Commit b0292980 authored by Emilia Kasper's avatar Emilia Kasper
Browse files

SSL test: only write out server2 when testing SNI 



The SNI tests introduced a redundant "server2" section into every test
configuration. Copy this automatically from "server" unless testing SNI,
to reduce noise in the generated confs.

Also remove duplicate SSL_TEST_CTX_create (merge conflict error).

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
parent 25b9d11c

test/generate_ssl_tests.pl

+6 −7
Original line number Diff line number Diff line
@@ -43,11 +43,11 @@ sub print_templates { 
    # Add the implicit base configuration.

    foreach my $test (@ssltests::tests) {

        $test->{"server"} = { (%ssltests::base_server, %{$test->{"server"}}) };

	# use server values if server2 is not defined

	# Do not emit an empty "server2" section.

	if (defined $test->{"server2"}) {

            $test->{"server2"} = { (%ssltests::base_server, %{$test->{"server2"}}) };

        } else {

	    $test->{"server2"} = { (%ssltests::base_server, %{$test->{"server"}}) };

            $test->{"server2"} = { };

        }

        $test->{"client"} = { (%ssltests::base_client, %{$test->{"client"}}) };

    }
@@ -98,8 +98,7 @@ sub print_templates { 
# Shamelessly copied from Configure.

sub read_config {

    my $fname = shift;

    open(INPUT, "< $fname")

	or die "Can't open input file '$fname'!\n";

    open(INPUT, "< $fname") or die "Can't open input file '$fname'!\n";

    local $/ = undef;

    my $content = <INPUT>;

    close(INPUT);

test/ssl-tests/01-simple.conf

+0 −18
Original line number Diff line number Diff line
@@ -11,7 +11,6 @@ ssl_conf = 0-default-ssl 


[0-default-ssl]

server = 0-default-server

server2 = 0-default-server2

client = 0-default-client



[0-default-server]
@@ -19,19 +18,11 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 
CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[0-default-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[0-default-client]

CipherString = DEFAULT

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-0]

ExpectedResult = Success
@@ -43,7 +34,6 @@ ssl_conf = 1-verify-cert-ssl 


[1-verify-cert-ssl]

server = 1-verify-cert-server

server2 = 1-verify-cert-server2

client = 1-verify-cert-client



[1-verify-cert-server]
@@ -51,18 +41,10 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 
CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[1-verify-cert-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[1-verify-cert-client]

CipherString = DEFAULT

VerifyMode = Peer





[test-1]

ClientAlert = UnknownCA

ExpectedResult = ClientFail

test/ssl-tests/02-protocol-version.conf

+15 −3796

File changed.

Preview size limit exceeded, changes collapsed.

test/ssl-tests/03-custom_verify.conf

+0 −81
Original line number Diff line number Diff line
@@ -18,7 +18,6 @@ ssl_conf = 0-verify-success-ssl 


[0-verify-success-ssl]

server = 0-verify-success-server

server2 = 0-verify-success-server2

client = 0-verify-success-client



[0-verify-success-server]
@@ -26,19 +25,11 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 
CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[0-verify-success-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[0-verify-success-client]

CipherString = DEFAULT

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-0]

ExpectedResult = Success
@@ -50,7 +41,6 @@ ssl_conf = 1-verify-custom-reject-ssl 


[1-verify-custom-reject-ssl]

server = 1-verify-custom-reject-server

server2 = 1-verify-custom-reject-server2

client = 1-verify-custom-reject-client



[1-verify-custom-reject-server]
@@ -58,19 +48,11 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 
CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[1-verify-custom-reject-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[1-verify-custom-reject-client]

CipherString = DEFAULT

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-1]

ClientAlert = HandshakeFailure

ClientVerifyCallback = RejectAll
@@ -84,7 +66,6 @@ ssl_conf = 2-verify-custom-allow-ssl 


[2-verify-custom-allow-ssl]

server = 2-verify-custom-allow-server

server2 = 2-verify-custom-allow-server2

client = 2-verify-custom-allow-client



[2-verify-custom-allow-server]
@@ -92,19 +73,11 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 
CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[2-verify-custom-allow-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[2-verify-custom-allow-client]

CipherString = DEFAULT

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-2]

ClientVerifyCallback = AcceptAll

ExpectedResult = Success
@@ -117,7 +90,6 @@ ssl_conf = 3-noverify-success-ssl 


[3-noverify-success-ssl]

server = 3-noverify-success-server

server2 = 3-noverify-success-server2

client = 3-noverify-success-client



[3-noverify-success-server]
@@ -125,17 +97,9 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 
CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[3-noverify-success-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[3-noverify-success-client]

