Add the SSL_METHOD for TLSv1.3 and all other base changes required Includes addition of the various options to s_server/s_client. Also adds one of the new TLS1.3 ciphersuites. This isn't "real" TLS1.3!! It's identical to TLS1.2 apart from the protocol and the ciphersuite...and the ciphersuite is just a renamed TLS1.2 one (not a "real" TLS1.3 ciphersuite). Reviewed-by: Rich Salz <rsalz@openssl.org>
diff --git a/apps/apps.h b/apps/apps.h index 9dc4737..d9f7c08 100644 --- a/apps/apps.h +++ b/apps/apps.h
@@ -210,7 +210,7 @@ # define OPT_S_ENUM \ OPT_S__FIRST=3000, \ OPT_S_NOSSL3, OPT_S_NOTLS1, OPT_S_NOTLS1_1, OPT_S_NOTLS1_2, \ - OPT_S_BUGS, OPT_S_NO_COMP, OPT_S_NOTICKET, \ + OPT_S_NOTLS1_3, OPT_S_BUGS, OPT_S_NO_COMP, OPT_S_NOTICKET, \ OPT_S_SERVERPREF, OPT_S_LEGACYRENEG, OPT_S_LEGACYCONN, \ OPT_S_ONRESUMP, OPT_S_NOLEGACYCONN, OPT_S_STRICT, OPT_S_SIGALGS, \ OPT_S_CLIENTSIGALGS, OPT_S_CURVES, OPT_S_NAMEDCURVE, OPT_S_CIPHER, \ @@ -222,6 +222,7 @@ {"no_tls1", OPT_S_NOTLS1, '-', "Just disable TLSv1"}, \ {"no_tls1_1", OPT_S_NOTLS1_1, '-', "Just disable TLSv1.1" }, \ {"no_tls1_2", OPT_S_NOTLS1_2, '-', "Just disable TLSv1.2"}, \ + {"no_tls1_3", OPT_S_NOTLS1_3, '-', "Just disable TLSv1.3"}, \ {"bugs", OPT_S_BUGS, '-', "Turn on SSL bug compatibility"}, \ {"no_comp", OPT_S_NO_COMP, '-', "Disable SSL/TLS compression (default)" }, \ {"comp", OPT_S_COMP, '-', "Use SSL/TLS-level compression" }, \ @@ -259,6 +260,7 @@ case OPT_S_NOTLS1: \ case OPT_S_NOTLS1_1: \ case OPT_S_NOTLS1_2: \ + case OPT_S_NOTLS1_3: \ case OPT_S_BUGS: \ case OPT_S_NO_COMP: \ case OPT_S_COMP: \ @@ -279,7 +281,7 @@ #define IS_NO_PROT_FLAG(o) \ (o == OPT_S_NOSSL3 || o == OPT_S_NOTLS1 || o == OPT_S_NOTLS1_1 \ - || o == OPT_S_NOTLS1_2) + || o == OPT_S_NOTLS1_2 || o == OPT_S_NOTLS1_3) /* * Option parsing.
diff --git a/apps/ciphers.c b/apps/ciphers.c index 7b99757..531bf8d 100644 --- a/apps/ciphers.c +++ b/apps/ciphers.c
@@ -21,6 +21,7 @@ OPT_TLS1, OPT_TLS1_1, OPT_TLS1_2, + OPT_TLS1_3, OPT_PSK, OPT_SRP, OPT_V, OPT_UPPER_V, OPT_S @@ -43,6 +44,9 @@ #ifndef OPENSSL_NO_TLS1_2 {"tls1_2", OPT_TLS1_2, '-', "TLS1.2 mode"}, #endif +#ifndef OPENSSL_NO_TLS1_3 + {"tls1_3", OPT_TLS1_3, '-', "TLS1.3 mode"}, +#endif #ifndef OPENSSL_NO_SSL_TRACE {"stdname", OPT_STDNAME, '-', "Show standard cipher names"}, #endif @@ -135,6 +139,10 @@ min_version = TLS1_2_VERSION; max_version = TLS1_2_VERSION; break; + case OPT_TLS1_3: + min_version = TLS1_3_VERSION; + max_version = TLS1_3_VERSION; + break; case OPT_PSK: #ifndef OPENSSL_NO_PSK psk = 1;
diff --git a/apps/s_cb.c b/apps/s_cb.c index 9535f12..c37b9a1 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c
@@ -453,6 +453,7 @@ {"TLS 1.0", TLS1_VERSION}, {"TLS 1.1", TLS1_1_VERSION}, {"TLS 1.2", TLS1_2_VERSION}, + {"TLS 1.3", TLS1_3_VERSION}, {"DTLS 1.0", DTLS1_VERSION}, {"DTLS 1.0 (bad)", DTLS1_BAD_VER}, {NULL} @@ -522,6 +523,7 @@ version == TLS1_VERSION || version == TLS1_1_VERSION || version == TLS1_2_VERSION || + version == TLS1_3_VERSION || version == DTLS1_VERSION || version == DTLS1_BAD_VER) { switch (content_type) { case 20:
diff --git a/apps/s_client.c b/apps/s_client.c index 55803e9..a407303 100644 --- a/apps/s_client.c +++ b/apps/s_client.c
