diff options
Diffstat (limited to 'deps/openssl/openssl/test/README.ssltest.md')
-rw-r--r-- | deps/openssl/openssl/test/README.ssltest.md | 29 |
1 files changed, 27 insertions, 2 deletions
diff --git a/deps/openssl/openssl/test/README.ssltest.md b/deps/openssl/openssl/test/README.ssltest.md index c1edda5aed..3b4bb564f1 100644 --- a/deps/openssl/openssl/test/README.ssltest.md +++ b/deps/openssl/openssl/test/README.ssltest.md @@ -81,6 +81,11 @@ handshake. - Yes - a session ticket is expected - No - a session ticket is not expected +* SessionIdExpected - whether or not a session id is expected + - Ignore - do not check for a session id (default) + - Yes - a session id is expected + - No - a session id is not expected + * ResumptionExpected - whether or not resumption is expected (Resume mode only) - Yes - resumed handshake - No - full handshake (default) @@ -89,6 +94,23 @@ handshake. * ExpectedTmpKeyType - the expected algorithm or curve of server temp key +* ExpectedServerCertType, ExpectedClientCertType - the expected algorithm or + curve of server or client certificate + +* ExpectedServerSignHash, ExpectedClientSignHash - the expected + signing hash used by server or client certificate + +* ExpectedServerSignType, ExpectedClientSignType - the expected + signature type used by server or client when signing messages + +* ExpectedClientCANames - for client auth list of CA names the server must + send. If this is "empty" the list is expected to be empty otherwise it + is a file of certificates whose subject names form the list. + +* ExpectedServerCANames - list of CA names the client must send, TLS 1.3 only. + If this is "empty" the list is expected to be empty otherwise it is a file + of certificates whose subject names form the list. + ## Configuring the client and server The client and server configurations can be any valid `SSL_CTX` @@ -170,6 +192,9 @@ client => { protocols can be specified as a comma-separated list, and a callback with the recommended behaviour will be installed automatically. +* SRPUser, SRPPassword - SRP settings. For client, this is the SRP user to + connect as; for server, this is a known SRP user. + ### Default server and client configurations The default server certificate and CA files are added to the configurations @@ -202,7 +227,7 @@ client => { ``` $ ./config $ cd test -$ TOP=.. perl -I testlib/ generate_ssl_tests.pl ssl-tests/my.conf.in \ +$ TOP=.. perl -I ../util/perl/ generate_ssl_tests.pl ssl-tests/my.conf.in \ > ssl-tests/my.conf ``` @@ -211,7 +236,7 @@ where `my.conf.in` is your test input file. For example, to generate the test cases in `ssl-tests/01-simple.conf.in`, do ``` -$ TOP=.. perl -I testlib/ generate_ssl_tests.pl ssl-tests/01-simple.conf.in > ssl-tests/01-simple.conf +$ TOP=.. perl -I ../util/perl/ generate_ssl_tests.pl ssl-tests/01-simple.conf.in > ssl-tests/01-simple.conf ``` Alternatively (hackish but simple), you can comment out |