CipherString = DEFAULT





[test-3]

ExpectedResult = Success
@@ -147,7 +111,6 @@ ssl_conf = 4-noverify-ignore-custom-reject-ssl 


[4-noverify-ignore-custom-reject-ssl]

server = 4-noverify-ignore-custom-reject-server

server2 = 4-noverify-ignore-custom-reject-server2

client = 4-noverify-ignore-custom-reject-client



[4-noverify-ignore-custom-reject-server]
@@ -155,17 +118,9 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 
CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[4-noverify-ignore-custom-reject-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[4-noverify-ignore-custom-reject-client]

CipherString = DEFAULT





[test-4]

ClientVerifyCallback = RejectAll

ExpectedResult = Success
@@ -178,7 +133,6 @@ ssl_conf = 5-noverify-accept-custom-allow-ssl 


[5-noverify-accept-custom-allow-ssl]

server = 5-noverify-accept-custom-allow-server

server2 = 5-noverify-accept-custom-allow-server2

client = 5-noverify-accept-custom-allow-client



[5-noverify-accept-custom-allow-server]
@@ -186,17 +140,9 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 
CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[5-noverify-accept-custom-allow-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[5-noverify-accept-custom-allow-client]

CipherString = DEFAULT





[test-5]

ClientVerifyCallback = AcceptAll

ExpectedResult = Success
@@ -209,7 +155,6 @@ ssl_conf = 6-verify-fail-no-root-ssl 


[6-verify-fail-no-root-ssl]

server = 6-verify-fail-no-root-server

server2 = 6-verify-fail-no-root-server2

client = 6-verify-fail-no-root-client



[6-verify-fail-no-root-server]
@@ -217,18 +162,10 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 
CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[6-verify-fail-no-root-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[6-verify-fail-no-root-client]

CipherString = DEFAULT

VerifyMode = Peer





[test-6]

ClientAlert = UnknownCA

ExpectedResult = ClientFail
@@ -241,7 +178,6 @@ ssl_conf = 7-verify-custom-success-no-root-ssl 


[7-verify-custom-success-no-root-ssl]

server = 7-verify-custom-success-no-root-server

server2 = 7-verify-custom-success-no-root-server2

client = 7-verify-custom-success-no-root-client



[7-verify-custom-success-no-root-server]
@@ -249,18 +185,10 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 
CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[7-verify-custom-success-no-root-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[7-verify-custom-success-no-root-client]

CipherString = DEFAULT

VerifyMode = Peer





[test-7]

ClientVerifyCallback = AcceptAll

ExpectedResult = Success
@@ -273,7 +201,6 @@ ssl_conf = 8-verify-custom-fail-no-root-ssl 


[8-verify-custom-fail-no-root-ssl]

server = 8-verify-custom-fail-no-root-server

server2 = 8-verify-custom-fail-no-root-server2

client = 8-verify-custom-fail-no-root-client



[8-verify-custom-fail-no-root-server]
@@ -281,18 +208,10 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 
CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[8-verify-custom-fail-no-root-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[8-verify-custom-fail-no-root-client]

CipherString = DEFAULT

VerifyMode = Peer





[test-8]

ClientAlert = HandshakeFailure

ClientVerifyCallback = RejectAll

test/ssl-tests/04-client_auth.conf

+0 −219
Original line number Diff line number Diff line
@@ -29,7 +29,6 @@ ssl_conf = 0-server-auth-flex-ssl 


[0-server-auth-flex-ssl]

server = 0-server-auth-flex-server

server2 = 0-server-auth-flex-server2

client = 0-server-auth-flex-client



[0-server-auth-flex-server]
@@ -37,19 +36,11 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 
CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[0-server-auth-flex-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem





[0-server-auth-flex-client]

CipherString = DEFAULT

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-0]

ExpectedResult = Success
@@ -61,7 +52,6 @@ ssl_conf = 1-client-auth-flex-request-ssl 


[1-client-auth-flex-request-ssl]

server = 1-client-auth-flex-request-server

server2 = 1-client-auth-flex-request-server2

client = 1-client-auth-flex-request-client



[1-client-auth-flex-request-server]
@@ -70,20 +60,11 @@ CipherString = DEFAULT 
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

VerifyMode = Request





[1-client-auth-flex-request-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

VerifyMode = Request





[1-client-auth-flex-request-client]

CipherString = DEFAULT

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-1]

ExpectedResult = Success
@@ -95,7 +76,6 @@ ssl_conf = 2-client-auth-flex-require-fail-ssl 