@@ -539,7 +539,7 @@ OPT_SRP_MOREGROUPS, #endif OPT_SSL3, OPT_SSL_CONFIG, - OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1, + OPT_TLS1_3, OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1, OPT_DTLS1_2, OPT_TIMEOUT, OPT_MTU, OPT_KEYFORM, OPT_PASS, OPT_CERT_CHAIN, OPT_CAPATH, OPT_NOCAPATH, OPT_CHAINCAPATH, OPT_VERIFYCAPATH, @@ -680,6 +680,9 @@ #ifndef OPENSSL_NO_TLS1_2 {"tls1_2", OPT_TLS1_2, '-', "Just use TLSv1.2"}, #endif +#ifndef OPENSSL_NO_TLS1_3 + {"tls1_3", OPT_TLS1_3, '-', "Just use TLSv1.3"}, +#endif #ifndef OPENSSL_NO_DTLS {"dtls", OPT_DTLS, '-', "Use any version of DTLS"}, {"timeout", OPT_TIMEOUT, '-', @@ -762,7 +765,7 @@ #define IS_PROT_FLAG(o) \ (o == OPT_SSL3 || o == OPT_TLS1 || o == OPT_TLS1_1 || o == OPT_TLS1_2 \ - || o == OPT_DTLS || o == OPT_DTLS1 || o == OPT_DTLS1_2) + || o == OPT_TLS1_3 || o == OPT_DTLS || o == OPT_DTLS1 || o == OPT_DTLS1_2) /* Free |*dest| and optionally set it to a copy of |source|. */ static void freeandcopy(char **dest, const char *source) @@ -1156,6 +1159,10 @@ min_version = SSL3_VERSION; max_version = SSL3_VERSION; break; + case OPT_TLS1_3: + min_version = TLS1_3_VERSION; + max_version = TLS1_3_VERSION; + break; case OPT_TLS1_2: min_version = TLS1_2_VERSION; max_version = TLS1_2_VERSION;
diff --git a/apps/s_server.c b/apps/s_server.c index d32b9df..24841c5 100644 --- a/apps/s_server.c +++ b/apps/s_server.c
@@ -669,7 +669,7 @@ OPT_NO_RESUME_EPHEMERAL, OPT_PSK_HINT, OPT_PSK, OPT_SRPVFILE, OPT_SRPUSERSEED, OPT_REV, OPT_WWW, OPT_UPPER_WWW, OPT_HTTP, OPT_ASYNC, OPT_SSL_CONFIG, OPT_SPLIT_SEND_FRAG, OPT_MAX_PIPELINES, OPT_READ_BUF, - OPT_SSL3, OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1, + OPT_SSL3, OPT_TLS1_3, OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1, OPT_DTLS1_2, OPT_TIMEOUT, OPT_MTU, OPT_LISTEN, OPT_ID_PREFIX, OPT_RAND, OPT_SERVERNAME, OPT_SERVERNAME_FATAL, OPT_CERT2, OPT_KEY2, OPT_NEXTPROTONEG, OPT_ALPN, @@ -834,6 +834,9 @@ #ifndef OPENSSL_NO_TLS1_2 {"tls1_2", OPT_TLS1_2, '-', "just talk TLSv1.2"}, #endif +#ifndef OPENSSL_NO_TLS1_3 + {"tls1_3", OPT_TLS1_3, '-', "just talk TLSv1.3"}, +#endif #ifndef OPENSSL_NO_DTLS {"dtls", OPT_DTLS, '-', "Use any DTLS version"}, {"timeout", OPT_TIMEOUT, '-', "Enable timeouts"}, @@ -868,7 +871,7 @@ #define IS_PROT_FLAG(o) \ (o == OPT_SSL3 || o == OPT_TLS1 || o == OPT_TLS1_1 || o == OPT_TLS1_2 \ - || o == OPT_DTLS || o == OPT_DTLS1 || o == OPT_DTLS1_2) + || o == OPT_TLS1_3 || o == OPT_DTLS || o == OPT_DTLS1 || o == OPT_DTLS1_2) int s_server_main(int argc, char *argv[]) { @@ -1321,6 +1324,10 @@ min_version = SSL3_VERSION; max_version = SSL3_VERSION; break; + case OPT_TLS1_3: + min_version = TLS1_3_VERSION; + max_version = TLS1_3_VERSION; + break; case OPT_TLS1_2: min_version = TLS1_2_VERSION; max_version = TLS1_2_VERSION;
diff --git a/doc/man1/ciphers.pod b/doc/man1/ciphers.pod index c392077..30f5721 100644 --- a/doc/man1/ciphers.pod +++ b/doc/man1/ciphers.pod
@@ -15,6 +15,7 @@ [B<-tls1>] [B<-tls1_1>] [B<-tls1_2>] +[B<-tls1_3>] [B<-s>] [B<-psk>] [B<-srp>] @@ -69,6 +70,11 @@ Like B<-v>, but include the official cipher suite values in hex. +=item B<-tls1_3> + +In combination with the B<-s> option, list the ciphers which would be used if +TLSv1.3 were negotiated. + =item B<-tls1_2> In combination with the B<-s> option, list the ciphers which would be used if
diff --git a/doc/man1/s_client.pod b/doc/man1/s_client.pod index 4a2a280..4f21ea4 100644 --- a/doc/man1/s_client.pod +++ b/doc/man1/s_client.pod
@@ -68,10 +68,12 @@ [B<-tls1>] [B<-tls1_1>] [B<-tls1_2>] +[B<-tls1_3>] [B<-no_ssl3>] [B<-no_tls1>] [B<-no_tls1_1>] [B<-no_tls1_2>] +[B<-no_tls1_3>] [B<-dtls>] [B<-dtls1>] [B<-dtls1_2>] @@ -336,7 +338,7 @@ given as a hexadecimal number without leading 0x, for example -psk 1a2b3c4d. -=item B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2> +=item B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-tls1_3>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>, B<-no_tls1_3> These options require or disable the use of the specified SSL or TLS protocols. By default B<s_client> will negotiate the highest mutually supported protocol
