"Fossies" - the Fresh Open Source Software Archive

Member "openssl-1.1.1b/test/ssl-tests/03-custom_verify.conf.in" (26 Feb 2019, 3948 Bytes) of package /linux/misc/openssl-1.1.1b.tar.gz:


As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1 # -*- mode: perl; -*-
    2 # Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved.
    3 #
    4 # Licensed under the OpenSSL license (the "License").  You may not use
    5 # this file except in compliance with the License.  You can obtain a copy
    6 # in the file LICENSE in the source distribution or at
    7 # https://www.openssl.org/source/license.html
    8 
    9 
   10 ## SSL test configurations
   11 
   12 package ssltests;
   13 
   14 our @tests = (
   15 
   16     # Sanity-check that verification indeed succeeds without the
   17     # restrictive callback.
   18     {
   19         name => "verify-success",
   20         server => { },
   21         client => { },
   22         test   => { "ExpectedResult" => "Success" },
   23     },
   24 
   25     # Same test as above but with a custom callback that always fails.
   26     {
   27         name => "verify-custom-reject",
   28         server => { },
   29         client => {
   30             extra => {
   31                 "VerifyCallback" => "RejectAll",
   32             },
   33         },
   34         test   => {
   35             "ExpectedResult" => "ClientFail",
   36             "ExpectedClientAlert" => "HandshakeFailure",
   37         },
   38     },
   39 
   40     # Same test as above but with a custom callback that always succeeds.
   41     {
   42         name => "verify-custom-allow",
   43         server => { },
   44         client => {
   45             extra => {
   46                 "VerifyCallback" => "AcceptAll",
   47             },
   48         },
   49         test   => {
   50             "ExpectedResult" => "Success",
   51         },
   52     },
   53 
   54     # Sanity-check that verification indeed succeeds if peer verification
   55     # is not requested.
   56     {
   57         name => "noverify-success",
   58         server => { },
   59         client => {
   60             "VerifyMode" => undef,
   61             "VerifyCAFile" => undef,
   62         },
   63         test   => { "ExpectedResult" => "Success" },
   64     },
   65 
   66     # Same test as above but with a custom callback that always fails.
   67     # The callback return has no impact on handshake success in this mode.
   68     {
   69         name => "noverify-ignore-custom-reject",
   70         server => { },
   71         client => {
   72             "VerifyMode" => undef,
   73             "VerifyCAFile" => undef,
   74             extra => {
   75                 "VerifyCallback" => "RejectAll",
   76             },
   77         },
   78         test   => {
   79             "ExpectedResult" => "Success",
   80         },
   81     },
   82 
   83     # Same test as above but with a custom callback that always succeeds.
   84     # The callback return has no impact on handshake success in this mode.
   85     {
   86         name => "noverify-accept-custom-allow",
   87         server => { },
   88         client => {
   89             "VerifyMode" => undef,
   90             "VerifyCAFile" => undef,
   91             extra => {
   92                 "VerifyCallback" => "AcceptAll",
   93             },
   94         },
   95         test   => {
   96             "ExpectedResult" => "Success",
   97         },
   98     },
   99 
  100     # Sanity-check that verification indeed fails without the
  101     # permissive callback.
  102     {
  103         name => "verify-fail-no-root",
  104         server => { },
  105         client => {
  106             # Don't set up the client root file.
  107             "VerifyCAFile" => undef,
  108         },
  109         test   => {
  110           "ExpectedResult" => "ClientFail",
  111           "ExpectedClientAlert" => "UnknownCA",
  112         },
  113     },
  114 
  115     # Same test as above but with a custom callback that always succeeds.
  116     {
  117         name => "verify-custom-success-no-root",
  118         server => { },
  119         client => {
  120             "VerifyCAFile" => undef,
  121             extra => {
  122                 "VerifyCallback" => "AcceptAll",
  123             },
  124         },
  125         test   => {
  126             "ExpectedResult" => "Success"
  127         },
  128     },
  129 
  130     # Same test as above but with a custom callback that always fails.
  131     {
  132         name => "verify-custom-fail-no-root",
  133         server => { },
  134         client => {
  135             "VerifyCAFile" => undef,
  136             extra => {
  137                 "VerifyCallback" => "RejectAll",
  138             },
  139         },
  140         test   => {
  141             "ExpectedResult" => "ClientFail",
  142             "ExpectedClientAlert" => "HandshakeFailure",
  143         },
  144     },
  145 );