[2-client-auth-flex-require-fail-ssl]

server = 2-client-auth-flex-require-fail-server

server2 = 2-client-auth-flex-require-fail-server2

client = 2-client-auth-flex-require-fail-client



[2-client-auth-flex-require-fail-server]
@@ -105,21 +85,11 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem

VerifyMode = Require





[2-client-auth-flex-require-fail-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem

VerifyMode = Require





[2-client-auth-flex-require-fail-client]

CipherString = DEFAULT

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-2]

ExpectedResult = ServerFail

ServerAlert = HandshakeFailure
@@ -132,7 +102,6 @@ ssl_conf = 3-client-auth-flex-require-ssl 


[3-client-auth-flex-require-ssl]

server = 3-client-auth-flex-require-server

server2 = 3-client-auth-flex-require-server2

client = 3-client-auth-flex-require-client



[3-client-auth-flex-require-server]
@@ -142,15 +111,6 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem

VerifyMode = Request





[3-client-auth-flex-require-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem

VerifyMode = Request





[3-client-auth-flex-require-client]

Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem

CipherString = DEFAULT
@@ -158,7 +118,6 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem 
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-3]

ExpectedResult = Success
@@ -170,7 +129,6 @@ ssl_conf = 4-client-auth-flex-noroot-ssl 


[4-client-auth-flex-noroot-ssl]

server = 4-client-auth-flex-noroot-server

server2 = 4-client-auth-flex-noroot-server2

client = 4-client-auth-flex-noroot-client



[4-client-auth-flex-noroot-server]
@@ -179,14 +137,6 @@ CipherString = DEFAULT 
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

VerifyMode = Require





[4-client-auth-flex-noroot-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

VerifyMode = Require





[4-client-auth-flex-noroot-client]

Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem

CipherString = DEFAULT
@@ -194,7 +144,6 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem 
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-4]

ExpectedResult = ServerFail

ServerAlert = UnknownCA
@@ -207,7 +156,6 @@ ssl_conf = 5-server-auth-TLSv1-ssl 


[5-server-auth-TLSv1-ssl]

server = 5-server-auth-TLSv1-server

server2 = 5-server-auth-TLSv1-server2

client = 5-server-auth-TLSv1-client



[5-server-auth-TLSv1-server]
@@ -216,21 +164,12 @@ CipherString = DEFAULT 
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

Protocol = TLSv1





[5-server-auth-TLSv1-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

Protocol = TLSv1





[5-server-auth-TLSv1-client]

CipherString = DEFAULT

Protocol = TLSv1

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-5]

ExpectedResult = Success
@@ -242,7 +181,6 @@ ssl_conf = 6-client-auth-TLSv1-request-ssl 


[6-client-auth-TLSv1-request-ssl]

server = 6-client-auth-TLSv1-request-server

server2 = 6-client-auth-TLSv1-request-server2

client = 6-client-auth-TLSv1-request-client



[6-client-auth-TLSv1-request-server]
@@ -252,22 +190,12 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 
Protocol = TLSv1

VerifyMode = Request





[6-client-auth-TLSv1-request-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

Protocol = TLSv1

VerifyMode = Request





[6-client-auth-TLSv1-request-client]

CipherString = DEFAULT

Protocol = TLSv1

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-6]

ExpectedResult = Success
@@ -279,7 +207,6 @@ ssl_conf = 7-client-auth-TLSv1-require-fail-ssl 


[7-client-auth-TLSv1-require-fail-ssl]

server = 7-client-auth-TLSv1-require-fail-server

server2 = 7-client-auth-TLSv1-require-fail-server2

client = 7-client-auth-TLSv1-require-fail-client



[7-client-auth-TLSv1-require-fail-server]
@@ -290,23 +217,12 @@ Protocol = TLSv1 
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem

VerifyMode = Require





[7-client-auth-TLSv1-require-fail-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

Protocol = TLSv1

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem

VerifyMode = Require





[7-client-auth-TLSv1-require-fail-client]

CipherString = DEFAULT

Protocol = TLSv1

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-7]

ExpectedResult = ServerFail

ServerAlert = HandshakeFailure
@@ -319,7 +235,6 @@ ssl_conf = 8-client-auth-TLSv1-require-ssl 


[8-client-auth-TLSv1-require-ssl]

server = 8-client-auth-TLSv1-require-server

server2 = 8-client-auth-TLSv1-require-server2

client = 8-client-auth-TLSv1-require-client



[8-client-auth-TLSv1-require-server]
@@ -330,16 +245,6 @@ Protocol = TLSv1 
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem

VerifyMode = Request





[8-client-auth-TLSv1-require-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

Protocol = TLSv1

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem

VerifyMode = Request





[8-client-auth-TLSv1-require-client]

Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem

CipherString = DEFAULT
@@ -348,7 +253,6 @@ Protocol = TLSv1 
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-8]

ExpectedResult = Success
@@ -360,7 +264,6 @@ ssl_conf = 9-client-auth-TLSv1-noroot-ssl 


[9-client-auth-TLSv1-noroot-ssl]

server = 9-client-auth-TLSv1-noroot-server

server2 = 9-client-auth-TLSv1-noroot-server2

client = 9-client-auth-TLSv1-noroot-client



[9-client-auth-TLSv1-noroot-server]
@@ -370,15 +273,6 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 
Protocol = TLSv1

VerifyMode = Require





[9-client-auth-TLSv1-noroot-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

Protocol = TLSv1

VerifyMode = Require





[9-client-auth-TLSv1-noroot-client]

Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem

CipherString = DEFAULT
@@ -387,7 +281,6 @@ Protocol = TLSv1 
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-9]

ExpectedResult = ServerFail

ServerAlert = UnknownCA
@@ -400,7 +293,6 @@ ssl_conf = 10-server-auth-TLSv1.1-ssl 


[10-server-auth-TLSv1.1-ssl]

server = 10-server-auth-TLSv1.1-server

server2 = 10-server-auth-TLSv1.1-server2

client = 10-server-auth-TLSv1.1-client



[10-server-auth-TLSv1.1-server]
@@ -409,21 +301,12 @@ CipherString = DEFAULT 
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

Protocol = TLSv1.1





[10-server-auth-TLSv1.1-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

Protocol = TLSv1.1





[10-server-auth-TLSv1.1-client]

CipherString = DEFAULT

Protocol = TLSv1.1

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-10]

ExpectedResult = Success
@@ -435,7 +318,6 @@ ssl_conf = 11-client-auth-TLSv1.1-request-ssl 


[11-client-auth-TLSv1.1-request-ssl]

server = 11-client-auth-TLSv1.1-request-server

server2 = 11-client-auth-TLSv1.1-request-server2

client = 11-client-auth-TLSv1.1-request-client



[11-client-auth-TLSv1.1-request-server]
@@ -445,22 +327,12 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 
Protocol = TLSv1.1

VerifyMode = Request





[11-client-auth-TLSv1.1-request-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

Protocol = TLSv1.1

VerifyMode = Request





[11-client-auth-TLSv1.1-request-client]

CipherString = DEFAULT

Protocol = TLSv1.1

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-11]

ExpectedResult = Success
@@ -472,7 +344,6 @@ ssl_conf = 12-client-auth-TLSv1.1-require-fail-ssl 


[12-client-auth-TLSv1.1-require-fail-ssl]

server = 12-client-auth-TLSv1.1-require-fail-server

server2 = 12-client-auth-TLSv1.1-require-fail-server2

client = 12-client-auth-TLSv1.1-require-fail-client



[12-client-auth-TLSv1.1-require-fail-server]
@@ -483,23 +354,12 @@ Protocol = TLSv1.1 
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem

VerifyMode = Require





[12-client-auth-TLSv1.1-require-fail-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

Protocol = TLSv1.1

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem

VerifyMode = Require





[12-client-auth-TLSv1.1-require-fail-client]

CipherString = DEFAULT

Protocol = TLSv1.1

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-12]

ExpectedResult = ServerFail

ServerAlert = HandshakeFailure
@@ -512,7 +372,6 @@ ssl_conf = 13-client-auth-TLSv1.1-require-ssl 


[13-client-auth-TLSv1.1-require-ssl]

server = 13-client-auth-TLSv1.1-require-server

server2 = 13-client-auth-TLSv1.1-require-server2

client = 13-client-auth-TLSv1.1-require-client



[13-client-auth-TLSv1.1-require-server]
@@ -523,16 +382,6 @@ Protocol = TLSv1.1 
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem

VerifyMode = Request





[13-client-auth-TLSv1.1-require-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

Protocol = TLSv1.1

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem

VerifyMode = Request





[13-client-auth-TLSv1.1-require-client]

Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem

CipherString = DEFAULT
@@ -541,7 +390,6 @@ Protocol = TLSv1.1 
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-13]

ExpectedResult = Success
@@ -553,7 +401,6 @@ ssl_conf = 14-client-auth-TLSv1.1-noroot-ssl 


[14-client-auth-TLSv1.1-noroot-ssl]

server = 14-client-auth-TLSv1.1-noroot-server

server2 = 14-client-auth-TLSv1.1-noroot-server2

client = 14-client-auth-TLSv1.1-noroot-client



[14-client-auth-TLSv1.1-noroot-server]
@@ -563,15 +410,6 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 
Protocol = TLSv1.1