diff --git a/doc/man1/s_server.pod b/doc/man1/s_server.pod index b0d7888..b6c5659 100644 --- a/doc/man1/s_server.pod +++ b/doc/man1/s_server.pod
@@ -69,6 +69,9 @@ [B<-quiet>] [B<-ssl3>] [B<-tls1>] +[B<-tls1_1>] +[B<-tls1_2>] +[B<-tls1_3>] [B<-dtls>] [B<-dtls1>] [B<-dtls1_2>] @@ -81,6 +84,7 @@ [B<-no_tls1>] [B<-no_tls1_1>] [B<-no_tls1_2>] +[B<-no_tls1_3>] [B<-no_dhe>] [B<-bugs>] [B<-comp>] @@ -295,7 +299,7 @@ given as a hexadecimal number without leading 0x, for example -psk 1a2b3c4d. -=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2> +=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-tls1_3>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>, B<-no_tls1_3> These options require or disable the use of the specified SSL or TLS protocols. By default B<s_server> will negotiate the highest mutually supported protocol
diff --git a/doc/man3/SSL_CONF_cmd.pod b/doc/man3/SSL_CONF_cmd.pod index d8c0e9b..60b80d3 100644 --- a/doc/man3/SSL_CONF_cmd.pod +++ b/doc/man3/SSL_CONF_cmd.pod
@@ -121,12 +121,13 @@ To restrict the supported protocol versions use these commands rather than the deprecated alternative commands below. -=item B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2> +=item B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>, B<-no_tls1_3> -Disables protocol support for SSLv3, TLSv1.0, TLSv1.1 or TLSv1.2 by setting the -corresponding options B<SSL_OP_NO_SSLv3>, B<SSL_OP_NO_TLSv1>, B<SSL_OP_NO_TLSv1_1> -and B<SSL_OP_NO_TLSv1_2> respectively. -These options are deprecated, instead use B<-min_protocol> and B<-max_protocol>. +Disables protocol support for SSLv3, TLSv1.0, TLSv1.1, TLSv1.2 or TLSv1.3 by +setting the corresponding options B<SSL_OP_NO_SSLv3>, B<SSL_OP_NO_TLSv1>, +B<SSL_OP_NO_TLSv1_1>, B<SSL_OP_NO_TLSv1_2> and B<SSL_OP_NO_TLSv1_3> +respectively. These options are deprecated, instead use B<-min_protocol> and +B<-max_protocol>. =item B<-bugs>
diff --git a/doc/man3/SSL_CTX_new.pod b/doc/man3/SSL_CTX_new.pod index 29387d3..512fca8 100644 --- a/doc/man3/SSL_CTX_new.pod +++ b/doc/man3/SSL_CTX_new.pod
@@ -156,12 +156,12 @@ allow newer protocols like TLS 1.0, TLS 1.1 or TLS 1.2. The list of protocols available can also be limited using the -B<SSL_OP_NO_SSLv3>, B<SSL_OP_NO_TLSv1>, B<SSL_OP_NO_TLSv1_1> and -B<SSL_OP_NO_TLSv1_2> options of the L<SSL_CTX_set_options(3)> or -L<SSL_set_options(3)> functions, but this approach is not recommended. -Clients should avoid creating "holes" in the set of protocols they support. -When disabling a protocol, make sure that you also disable either all previous -or all subsequent protocol versions. +B<SSL_OP_NO_SSLv3>, B<SSL_OP_NO_TLSv1>, B<SSL_OP_NO_TLSv1_1>, +B<SSL_OP_NO_TLSv1_3> and B<SSL_OP_NO_TLSv1_2> options of the +L<SSL_CTX_set_options(3)> or L<SSL_set_options(3)> functions, but this approach +is not recommended. Clients should avoid creating "holes" in the set of +protocols they support. When disabling a protocol, make sure that you also +disable either all previous or all subsequent protocol versions. In clients, when a protocol version is disabled without disabling I<all> previous protocol versions, the effect is to also disable all subsequent protocol versions.
