-ssl
[14-alpn-no-server-support-resumption-ssl]
server = 14-alpn-no-server-support-resumption-server
client = 14-alpn-no-server-support-resumption-client
resume-server = 14-alpn-no-server-support-resumption-resume-server
resume-client = 14-alpn-no-server-support-resumption-client
[14-alpn-no-server-support-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[14-alpn-no-server-support-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[14-alpn-no-server-support-resumption-client]
CipherString = DEFAULT
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-14]
HandshakeMode = Resume
ResumptionExpected = Yes
server = 14-alpn-no-server-support-resumption-server-extra
client = 14-alpn-no-server-support-resumption-client-extra
resume-client = 14-alpn-no-server-support-resumption-client-extra
[14-alpn-no-server-support-resumption-server-extra]
ALPNProtocols = foo
[14-alpn-no-server-support-resumption-client-extra]
ALPNProtocols = foo
# ===========================================================
[15-alpn-no-client-support-resumption]
ssl_conf = 15-alpn-no-client-support-resumption-ssl
[15-alpn-no-client-support-resumption-ssl]
server = 15-alpn-no-client-support-resumption-server
client = 15-alpn-no-client-support-resumption-client
resume-server = 15-alpn-no-client-support-resumption-server
resume-client = 15-alpn-no-client-support-resumption-resume-client
[15-alpn-no-client-support-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[15-alpn-no-client-support-resumption-client]
CipherString = DEFAULT
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[15-alpn-no-client-support-resumption-resume-client]
CipherString = DEFAULT
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-15]
HandshakeMode = Resume
ResumptionExpected = Yes
server = 15-alpn-no-client-support-resumption-server-extra
resume-server = 15-alpn-no-client-support-resumption-server-extra
client = 15-alpn-no-client-support-resumption-client-extra
[15-alpn-no-client-support-resumption-server-extra]
ALPNProtocols = foo
[15-alpn-no-client-support-resumption-client-extra]
ALPNProtocols = foo
test/ssl-tests/09-alpn.conf.in
浏览文件 @ 2ac6bdc0
......@@ -196,4 +196,129 @@ our @tests = (
"ExpectedALPNProtocol" => undef,
},
},
{
name => "alpn-simple-resumption",
server => {
extra => {
"ALPNProtocols" => "foo",
},
},
client => {
extra => {
"ALPNProtocols" => "foo",
},
},
test => {
"HandshakeMode" => "Resume",
"ResumptionExpected" => "Yes",
"ExpectedALPNProtocol" => "foo",
},
},
{
name => "alpn-server-switch-resumption",
server => {
extra => {
"ALPNProtocols" => "bar,foo",
},
},
resume_server => {
extra => {
"ALPNProtocols" => "baz,foo",
},
},
client => {
extra => {
"ALPNProtocols" => "foo,bar,baz",
},
},
test => {
"HandshakeMode" => "Resume",
"ResumptionExpected" => "Yes",
"ExpectedALPNProtocol" => "baz",
},
},
{
name => "alpn-client-switch-resumption",
server => {
extra => {
"ALPNProtocols" => "foo,bar,baz",
},
},
client => {
extra => {
"ALPNProtocols" => "foo,baz",
},
},
resume_client => {
extra => {
"ALPNProtocols" => "bar,baz",
},
},
test => {
"HandshakeMode" => "Resume",
"ResumptionExpected" => "Yes",
"ExpectedALPNProtocol" => "bar",
},
},
{
name => "alpn-alert-on-mismatch-resumption",
server => {
extra => {
"ALPNProtocols" => "bar",
},
},
resume_server => {
extra => {
"ALPNProtocols" => "baz",
},
},
client => {
extra => {
"ALPNProtocols" => "foo,bar",
},
},
test => {
"HandshakeMode" => "Resume",
"ExpectedResult" => "ServerFail",
"ExpectedServerAlert" => "NoApplicationProtocol",
},
},
{
name => "alpn-no-server-support-resumption",
server => {
extra => {
"ALPNProtocols" => "foo",
},
},
resume_server => { },
client => {
extra => {
"ALPNProtocols" => "foo",
},
},
test => {
"HandshakeMode" => "Resume",
"ResumptionExpected" => "Yes",
"ExpectedALPNProtocol" => undef,
},
},
{
name => "alpn-no-client-support-resumption",
server => {
extra => {
"ALPNProtocols" => "foo",
},
},
client => {
extra => {
"ALPNProtocols" => "foo",
},
},
resume_client => { },
test => {
"HandshakeMode" => "Resume",
"ResumptionExpected" => "Yes",
"ExpectedALPNProtocol" => undef,
},
},
);
test/ssl_test.tmpl
浏览文件 @ 2ac6bdc0
......@@ -85,7 +85,7 @@ client = {-$testname-}-client{-
if (%resume_client && $resume_client{"extra"}) {
$OUT .= "resume-client = $testname-resume-client-extra\n";
} elsif ($reuse_resume_client && $client{"extra"}) {
$OUT .= "client = $testname-client-extra\n";
$OUT .= "resume-client = $testname-client-extra\n";
}
if ($server{"extra"}) {
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册