VerifyMode = Require





[14-client-auth-TLSv1.1-noroot-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

Protocol = TLSv1.1

VerifyMode = Require





[14-client-auth-TLSv1.1-noroot-client]

Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem

CipherString = DEFAULT
@@ -580,7 +418,6 @@ Protocol = TLSv1.1 
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-14]

ExpectedResult = ServerFail

ServerAlert = UnknownCA
@@ -593,7 +430,6 @@ ssl_conf = 15-server-auth-TLSv1.2-ssl 


[15-server-auth-TLSv1.2-ssl]

server = 15-server-auth-TLSv1.2-server

server2 = 15-server-auth-TLSv1.2-server2

client = 15-server-auth-TLSv1.2-client



[15-server-auth-TLSv1.2-server]
@@ -602,21 +438,12 @@ CipherString = DEFAULT 
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

Protocol = TLSv1.2





[15-server-auth-TLSv1.2-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

Protocol = TLSv1.2





[15-server-auth-TLSv1.2-client]

CipherString = DEFAULT

Protocol = TLSv1.2

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-15]

ExpectedResult = Success
@@ -628,7 +455,6 @@ ssl_conf = 16-client-auth-TLSv1.2-request-ssl 


[16-client-auth-TLSv1.2-request-ssl]

server = 16-client-auth-TLSv1.2-request-server

server2 = 16-client-auth-TLSv1.2-request-server2

client = 16-client-auth-TLSv1.2-request-client



[16-client-auth-TLSv1.2-request-server]
@@ -638,22 +464,12 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 
Protocol = TLSv1.2

VerifyMode = Request





[16-client-auth-TLSv1.2-request-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

Protocol = TLSv1.2

VerifyMode = Request





[16-client-auth-TLSv1.2-request-client]

CipherString = DEFAULT

Protocol = TLSv1.2

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-16]

ExpectedResult = Success
@@ -665,7 +481,6 @@ ssl_conf = 17-client-auth-TLSv1.2-require-fail-ssl 


[17-client-auth-TLSv1.2-require-fail-ssl]

server = 17-client-auth-TLSv1.2-require-fail-server

server2 = 17-client-auth-TLSv1.2-require-fail-server2

client = 17-client-auth-TLSv1.2-require-fail-client



[17-client-auth-TLSv1.2-require-fail-server]
@@ -676,23 +491,12 @@ Protocol = TLSv1.2 
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem

VerifyMode = Require





[17-client-auth-TLSv1.2-require-fail-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

Protocol = TLSv1.2

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem

VerifyMode = Require





[17-client-auth-TLSv1.2-require-fail-client]

CipherString = DEFAULT

Protocol = TLSv1.2

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-17]

ExpectedResult = ServerFail

ServerAlert = HandshakeFailure
@@ -705,7 +509,6 @@ ssl_conf = 18-client-auth-TLSv1.2-require-ssl 


[18-client-auth-TLSv1.2-require-ssl]

server = 18-client-auth-TLSv1.2-require-server

server2 = 18-client-auth-TLSv1.2-require-server2

client = 18-client-auth-TLSv1.2-require-client



[18-client-auth-TLSv1.2-require-server]
@@ -716,16 +519,6 @@ Protocol = TLSv1.2 
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem

VerifyMode = Request





[18-client-auth-TLSv1.2-require-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

Protocol = TLSv1.2

VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem

VerifyMode = Request





[18-client-auth-TLSv1.2-require-client]

Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem

CipherString = DEFAULT
@@ -734,7 +527,6 @@ Protocol = TLSv1.2 
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-18]

ExpectedResult = Success
@@ -746,7 +538,6 @@ ssl_conf = 19-client-auth-TLSv1.2-noroot-ssl 


[19-client-auth-TLSv1.2-noroot-ssl]

server = 19-client-auth-TLSv1.2-noroot-server

server2 = 19-client-auth-TLSv1.2-noroot-server2

client = 19-client-auth-TLSv1.2-noroot-client



[19-client-auth-TLSv1.2-noroot-server]
@@ -756,15 +547,6 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 
Protocol = TLSv1.2

VerifyMode = Require





[19-client-auth-TLSv1.2-noroot-server2]

Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem

CipherString = DEFAULT

PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

Protocol = TLSv1.2

VerifyMode = Require





[19-client-auth-TLSv1.2-noroot-client]

Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem

CipherString = DEFAULT
@@ -773,7 +555,6 @@ Protocol = TLSv1.2 
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem

VerifyMode = Peer





[test-19]

ExpectedResult = ServerFail

ServerAlert = UnknownCA