diff --git a/doc/man3/SSL_CTX_set_min_proto_version.pod b/doc/man3/SSL_CTX_set_min_proto_version.pod index 3e9fe80..5996d48 100644 --- a/doc/man3/SSL_CTX_set_min_proto_version.pod +++ b/doc/man3/SSL_CTX_set_min_proto_version.pod
@@ -29,8 +29,8 @@ supported by the library, respectively. Currently supported versions are B<SSL3_VERSION>, B<TLS1_VERSION>, -B<TLS1_1_VERSION>, B<TLS1_2_VERSION> for TLS and B<DTLS1_VERSION>, -B<DTLS1_2_VERSION> for DTLS. +B<TLS1_1_VERSION>, B<TLS1_2_VERSION>, B<TLS1_3_VERSION> for TLS and +B<DTLS1_VERSION>, B<DTLS1_2_VERSION> for DTLS. =head1 RETURN VALUES
diff --git a/doc/man3/SSL_CTX_set_options.pod b/doc/man3/SSL_CTX_set_options.pod index 63609f3..921c812e 100644 --- a/doc/man3/SSL_CTX_set_options.pod +++ b/doc/man3/SSL_CTX_set_options.pod
@@ -155,9 +155,9 @@ =item SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1, -SSL_OP_NO_TLSv1_2, SSL_OP_NO_DTLSv1, SSL_OP_NO_DTLSv1_2 +SSL_OP_NO_TLSv1_2, SSL_OP_NO_TLSv1_3, SSL_OP_NO_DTLSv1, SSL_OP_NO_DTLSv1_2 -These options turn off the SSLv3, TLSv1, TLSv1.1 or TLSv1.2 protocol +These options turn off the SSLv3, TLSv1, TLSv1.1, TLSv1.2 or TLSv1.3 protocol versions with TLS or the DTLSv1, DTLSv1.2 versions with DTLS, respectively. As of OpenSSL 1.1.0, these options are deprecated, use
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 20013db..f0aa306 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h
@@ -343,12 +343,13 @@ # define SSL_OP_NO_TLSv1 0x04000000U # define SSL_OP_NO_TLSv1_2 0x08000000U # define SSL_OP_NO_TLSv1_1 0x10000000U +# define SSL_OP_NO_TLSv1_3 0x20000000U # define SSL_OP_NO_DTLSv1 0x04000000U # define SSL_OP_NO_DTLSv1_2 0x08000000U # define SSL_OP_NO_SSL_MASK (SSL_OP_NO_SSLv3|\ - SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1_2) + SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1_2|SSL_OP_NO_TLSv1_3) # define SSL_OP_NO_DTLS_MASK (SSL_OP_NO_DTLSv1|SSL_OP_NO_DTLSv1_2)
diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h index 23e382c..3f7e749 100644 --- a/include/openssl/tls1.h +++ b/include/openssl/tls1.h
@@ -65,7 +65,8 @@ # define TLS1_VERSION 0x0301 # define TLS1_1_VERSION 0x0302 # define TLS1_2_VERSION 0x0303 -# define TLS_MAX_VERSION TLS1_2_VERSION +# define TLS1_3_VERSION 0x0304 +# define TLS_MAX_VERSION TLS1_3_VERSION /* Special value for method supporting multiple versions */ # define TLS_ANY_VERSION 0x10000 @@ -599,6 +600,9 @@ # define TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305 0x0300CCAD # define TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305 0x0300CCAE +/* TLS v1.3 ciphersuites */ +# define TLS1_3_CK_AES_128_GCM_SHA256 0x03000D01 + /* * XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE * ciphers names with "EDH" instead of "DHE". Going forward, we should be @@ -868,6 +872,13 @@ # define TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305 "DHE-PSK-CHACHA20-POLY1305" # define TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305 "RSA-PSK-CHACHA20-POLY1305" +/* TLSv1.3 ciphersuites */ +/* + * TODO(TLS1.3): Review the naming scheme for TLSv1.3 ciphers and also the + * cipherstring selection process for these ciphers + */ +# define TLS1_3_TXT_AES_128_GCM_SHA256 "TLS13-AES-128-GCM-SHA256" + # define TLS_CT_RSA_SIGN 1 # define TLS_CT_DSS_SIGN 2 # define TLS_CT_RSA_FIXED_DH 3
diff --git a/ssl/methods.c b/ssl/methods.c index c846143..f0926b7 100644 --- a/ssl/methods.c +++ b/ssl/methods.c
@@ -19,6 +19,12 @@ TLS_method, ossl_statem_accept, ossl_statem_connect, TLSv1_2_enc_data) +#ifndef OPENSSL_NO_TLS1_3_METHOD +IMPLEMENT_tls_meth_func(TLS1_3_VERSION, 0, SSL_OP_NO_TLSv1_3, + tlsv1_3_method, + ossl_statem_accept, + ossl_statem_connect, TLSv1_3_enc_data) +#endif #ifndef OPENSSL_NO_TLS1_2_METHOD IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2, tlsv1_2_method, @@ -46,6 +52,12 @@ TLS_server_method, ossl_statem_accept, ssl_undefined_function, TLSv1_2_enc_data) +#ifndef OPENSSL_NO_TLS1_3_METHOD +IMPLEMENT_tls_meth_func(TLS1_3_VERSION, 0, SSL_OP_NO_TLSv1_3, + tlsv1_3_server_method, + ossl_statem_accept, + ssl_undefined_function, TLSv1_3_enc_data) +#endif #ifndef OPENSSL_NO_TLS1_2_METHOD IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2, tlsv1_2_server_method, @@ -75,6 +87,12 @@ TLS_client_method, ssl_undefined_function, ossl_statem_connect, TLSv1_2_enc_data) +#ifndef OPENSSL_NO_TLS1_3_METHOD +IMPLEMENT_tls_meth_func(TLS1_3_VERSION, 0, SSL_OP_NO_TLSv1_3, + tlsv1_3_client_method, + ssl_undefined_function, + ossl_statem_connect, TLSv1_3_enc_data) +#endif #ifndef OPENSSL_NO_TLS1_2_METHOD IMPLEMENT_tls_meth_func(TLS1_2_VERSION, 0, SSL_OP_NO_TLSv1_2, tlsv1_2_client_method,
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index d19b97a..ffdb454 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c
