SSL test: only write out server2 when testing SNI (b0292980) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

test/generate_ssl_tests.pl

+6 −7

Original line number	Diff line number	Diff line
		@@ -43,11 +43,11 @@ sub print_templates {
		# Add the implicit base configuration.
		foreach my $test (@ssltests::tests) {
		$test->{"server"} = { (%ssltests::base_server, %{$test->{"server"}}) };
		# use server values if server2 is not defined
		# Do not emit an empty "server2" section.
		if (defined $test->{"server2"}) {
		$test->{"server2"} = { (%ssltests::base_server, %{$test->{"server2"}}) };
		} else {
		$test->{"server2"} = { (%ssltests::base_server, %{$test->{"server"}}) };
		$test->{"server2"} = { };
		}
		$test->{"client"} = { (%ssltests::base_client, %{$test->{"client"}}) };
		}
		@@ -98,8 +98,7 @@ sub print_templates {
		# Shamelessly copied from Configure.
		sub read_config {
		my $fname = shift;
		open(INPUT, "< $fname")
		or die "Can't open input file '$fname'!\n";
		open(INPUT, "< $fname") or die "Can't open input file '$fname'!\n";
		local $/ = undef;
		my $content = <INPUT>;
		close(INPUT);

test/ssl-tests/01-simple.conf

+0 −18

Original line number	Diff line number	Diff line
		@@ -11,7 +11,6 @@ ssl_conf = 0-default-ssl

		[0-default-ssl]
		server = 0-default-server
		server2 = 0-default-server2
		client = 0-default-client

		[0-default-server]
		@@ -19,19 +18,11 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[0-default-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[0-default-client]
		CipherString = DEFAULT
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-0]
		ExpectedResult = Success

		@@ -43,7 +34,6 @@ ssl_conf = 1-verify-cert-ssl

		[1-verify-cert-ssl]
		server = 1-verify-cert-server
		server2 = 1-verify-cert-server2
		client = 1-verify-cert-client

		[1-verify-cert-server]
		@@ -51,18 +41,10 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[1-verify-cert-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[1-verify-cert-client]
		CipherString = DEFAULT
		VerifyMode = Peer


		[test-1]
		ClientAlert = UnknownCA
		ExpectedResult = ClientFail

test/ssl-tests/02-protocol-version.conf

+15 −3796

File changed.

Preview size limit exceeded, changes collapsed.

test/ssl-tests/03-custom_verify.conf

+0 −81

Original line number	Diff line number	Diff line
		@@ -18,7 +18,6 @@ ssl_conf = 0-verify-success-ssl

		[0-verify-success-ssl]
		server = 0-verify-success-server
		server2 = 0-verify-success-server2
		client = 0-verify-success-client

		[0-verify-success-server]
		@@ -26,19 +25,11 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[0-verify-success-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[0-verify-success-client]
		CipherString = DEFAULT
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-0]
		ExpectedResult = Success

		@@ -50,7 +41,6 @@ ssl_conf = 1-verify-custom-reject-ssl

		[1-verify-custom-reject-ssl]
		server = 1-verify-custom-reject-server
		server2 = 1-verify-custom-reject-server2
		client = 1-verify-custom-reject-client

		[1-verify-custom-reject-server]
		@@ -58,19 +48,11 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[1-verify-custom-reject-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[1-verify-custom-reject-client]
		CipherString = DEFAULT
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-1]
		ClientAlert = HandshakeFailure
		ClientVerifyCallback = RejectAll
		@@ -84,7 +66,6 @@ ssl_conf = 2-verify-custom-allow-ssl

		[2-verify-custom-allow-ssl]
		server = 2-verify-custom-allow-server
		server2 = 2-verify-custom-allow-server2
		client = 2-verify-custom-allow-client

		[2-verify-custom-allow-server]
		@@ -92,19 +73,11 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[2-verify-custom-allow-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[2-verify-custom-allow-client]
		CipherString = DEFAULT
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-2]
		ClientVerifyCallback = AcceptAll
		ExpectedResult = Success
		@@ -117,7 +90,6 @@ ssl_conf = 3-noverify-success-ssl

		[3-noverify-success-ssl]
		server = 3-noverify-success-server
		server2 = 3-noverify-success-server2
		client = 3-noverify-success-client

		[3-noverify-success-server]
		@@ -125,17 +97,9 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[3-noverify-success-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[3-noverify-success-client]
		CipherString = DEFAULT


