source-git / openssl

Clone
Source Code
GIT

Blame test/ssl-tests/03-custom_verify.conf.in

c8 c8s master
  1.   3c126e197bf64be56e1432546d39885b80b61a84
  2.   test
  3.   ssl-tests
  4.   03-custom_verify.conf.in
Blob History Raw
Packit Service 084de1 
# -*- mode: perl; -*-
Packit Service 084de1 
# Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved.
Packit Service 084de1 
#
Packit Service 084de1 
# Licensed under the OpenSSL license (the "License").  You may not use
Packit Service 084de1 
# this file except in compliance with the License.  You can obtain a copy
Packit Service 084de1 
# in the file LICENSE in the source distribution or at
Packit Service 084de1 
# https://www.openssl.org/source/license.html
Packit Service 084de1
Packit Service 084de1
Packit Service 084de1 
## SSL test configurations
Packit Service 084de1
Packit Service 084de1 
package ssltests;
Packit Service 084de1
Packit Service 084de1 
our @tests = (
Packit Service 084de1
Packit Service 084de1 
    # Sanity-check that verification indeed succeeds without the
Packit Service 084de1 
    # restrictive callback.
Packit Service 084de1 
    {
Packit Service 084de1 
        name => "verify-success",
Packit Service 084de1 
        server => { },
Packit Service 084de1 
        client => { },
Packit Service 084de1 
        test   => { "ExpectedResult" => "Success" },
Packit Service 084de1 
    },
Packit Service 084de1
Packit Service 084de1 
    # Same test as above but with a custom callback that always fails.
Packit Service 084de1 
    {
Packit Service 084de1 
        name => "verify-custom-reject",
Packit Service 084de1 
        server => { },
Packit Service 084de1 
        client => {
Packit Service 084de1 
            extra => {
Packit Service 084de1 
                "VerifyCallback" => "RejectAll",
Packit Service 084de1 
            },
Packit Service 084de1 
        },
Packit Service 084de1 
        test   => {
Packit Service 084de1 
            "ExpectedResult" => "ClientFail",
Packit Service 084de1 
            "ExpectedClientAlert" => "HandshakeFailure",
Packit Service 084de1 
        },
Packit Service 084de1 
    },
Packit Service 084de1
Packit Service 084de1 
    # Same test as above but with a custom callback that always succeeds.
Packit Service 084de1 
    {
Packit Service 084de1 
        name => "verify-custom-allow",
Packit Service 084de1 
        server => { },
Packit Service 084de1 
        client => {
Packit Service 084de1 
            extra => {
Packit Service 084de1 
                "VerifyCallback" => "AcceptAll",
Packit Service 084de1 
            },
Packit Service 084de1 
        },
Packit Service 084de1 
        test   => {
Packit Service 084de1 
            "ExpectedResult" => "Success",
Packit Service 084de1 
        },
Packit Service 084de1 
    },
Packit Service 084de1
Packit Service 084de1 
    # Sanity-check that verification indeed succeeds if peer verification
Packit Service 084de1 
    # is not requested.
Packit Service 084de1 
    {
Packit Service 084de1 
        name => "noverify-success",
Packit Service 084de1 
        server => { },
Packit Service 084de1 
        client => {
Packit Service 084de1 
            "VerifyMode" => undef,
Packit Service 084de1 
            "VerifyCAFile" => undef,
Packit Service 084de1 
        },
Packit Service 084de1 
        test   => { "ExpectedResult" => "Success" },
Packit Service 084de1 
    },
Packit Service 084de1
Packit Service 084de1 
    # Same test as above but with a custom callback that always fails.
Packit Service 084de1 
    # The callback return has no impact on handshake success in this mode.
Packit Service 084de1 
    {
Packit Service 084de1 
        name => "noverify-ignore-custom-reject",
Packit Service 084de1 
        server => { },
Packit Service 084de1 
        client => {
Packit Service 084de1 
            "VerifyMode" => undef,
Packit Service 084de1 
            "VerifyCAFile" => undef,
Packit Service 084de1 
            extra => {
Packit Service 084de1 
                "VerifyCallback" => "RejectAll",
Packit Service 084de1 
            },
Packit Service 084de1 
        },
Packit Service 084de1 
        test   => {
Packit Service 084de1 
            "ExpectedResult" => "Success",
Packit Service 084de1 
        },
Packit Service 084de1 
    },
Packit Service 084de1
Packit Service 084de1 
    # Same test as above but with a custom callback that always succeeds.
Packit Service 084de1 
    # The callback return has no impact on handshake success in this mode.
Packit Service 084de1 
    {
Packit Service 084de1 
        name => "noverify-accept-custom-allow",
Packit Service 084de1 
        server => { },
Packit Service 084de1 
        client => {
Packit Service 084de1 
            "VerifyMode" => undef,
Packit Service 084de1 
            "VerifyCAFile" => undef,
Packit Service 084de1 
            extra => {
Packit Service 084de1 
                "VerifyCallback" => "AcceptAll",
Packit Service 084de1 
            },
Packit Service 084de1 
        },
Packit Service 084de1 
        test   => {
Packit Service 084de1 
            "ExpectedResult" => "Success",
Packit Service 084de1 
        },
Packit Service 084de1 
    },
Packit Service 084de1
Packit Service 084de1 
    # Sanity-check that verification indeed fails without the
Packit Service 084de1 
    # permissive callback.
Packit Service 084de1 
    {
Packit Service 084de1 
        name => "verify-fail-no-root",
Packit Service 084de1 
        server => { },
Packit Service 084de1 
        client => {
Packit Service 084de1 
            # Don't set up the client root file.
Packit Service 084de1 
            "VerifyCAFile" => undef,
Packit Service 084de1 
        },
Packit Service 084de1 
        test   => {
Packit Service 084de1 
          "ExpectedResult" => "ClientFail",
Packit Service 084de1 
          "ExpectedClientAlert" => "UnknownCA",
Packit Service 084de1 
        },
Packit Service 084de1 
    },
Packit Service 084de1
Packit Service 084de1 
    # Same test as above but with a custom callback that always succeeds.
Packit Service 084de1 
    {
Packit Service 084de1 
        name => "verify-custom-success-no-root",
Packit Service 084de1 
        server => { },
Packit Service 084de1 
        client => {
Packit Service 084de1 
            "VerifyCAFile" => undef,
Packit Service 084de1 
            extra => {
Packit Service 084de1 
                "VerifyCallback" => "AcceptAll",
Packit Service 084de1 
            },
Packit Service 084de1 
        },
Packit Service 084de1 
        test   => {
Packit Service 084de1 
            "ExpectedResult" => "Success"
Packit Service 084de1 
        },
Packit Service 084de1 
    },
Packit Service 084de1
Packit Service 084de1 
    # Same test as above but with a custom callback that always fails.
Packit Service 084de1 
    {
Packit Service 084de1 
        name => "verify-custom-fail-no-root",
Packit Service 084de1 
        server => { },
Packit Service 084de1 
        client => {
Packit Service 084de1 
            "VerifyCAFile" => undef,
Packit Service 084de1 
            extra => {
Packit Service 084de1 
                "VerifyCallback" => "RejectAll",
Packit Service 084de1 
            },
Packit Service 084de1 
        },
Packit Service 084de1 
        test   => {
Packit Service 084de1 
            "ExpectedResult" => "ClientFail",
Packit Service 084de1 
            "ExpectedClientAlert" => "HandshakeFailure",
Packit Service 084de1 
        },
Packit Service 084de1 
    },
Packit Service 084de1 
);

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation