• E
    New SSL test framework · 453dfd8d
    Emilia Kasper 提交于
    Currently, SSL tests are configured via command-line switches to
    ssltest.c. This results in a lot of duplication between ssltest.c and
    apps, and a complex setup. ssltest.c is also simply old and needs
    maintenance.
    
    Instead, we already have a way to configure SSL servers and clients, so
    we leverage that. SSL tests can now be configured from a configuration
    file. Test servers and clients are configured using the standard
    ssl_conf module. Additional test settings are configured via a test
    configuration.
    
    Moreover, since the CONF language involves unnecessary boilerplate, the
    test conf itself is generated from a shorter Perl syntax.
    
    The generated testcase files are checked in to the repo to make
    it easier to verify that the intended test cases are in fact run; and to
    simplify debugging failures.
    
    To demonstrate the approach, min/max protocol tests are converted to the
    new format. This change also fixes MinProtocol and MaxProtocol
    handling. It was previously requested that an SSL_CTX have both the
    server and client flags set for these commands; this clearly can never work.
    
    Guide to this PR:
     - test/ssl_test.c - test framework
     - test/ssl_test_ctx.* - test configuration structure
     - test/handshake_helper.* - new SSL test handshaking code
     - test/ssl-tests/ - test configurations
     - test/generate_ssl_tests.pl - script for generating CONF-style test
       configurations from perl inputs
    Reviewed-by: NRichard Levitte <levitte@openssl.org>
    453dfd8d
ssl_conf.c 28.7 KB