		[test-3]
		ExpectedResult = Success

		@@ -147,7 +111,6 @@ ssl_conf = 4-noverify-ignore-custom-reject-ssl

		[4-noverify-ignore-custom-reject-ssl]
		server = 4-noverify-ignore-custom-reject-server
		server2 = 4-noverify-ignore-custom-reject-server2
		client = 4-noverify-ignore-custom-reject-client

		[4-noverify-ignore-custom-reject-server]
		@@ -155,17 +118,9 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[4-noverify-ignore-custom-reject-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[4-noverify-ignore-custom-reject-client]
		CipherString = DEFAULT


		[test-4]
		ClientVerifyCallback = RejectAll
		ExpectedResult = Success
		@@ -178,7 +133,6 @@ ssl_conf = 5-noverify-accept-custom-allow-ssl

		[5-noverify-accept-custom-allow-ssl]
		server = 5-noverify-accept-custom-allow-server
		server2 = 5-noverify-accept-custom-allow-server2
		client = 5-noverify-accept-custom-allow-client

		[5-noverify-accept-custom-allow-server]
		@@ -186,17 +140,9 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[5-noverify-accept-custom-allow-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[5-noverify-accept-custom-allow-client]
		CipherString = DEFAULT


		[test-5]
		ClientVerifyCallback = AcceptAll
		ExpectedResult = Success
		@@ -209,7 +155,6 @@ ssl_conf = 6-verify-fail-no-root-ssl

		[6-verify-fail-no-root-ssl]
		server = 6-verify-fail-no-root-server
		server2 = 6-verify-fail-no-root-server2
		client = 6-verify-fail-no-root-client

		[6-verify-fail-no-root-server]
		@@ -217,18 +162,10 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[6-verify-fail-no-root-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[6-verify-fail-no-root-client]
		CipherString = DEFAULT
		VerifyMode = Peer


		[test-6]
		ClientAlert = UnknownCA
		ExpectedResult = ClientFail
		@@ -241,7 +178,6 @@ ssl_conf = 7-verify-custom-success-no-root-ssl

		[7-verify-custom-success-no-root-ssl]
		server = 7-verify-custom-success-no-root-server
		server2 = 7-verify-custom-success-no-root-server2
		client = 7-verify-custom-success-no-root-client

		[7-verify-custom-success-no-root-server]
		@@ -249,18 +185,10 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[7-verify-custom-success-no-root-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[7-verify-custom-success-no-root-client]
		CipherString = DEFAULT
		VerifyMode = Peer


		[test-7]
		ClientVerifyCallback = AcceptAll
		ExpectedResult = Success
		@@ -273,7 +201,6 @@ ssl_conf = 8-verify-custom-fail-no-root-ssl

		[8-verify-custom-fail-no-root-ssl]
		server = 8-verify-custom-fail-no-root-server
		server2 = 8-verify-custom-fail-no-root-server2
		client = 8-verify-custom-fail-no-root-client

		[8-verify-custom-fail-no-root-server]
		@@ -281,18 +208,10 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[8-verify-custom-fail-no-root-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[8-verify-custom-fail-no-root-client]
		CipherString = DEFAULT
		VerifyMode = Peer


		[test-8]
		ClientAlert = HandshakeFailure
		ClientVerifyCallback = RejectAll

test/ssl-tests/04-client_auth.conf

+0 −219

Original line number	Diff line number	Diff line
		@@ -29,7 +29,6 @@ ssl_conf = 0-server-auth-flex-ssl

		[0-server-auth-flex-ssl]
		server = 0-server-auth-flex-server
		server2 = 0-server-auth-flex-server2
		client = 0-server-auth-flex-client

		[0-server-auth-flex-server]
		@@ -37,19 +36,11 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[0-server-auth-flex-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem


		[0-server-auth-flex-client]
		CipherString = DEFAULT
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-0]
		ExpectedResult = Success

		@@ -61,7 +52,6 @@ ssl_conf = 1-client-auth-flex-request-ssl

		[1-client-auth-flex-request-ssl]
		server = 1-client-auth-flex-request-server
		server2 = 1-client-auth-flex-request-server2
		client = 1-client-auth-flex-request-client

		[1-client-auth-flex-request-server]
		@@ -70,20 +60,11 @@ CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		VerifyMode = Request


		[1-client-auth-flex-request-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		VerifyMode = Request


		[1-client-auth-flex-request-client]
		CipherString = DEFAULT
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-1]
		ExpectedResult = Success

		@@ -95,7 +76,6 @@ ssl_conf = 2-client-auth-flex-require-fail-ssl

		[2-client-auth-flex-require-fail-ssl]
		server = 2-client-auth-flex-require-fail-server
		server2 = 2-client-auth-flex-require-fail-server2
		client = 2-client-auth-flex-require-fail-client

		[2-client-auth-flex-require-fail-server]
		@@ -105,21 +85,11 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
		VerifyMode = Require


		[2-client-auth-flex-require-fail-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
		VerifyMode = Require


		[2-client-auth-flex-require-fail-client]
		CipherString = DEFAULT
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-2]
		ExpectedResult = ServerFail
		ServerAlert = HandshakeFailure
		@@ -132,7 +102,6 @@ ssl_conf = 3-client-auth-flex-require-ssl

		[3-client-auth-flex-require-ssl]
		server = 3-client-auth-flex-require-server
		server2 = 3-client-auth-flex-require-server2
		client = 3-client-auth-flex-require-client

		[3-client-auth-flex-require-server]
		@@ -142,15 +111,6 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
		VerifyMode = Request


		[3-client-auth-flex-require-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
		VerifyMode = Request


		[3-client-auth-flex-require-client]
		Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
		CipherString = DEFAULT
		@@ -158,7 +118,6 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-3]
		ExpectedResult = Success

		@@ -170,7 +129,6 @@ ssl_conf = 4-client-auth-flex-noroot-ssl

		[4-client-auth-flex-noroot-ssl]
		server = 4-client-auth-flex-noroot-server
		server2 = 4-client-auth-flex-noroot-server2
		client = 4-client-auth-flex-noroot-client

		[4-client-auth-flex-noroot-server]
		@@ -179,14 +137,6 @@ CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		VerifyMode = Require


		[4-client-auth-flex-noroot-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		VerifyMode = Require


		[4-client-auth-flex-noroot-client]
		Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
		CipherString = DEFAULT
		@@ -194,7 +144,6 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-4]
		ExpectedResult = ServerFail
		ServerAlert = UnknownCA
		@@ -207,7 +156,6 @@ ssl_conf = 5-server-auth-TLSv1-ssl

		[5-server-auth-TLSv1-ssl]
		server = 5-server-auth-TLSv1-server
		server2 = 5-server-auth-TLSv1-server2
		client = 5-server-auth-TLSv1-client

		[5-server-auth-TLSv1-server]
		@@ -216,21 +164,12 @@ CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1


		[5-server-auth-TLSv1-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1


		[5-server-auth-TLSv1-client]
		CipherString = DEFAULT
		Protocol = TLSv1
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-5]
		ExpectedResult = Success

		@@ -242,7 +181,6 @@ ssl_conf = 6-client-auth-TLSv1-request-ssl

		[6-client-auth-TLSv1-request-ssl]
		server = 6-client-auth-TLSv1-request-server
		server2 = 6-client-auth-TLSv1-request-server2
		client = 6-client-auth-TLSv1-request-client

		[6-client-auth-TLSv1-request-server]
		@@ -252,22 +190,12 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1
		VerifyMode = Request


		[6-client-auth-TLSv1-request-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1
		VerifyMode = Request


		[6-client-auth-TLSv1-request-client]
		CipherString = DEFAULT
		Protocol = TLSv1
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-6]
		ExpectedResult = Success

		@@ -279,7 +207,6 @@ ssl_conf = 7-client-auth-TLSv1-require-fail-ssl

		[7-client-auth-TLSv1-require-fail-ssl]
		server = 7-client-auth-TLSv1-require-fail-server
		server2 = 7-client-auth-TLSv1-require-fail-server2
		client = 7-client-auth-TLSv1-require-fail-client

		[7-client-auth-TLSv1-require-fail-server]
		@@ -290,23 +217,12 @@ Protocol = TLSv1
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
		VerifyMode = Require


		[7-client-auth-TLSv1-require-fail-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
		VerifyMode = Require


		[7-client-auth-TLSv1-require-fail-client]
		CipherString = DEFAULT
		Protocol = TLSv1
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-7]
		ExpectedResult = ServerFail
		ServerAlert = HandshakeFailure
		@@ -319,7 +235,6 @@ ssl_conf = 8-client-auth-TLSv1-require-ssl

		[8-client-auth-TLSv1-require-ssl]
		server = 8-client-auth-TLSv1-require-server
		server2 = 8-client-auth-TLSv1-require-server2
		client = 8-client-auth-TLSv1-require-client

		[8-client-auth-TLSv1-require-server]
		@@ -330,16 +245,6 @@ Protocol = TLSv1
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
		VerifyMode = Request


		[8-client-auth-TLSv1-require-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
		VerifyMode = Request


		[8-client-auth-TLSv1-require-client]
		Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
		CipherString = DEFAULT
		@@ -348,7 +253,6 @@ Protocol = TLSv1
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-8]
		ExpectedResult = Success

		@@ -360,7 +264,6 @@ ssl_conf = 9-client-auth-TLSv1-noroot-ssl

		[9-client-auth-TLSv1-noroot-ssl]
		server = 9-client-auth-TLSv1-noroot-server
		server2 = 9-client-auth-TLSv1-noroot-server2
		client = 9-client-auth-TLSv1-noroot-client

		[9-client-auth-TLSv1-noroot-server]
		@@ -370,15 +273,6 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1
		VerifyMode = Require


		[9-client-auth-TLSv1-noroot-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1
		VerifyMode = Require


		[9-client-auth-TLSv1-noroot-client]
		Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
		CipherString = DEFAULT
		@@ -387,7 +281,6 @@ Protocol = TLSv1
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-9]
		ExpectedResult = ServerFail
		ServerAlert = UnknownCA
		@@ -400,7 +293,6 @@ ssl_conf = 10-server-auth-TLSv1.1-ssl

		[10-server-auth-TLSv1.1-ssl]
		server = 10-server-auth-TLSv1.1-server
		server2 = 10-server-auth-TLSv1.1-server2
		client = 10-server-auth-TLSv1.1-client

		[10-server-auth-TLSv1.1-server]
		@@ -409,21 +301,12 @@ CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1.1


		[10-server-auth-TLSv1.1-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1.1


		[10-server-auth-TLSv1.1-client]
		CipherString = DEFAULT
		Protocol = TLSv1.1
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-10]
		ExpectedResult = Success

		@@ -435,7 +318,6 @@ ssl_conf = 11-client-auth-TLSv1.1-request-ssl

		[11-client-auth-TLSv1.1-request-ssl]
		server = 11-client-auth-TLSv1.1-request-server
		server2 = 11-client-auth-TLSv1.1-request-server2
		client = 11-client-auth-TLSv1.1-request-client

		[11-client-auth-TLSv1.1-request-server]
		@@ -445,22 +327,12 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1.1
		VerifyMode = Request


		[11-client-auth-TLSv1.1-request-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1.1
		VerifyMode = Request


		[11-client-auth-TLSv1.1-request-client]
		CipherString = DEFAULT
		Protocol = TLSv1.1
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-11]
		ExpectedResult = Success

		@@ -472,7 +344,6 @@ ssl_conf = 12-client-auth-TLSv1.1-require-fail-ssl

		[12-client-auth-TLSv1.1-require-fail-ssl]
		server = 12-client-auth-TLSv1.1-require-fail-server
		server2 = 12-client-auth-TLSv1.1-require-fail-server2
		client = 12-client-auth-TLSv1.1-require-fail-client

		[12-client-auth-TLSv1.1-require-fail-server]
		@@ -483,23 +354,12 @@ Protocol = TLSv1.1
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
		VerifyMode = Require


		[12-client-auth-TLSv1.1-require-fail-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1.1
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
		VerifyMode = Require


		[12-client-auth-TLSv1.1-require-fail-client]
		CipherString = DEFAULT
		Protocol = TLSv1.1
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-12]
		ExpectedResult = ServerFail
		ServerAlert = HandshakeFailure
		@@ -512,7 +372,6 @@ ssl_conf = 13-client-auth-TLSv1.1-require-ssl

		[13-client-auth-TLSv1.1-require-ssl]
		server = 13-client-auth-TLSv1.1-require-server
		server2 = 13-client-auth-TLSv1.1-require-server2
		client = 13-client-auth-TLSv1.1-require-client

		[13-client-auth-TLSv1.1-require-server]
		@@ -523,16 +382,6 @@ Protocol = TLSv1.1
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
		VerifyMode = Request


		[13-client-auth-TLSv1.1-require-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1.1
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
		VerifyMode = Request


		[13-client-auth-TLSv1.1-require-client]
		Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
		CipherString = DEFAULT
		@@ -541,7 +390,6 @@ Protocol = TLSv1.1
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-13]
		ExpectedResult = Success

		@@ -553,7 +401,6 @@ ssl_conf = 14-client-auth-TLSv1.1-noroot-ssl

		[14-client-auth-TLSv1.1-noroot-ssl]
		server = 14-client-auth-TLSv1.1-noroot-server
		server2 = 14-client-auth-TLSv1.1-noroot-server2
		client = 14-client-auth-TLSv1.1-noroot-client

		[14-client-auth-TLSv1.1-noroot-server]
		@@ -563,15 +410,6 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1.1
		VerifyMode = Require


		[14-client-auth-TLSv1.1-noroot-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1.1
		VerifyMode = Require


		[14-client-auth-TLSv1.1-noroot-client]
		Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
		CipherString = DEFAULT
		@@ -580,7 +418,6 @@ Protocol = TLSv1.1
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-14]
		ExpectedResult = ServerFail
		ServerAlert = UnknownCA
		@@ -593,7 +430,6 @@ ssl_conf = 15-server-auth-TLSv1.2-ssl

		[15-server-auth-TLSv1.2-ssl]
		server = 15-server-auth-TLSv1.2-server
		server2 = 15-server-auth-TLSv1.2-server2
		client = 15-server-auth-TLSv1.2-client

		[15-server-auth-TLSv1.2-server]
		@@ -602,21 +438,12 @@ CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1.2


		[15-server-auth-TLSv1.2-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1.2


		[15-server-auth-TLSv1.2-client]
		CipherString = DEFAULT
		Protocol = TLSv1.2
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-15]
		ExpectedResult = Success

		@@ -628,7 +455,6 @@ ssl_conf = 16-client-auth-TLSv1.2-request-ssl

		[16-client-auth-TLSv1.2-request-ssl]
		server = 16-client-auth-TLSv1.2-request-server
		server2 = 16-client-auth-TLSv1.2-request-server2
		client = 16-client-auth-TLSv1.2-request-client

		[16-client-auth-TLSv1.2-request-server]
		@@ -638,22 +464,12 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1.2
		VerifyMode = Request


		[16-client-auth-TLSv1.2-request-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1.2
		VerifyMode = Request


		[16-client-auth-TLSv1.2-request-client]
		CipherString = DEFAULT
		Protocol = TLSv1.2
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-16]
		ExpectedResult = Success

		@@ -665,7 +481,6 @@ ssl_conf = 17-client-auth-TLSv1.2-require-fail-ssl

		[17-client-auth-TLSv1.2-require-fail-ssl]
		server = 17-client-auth-TLSv1.2-require-fail-server
		server2 = 17-client-auth-TLSv1.2-require-fail-server2
		client = 17-client-auth-TLSv1.2-require-fail-client

		[17-client-auth-TLSv1.2-require-fail-server]
		@@ -676,23 +491,12 @@ Protocol = TLSv1.2
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
		VerifyMode = Require


		[17-client-auth-TLSv1.2-require-fail-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1.2
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
		VerifyMode = Require


		[17-client-auth-TLSv1.2-require-fail-client]
		CipherString = DEFAULT
		Protocol = TLSv1.2
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-17]
		ExpectedResult = ServerFail
		ServerAlert = HandshakeFailure
		@@ -705,7 +509,6 @@ ssl_conf = 18-client-auth-TLSv1.2-require-ssl

		[18-client-auth-TLSv1.2-require-ssl]
		server = 18-client-auth-TLSv1.2-require-server
		server2 = 18-client-auth-TLSv1.2-require-server2
		client = 18-client-auth-TLSv1.2-require-client

		[18-client-auth-TLSv1.2-require-server]
		@@ -716,16 +519,6 @@ Protocol = TLSv1.2
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
		VerifyMode = Request


		[18-client-auth-TLSv1.2-require-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1.2
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
		VerifyMode = Request


		[18-client-auth-TLSv1.2-require-client]
		Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
		CipherString = DEFAULT
		@@ -734,7 +527,6 @@ Protocol = TLSv1.2
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-18]
		ExpectedResult = Success

		@@ -746,7 +538,6 @@ ssl_conf = 19-client-auth-TLSv1.2-noroot-ssl

		[19-client-auth-TLSv1.2-noroot-ssl]
		server = 19-client-auth-TLSv1.2-noroot-server
		server2 = 19-client-auth-TLSv1.2-noroot-server2
		client = 19-client-auth-TLSv1.2-noroot-client

		[19-client-auth-TLSv1.2-noroot-server]
		@@ -756,15 +547,6 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1.2
		VerifyMode = Require


		[19-client-auth-TLSv1.2-noroot-server2]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
		Protocol = TLSv1.2
		VerifyMode = Require


		[19-client-auth-TLSv1.2-noroot-client]
		Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
		CipherString = DEFAULT
		@@ -773,7 +555,6 @@ Protocol = TLSv1.2
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer


		[test-19]
		ExpectedResult = ServerFail
		ServerAlert = UnknownCA

Admin message