@@ -834,6 +834,21 @@ 256, 256, }, + { + 1, + TLS1_3_TXT_AES_128_GCM_SHA256, + TLS1_3_CK_AES_128_GCM_SHA256, + SSL_kRSA, + SSL_aRSA, + SSL_AES128GCM, + SSL_AEAD, + TLS1_3_VERSION, TLS1_3_VERSION, + 0, 0, + SSL_HIGH, + SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256, + 128, + 128, + }, #ifndef OPENSSL_NO_EC {
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c index 3957946..63687b5 100644 --- a/ssl/ssl_conf.c +++ b/ssl/ssl_conf.c
@@ -257,6 +257,7 @@ SSL_FLAG_TBL_INV("TLSv1", SSL_OP_NO_TLSv1), SSL_FLAG_TBL_INV("TLSv1.1", SSL_OP_NO_TLSv1_1), SSL_FLAG_TBL_INV("TLSv1.2", SSL_OP_NO_TLSv1_2), + SSL_FLAG_TBL_INV("TLSv1.3", SSL_OP_NO_TLSv1_3), SSL_FLAG_TBL_INV("DTLSv1", SSL_OP_NO_DTLSv1), SSL_FLAG_TBL_INV("DTLSv1.2", SSL_OP_NO_DTLSv1_2) }; @@ -282,6 +283,7 @@ {"TLSv1", TLS1_VERSION}, {"TLSv1.1", TLS1_1_VERSION}, {"TLSv1.2", TLS1_2_VERSION}, + {"TLSv1.3", TLS1_3_VERSION}, {"DTLSv1", DTLS1_VERSION}, {"DTLSv1.2", DTLS1_2_VERSION} }; @@ -526,6 +528,7 @@ SSL_CONF_CMD_SWITCH("no_tls1", 0), SSL_CONF_CMD_SWITCH("no_tls1_1", 0), SSL_CONF_CMD_SWITCH("no_tls1_2", 0), + SSL_CONF_CMD_SWITCH("no_tls1_3", 0), SSL_CONF_CMD_SWITCH("bugs", 0), SSL_CONF_CMD_SWITCH("no_comp", 0), SSL_CONF_CMD_SWITCH("comp", 0), @@ -583,6 +586,7 @@ {SSL_OP_NO_TLSv1, 0}, /* no_tls1 */ {SSL_OP_NO_TLSv1_1, 0}, /* no_tls1_1 */ {SSL_OP_NO_TLSv1_2, 0}, /* no_tls1_2 */ + {SSL_OP_NO_TLSv1_3, 0}, /* no_tls1_3 */ {SSL_OP_ALL, 0}, /* bugs */ {SSL_OP_NO_COMPRESSION, 0}, /* no_comp */ {SSL_OP_NO_COMPRESSION, SSL_TFLAG_INV}, /* comp */
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 8bf872b..84dd393 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c
@@ -3072,7 +3072,9 @@ const char *ssl_protocol_to_string(int version) { - if (version == TLS1_2_VERSION) + if (version == TLS1_3_VERSION) + return "TLSv1.3"; + else if (version == TLS1_2_VERSION) return "TLSv1.2"; else if (version == TLS1_1_VERSION) return "TLSv1.1";
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 8a7e1a9..d5a6fe2 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h
@@ -1641,6 +1641,9 @@ __owur const SSL_METHOD *tlsv1_2_method(void); __owur const SSL_METHOD *tlsv1_2_server_method(void); __owur const SSL_METHOD *tlsv1_2_client_method(void); +__owur const SSL_METHOD *tlsv1_3_method(void); +__owur const SSL_METHOD *tlsv1_3_server_method(void); +__owur const SSL_METHOD *tlsv1_3_client_method(void); __owur const SSL_METHOD *dtlsv1_method(void); __owur const SSL_METHOD *dtlsv1_server_method(void); __owur const SSL_METHOD *dtlsv1_client_method(void); @@ -1652,6 +1655,7 @@ extern const SSL3_ENC_METHOD TLSv1_enc_data; extern const SSL3_ENC_METHOD TLSv1_1_enc_data; extern const SSL3_ENC_METHOD TLSv1_2_enc_data; +extern const SSL3_ENC_METHOD TLSv1_3_enc_data; extern const SSL3_ENC_METHOD SSLv3_enc_data; extern const SSL3_ENC_METHOD DTLSv1_enc_data; extern const SSL3_ENC_METHOD DTLSv1_2_enc_data;
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index eee1ca1..e0ec918 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c
@@ -320,6 +320,9 @@ } else if (s->version == TLS1_2_VERSION) { ss->ssl_version = TLS1_2_VERSION; ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH; + } else if (s->version == TLS1_3_VERSION) { + ss->ssl_version = TLS1_3_VERSION; + ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH; } else if (s->version == DTLS1_BAD_VER) { ss->ssl_version = DTLS1_BAD_VER; ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index c185d7c..a3d8d1e 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c
@@ -647,11 +647,16 @@ const SSL_METHOD *(*smeth) (void); } version_info; -#if TLS_MAX_VERSION != TLS1_2_VERSION -# error Code needs update for TLS_method() support beyond TLS1_2_VERSION. +#if TLS_MAX_VERSION != TLS1_3_VERSION +# error Code needs update for TLS_method() support beyond TLS1_3_VERSION. #endif static const version_info tls_version_table[] = { +#ifndef OPENSSL_NO_TLS1_3 + {TLS1_3_VERSION, tlsv1_3_client_method, tlsv1_3_server_method}, +#else + {TLS1_3_VERSION, NULL, NULL}, +#endif #ifndef OPENSSL_NO_TLS1_2 {TLS1_2_VERSION, tlsv1_2_client_method, tlsv1_2_server_method}, #else
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 87ebbf3..e19f93d 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c
@@ -84,6 +84,26 @@ ssl3_handshake_write }; +SSL3_ENC_METHOD const TLSv1_3_enc_data = { + tls1_enc, + tls1_mac, + tls1_setup_key_block, + tls1_generate_master_secret, + tls1_change_cipher_state, + tls1_final_finish_mac, + TLS1_FINISH_MAC_LENGTH, + TLS_MD_CLIENT_FINISH_CONST, TLS_MD_CLIENT_FINISH_CONST_SIZE, + TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE, + tls1_alert_code, + tls1_export_keying_material, + SSL_ENC_FLAG_EXPLICIT_IV | SSL_ENC_FLAG_SIGALGS | SSL_ENC_FLAG_SHA256_PRF + | SSL_ENC_FLAG_TLS1_2_CIPHERS, + SSL3_HM_HEADER_LENGTH, + ssl3_set_handshake_header, + tls_close_construct_packet, + ssl3_handshake_write +}; + long tls1_default_timeout(void) { /*
diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c index 4577f03..ab5d2da 100644 --- a/ssl/t1_trce.c +++ b/ssl/t1_trce.c
@@ -61,6 +61,7 @@ {TLS1_VERSION, "TLS 1.0"}, {TLS1_1_VERSION, "TLS 1.1"}, {TLS1_2_VERSION, "TLS 1.2"}, + {TLS1_3_VERSION, "TLS 1.3"}, {DTLS1_VERSION, "DTLS 1.0"}, {DTLS1_2_VERSION, "DTLS 1.2"}, {DTLS1_BAD_VER, "DTLS 1.0 (bad)"} @@ -422,6 +423,7 @@ {0xCCAC, "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305"}, {0xCCAD, "TLS_DHE_PSK_WITH_CHACHA20_POLY1305"}, {0xCCAE, "TLS_RSA_PSK_WITH_CHACHA20_POLY1305"}, + {0x0D01, "TLS_AES_128_GCM_SHA256"}, {0xFEFE, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"}, {0xFEFF, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA"}, };
diff --git a/test/cipherlist_test.c b/test/cipherlist_test.c index d6556e0..70ebd83 100644 --- a/test/cipherlist_test.c +++ b/test/cipherlist_test.c
@@ -107,10 +107,14 @@ #ifndef OPENSSL_NO_TLS1_2 TLS1_CK_RSA_WITH_AES_256_GCM_SHA384, TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, +#endif +#ifndef OPENSSL_NO_TLS1_3 + TLS1_3_CK_AES_128_GCM_SHA256, +#endif +#ifndef OPENSSL_NO_TLS1_2 TLS1_CK_RSA_WITH_AES_256_SHA256, TLS1_CK_RSA_WITH_AES_128_SHA256, #endif - TLS1_CK_RSA_WITH_AES_256_SHA, TLS1_CK_RSA_WITH_AES_128_SHA, };
diff --git a/test/recipes/80-test_ssl_old.t b/test/recipes/80-test_ssl_old.t index ff1a50a..d413de3 100644 --- a/test/recipes/80-test_ssl_old.t +++ b/test/recipes/80-test_ssl_old.t
@@ -21,10 +21,10 @@ $ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf"); my ($no_rsa, $no_dsa, $no_dh, $no_ec, $no_srp, $no_psk, - $no_ssl3, $no_tls1, $no_tls1_1, $no_tls1_2, + $no_ssl3, $no_tls1, $no_tls1_1, $no_tls1_2, $no_tls1_3, $no_dtls, $no_dtls1, $no_dtls1_2, $no_ct) = anydisabled qw/rsa dsa dh ec srp psk - ssl3 tls1 tls1_1 tls1_2 + ssl3 tls1 tls1_1 tls1_2 tls1_3 dtls dtls1 dtls1_2 ct/; my $no_anytls = alldisabled(available_protocols("tls")); my $no_anydtls = alldisabled(available_protocols("dtls")); @@ -446,6 +446,7 @@ my @protocols = (); # FIXME: I feel unsure about the following line, is that really just TLSv1.2, or is it all of the SSLv3/TLS protocols? + push(@protocols, "TLSv1.3") unless $no_tls1_3; push(@protocols, "TLSv1.2") unless $no_tls1_2; push(@protocols, "SSLv3") unless $no_ssl3; my $protocolciphersuitcount = 0; @@ -463,22 +464,27 @@ # The count of protocols is because in addition to the ciphersuits # we got above, we're running a weak DH test for each protocol - plan tests => $protocolciphersuitcount + scalar(@protocols); + plan tests => $protocolciphersuitcount + scalar(@protocols); - foreach my $protocol (@protocols) { - note "Testing ciphersuites for $protocol"; - foreach my $cipher (@{$ciphersuites{$protocol}}) { - ok(run(test([@ssltest, @exkeys, "-cipher", $cipher, - $protocol eq "SSLv3" ? ("-ssl3") : ()])), - "Testing $cipher"); - } + foreach my $protocol (@protocols) { + note "Testing ciphersuites for $protocol"; + my $flag = ""; + if ($protocol eq "SSLv3") { + $flag = "-ssl3"; + } elsif ($protocol eq "TLSv1.2") { + $flag = "-tls1_2"; + } + foreach my $cipher (@{$ciphersuites{$protocol}}) { + ok(run(test([@ssltest, @exkeys, "-cipher", $cipher, $flag])), + "Testing $cipher"); + } is(run(test([@ssltest, "-s_cipher", "EDH", "-c_cipher", 'EDH:@SECLEVEL=1', "-dhe512", $protocol eq "SSLv3" ? ("-ssl3") : ()])), 0, "testing connection with weak DH, expecting failure"); - } + } }; subtest 'RSA/(EC)DHE/PSK tests' => sub {
diff --git a/test/ssl-tests/02-protocol-version.conf b/test/ssl-tests/02-protocol-version.conf index cb89dbc..cf618f4 100644 --- a/test/ssl-tests/02-protocol-version.conf +++ b/test/ssl-tests/02-protocol-version.conf
@@ -1,6 +1,6 @@ # Generated with generate_ssl_tests.pl -num_tests = 361 +num_tests = 676 test-0 = 0-version-negotiation test-1 = 1-version-negotiation @@ -363,6 +363,321 @@ test-358 = 358-version-negotiation test-359 = 359-version-negotiation test-360 = 360-version-negotiation +test-361 = 361-version-negotiation +test-362 = 362-version-negotiation +test-363 = 363-version-negotiation +test-364 = 364-version-negotiation +test-365 = 365-version-negotiation +test-366 = 366-version-negotiation +test-367 = 367-version-negotiation +test-368 = 368-version-negotiation +test-369 = 369-version-negotiation +test-370 = 370-version-negotiation +test-371 = 371-version-negotiation +test-372 = 372-version-negotiation +test-373 = 373-version-negotiation +test-374 = 374-version-negotiation +test-375 = 375-version-negotiation +test-376 = 376-version-negotiation +test-377 = 377-version-negotiation +test-378 = 378-version-negotiation +test-379 = 379-version-negotiation +test-380 = 380-version-negotiation +test-381 = 381-version-negotiation +test-382 = 382-version-negotiation +test-383 = 383-version-negotiation +test-384 = 384-version-negotiation +test-385 = 385-version-negotiation +test-386 = 386-version-negotiation +test-387 = 387-version-negotiation +test-388 = 388-version-negotiation +test-389 = 389-version-negotiation +test-390 = 390-version-negotiation +test-391 = 391-version-negotiation +test-392 = 392-version-negotiation +test-393 = 393-version-negotiation +test-394 = 394-version-negotiation +test-395 = 395-version-negotiation +test-396 = 396-version-negotiation +test-397 = 397-version-negotiation +test-398 = 398-version-negotiation +test-399 = 399-version-negotiation +test-400 = 400-version-negotiation +test-401 = 401-version-negotiation +test-402 = 402-version-negotiation +test-403 = 403-version-negotiation +test-404 = 404-version-negotiation +test-405 = 405-version-negotiation +test-406 = 406-version-negotiation +test-407 = 407-version-negotiation +test-408 = 408-version-negotiation +test-409 = 409-version-negotiation +test-410 = 410-version-negotiation +test-411 = 411-version-negotiation +test-412 = 412-version-negotiation +test-413 = 413-version-negotiation +test-414 = 414-version-negotiation +test-415 = 415-version-negotiation +test-416 = 416-version-negotiation +test-417 = 417-version-negotiation +test-418 = 418-version-negotiation +test-419 = 419-version-negotiation +test-420 = 420-version-negotiation +test-421 = 421-version-negotiation +test-422 = 422-version-negotiation +test-423 = 423-version-negotiation +test-424 = 424-version-negotiation +test-425 = 425-version-negotiation +test-426 = 426-version-negotiation +test-427 = 427-version-negotiation +test-428 = 428-version-negotiation +test-429 = 429-version-negotiation +test-430 = 430-version-negotiation +test-431 = 431-version-negotiation +test-432 = 432-version-negotiation +test-433 = 433-version-negotiation +test-434 = 434-version-negotiation +test-435 = 435-version-negotiation +test-436 = 436-version-negotiation +test-437 = 437-version-negotiation +test-438 = 438-version-negotiation +test-439 = 439-version-negotiation +test-440 = 440-version-negotiation +test-441 = 441-version-negotiation +test-442 = 442-version-negotiation +test-443 = 443-version-negotiation +test-444 = 444-version-negotiation +test-445 = 445-version-negotiation +test-446 = 446-version-negotiation +test-447 = 447-version-negotiation +test-448 = 448-version-negotiation +test-449 = 449-version-negotiation +test-450 = 450-version-negotiation +test-451 = 451-version-negotiation +test-452 = 452-version-negotiation +test-453 = 453-version-negotiation +test-454 = 454-version-negotiation +test-455 = 455-version-negotiation +test-456 = 456-version-negotiation +test-457 = 457-version-negotiation +test-458 = 458-version-negotiation +test-459 = 459-version-negotiation +test-460 = 460-version-negotiation +test-461 = 461-version-negotiation +test-462 = 462-version-negotiation +test-463 = 463-version-negotiation +test-464 = 464-version-negotiation +test-465 = 465-version-negotiation +test-466 = 466-version-negotiation +test-467 = 467-version-negotiation +test-468 = 468-version-negotiation +test-469 = 469-version-negotiation +test-470 = 470-version-negotiation +test-471 = 471-version-negotiation +test-472 = 472-version-negotiation +test-473 = 473-version-negotiation +test-474 = 474-version-negotiation +test-475 = 475-version-negotiation +test-476 = 476-version-negotiation +test-477 = 477-version-negotiation +test-478 = 478-version-negotiation +test-479 = 479-version-negotiation +test-480 = 480-version-negotiation +test-481 = 481-version-negotiation +test-482 = 482-version-negotiation +test-483 = 483-version-negotiation +test-484 = 484-version-negotiation +test-485 = 485-version-negotiation +test-486 = 486-version-negotiation +test-487 = 487-version-negotiation +test-488 = 488-version-negotiation +test-489 = 489-version-negotiation +test-490 = 490-version-negotiation +test-491 = 491-version-negotiation +test-492 = 492-version-negotiation +test-493 = 493-version-negotiation +test-494 = 494-version-negotiation +test-495 = 495-version-negotiation +test-496 = 496-version-negotiation +test-497 = 497-version-negotiation +test-498 = 498-version-negotiation +test-499 = 499-version-negotiation +test-500 = 500-version-negotiation +test-501 = 501-version-negotiation +test-502 = 502-version-negotiation +test-503 = 503-version-negotiation +test-504 = 504-version-negotiation +test-505 = 505-version-negotiation +test-506 = 506-version-negotiation +test-507 = 507-version-negotiation +test-508 = 508-version-negotiation +test-509 = 509-version-negotiation +test-510 = 510-version-negotiation +test-511 = 511-version-negotiation +test-512 = 512-version-negotiation +test-513 = 513-version-negotiation +test-514 = 514-version-negotiation +test-515 = 515-version-negotiation +test-516 = 516-version-negotiation +test-517 = 517-version-negotiation +test-518 = 518-version-negotiation +test-519 = 519-version-negotiation +test-520 = 520-version-negotiation +test-521 = 521-version-negotiation +test-522 = 522-version-negotiation +test-523 = 523-version-negotiation +test-524 = 524-version-negotiation +test-525 = 525-version-negotiation +test-526 = 526-version-negotiation +test-527 = 527-version-negotiation +test-528 = 528-version-negotiation +test-529 = 529-version-negotiation +test-530 = 530-version-negotiation +test-531 = 531-version-negotiation +test-532 = 532-version-negotiation +test-533 = 533-version-negotiation +test-534 = 534-version-negotiation +test-535 = 535-version-negotiation +test-536 = 536-version-negotiation +test-537 = 537-version-negotiation +test-538 = 538-version-negotiation +test-539 = 539-version-negotiation +test-540 = 540-version-negotiation +test-541 = 541-version-negotiation +test-542 = 542-version-negotiation +test-543 = 543-version-negotiation +test-544 = 544-version-negotiation +test-545 = 545-version-negotiation +test-546 = 546-version-negotiation +test-547 = 547-version-negotiation +test-548 = 548-version-negotiation +test-549 = 549-version-negotiation +test-550 = 550-version-negotiation +test-551 = 551-version-negotiation +test-552 = 552-version-negotiation +test-553 = 553-version-negotiation +test-554 = 554-version-negotiation +test-555 = 555-version-negotiation +test-556 = 556-version-negotiation +test-557 = 557-version-negotiation +test-558 = 558-version-negotiation +test-559 = 559-version-negotiation +test-560 = 560-version-negotiation +test-561 = 561-version-negotiation +test-562 = 562-version-negotiation +test-563 = 563-version-negotiation +test-564 = 564-version-negotiation +test-565 = 565-version-negotiation +test-566 = 566-version-negotiation +test-567 = 567-version-negotiation +test-568 = 568-version-negotiation +test-569 = 569-version-negotiation +test-570 = 570-version-negotiation +test-571 = 571-version-negotiation +test-572 = 572-version-negotiation +test-573 = 573-version-negotiation +test-574 = 574-version-negotiation +test-575 = 575-version-negotiation +test-576 = 576-version-negotiation +test-577 = 577-version-negotiation +test-578 = 578-version-negotiation +test-579 = 579-version-negotiation +test-580 = 580-version-negotiation +test-581 = 581-version-negotiation +test-582 = 582-version-negotiation +test-583 = 583-version-negotiation +test-584 = 584-version-negotiation +test-585 = 585-version-negotiation +test-586 = 586-version-negotiation +test-587 = 587-version-negotiation +test-588 = 588-version-negotiation +test-589 = 589-version-negotiation +test-590 = 590-version-negotiation +test-591 = 591-version-negotiation +test-592 = 592-version-negotiation +test-593 = 593-version-negotiation +test-594 = 594-version-negotiation +test-595 = 595-version-negotiation +test-596 = 596-version-negotiation +test-597 = 597-version-negotiation +test-598 = 598-version-negotiation +test-599 = 599-version-negotiation +test-600 = 600-version-negotiation +test-601 = 601-version-negotiation +test-602 = 602-version-negotiation +test-603 = 603-version-negotiation +test-604 = 604-version-negotiation +test-605 = 605-version-negotiation +test-606 = 606-version-negotiation +test-607 = 607-version-negotiation +test-608 = 608-version-negotiation +test-609 = 609-version-negotiation +test-610 = 610-version-negotiation +test-611 = 611-version-negotiation +test-612 = 612-version-negotiation +test-613 = 613-version-negotiation +test-614 = 614-version-negotiation +test-615 = 615-version-negotiation +test-616 = 616-version-negotiation +test-617 = 617-version-negotiation +test-618 = 618-version-negotiation +test-619 = 619-version-negotiation +test-620 = 620-version-negotiation +test-621 = 621-version-negotiation +test-622 = 622-version-negotiation +test-623 = 623-version-negotiation +test-624 = 624-version-negotiation +test-625 = 625-version-negotiation +test-626 = 626-version-negotiation +test-627 = 627-version-negotiation +test-628 = 628-version-negotiation +test-629 = 629-version-negotiation +test-630 = 630-version-negotiation +test-631 = 631-version-negotiation +test-632 = 632-version-negotiation +test-633 = 633-version-negotiation +test-634 = 634-version-negotiation +test-635 = 635-version-negotiation +test-636 = 636-version-negotiation +test-637 = 637-version-negotiation +test-638 = 638-version-negotiation +test-639 = 639-version-negotiation +test-640 = 640-version-negotiation +test-641 = 641-version-negotiation +test-642 = 642-version-negotiation +test-643 = 643-version-negotiation +test-644 = 644-version-negotiation +test-645 = 645-version-negotiation +test-646 = 646-version-negotiation +test-647 = 647-version-negotiation +test-648 = 648-version-negotiation +test-649 = 649-version-negotiation +test-650 = 650-version-negotiation +test-651 = 651-version-negotiation +test-652 = 652-version-negotiation +test-653 = 653-version-negotiation +test-654 = 654-version-negotiation +test-655 = 655-version-negotiation +test-656 = 656-version-negotiation +test-657 = 657-version-negotiation +test-658 = 658-version-negotiation +test-659 = 659-version-negotiation +test-660 = 660-version-negotiation +test-661 = 661-version-negotiation +test-662 = 662-version-negotiation +test-663 = 663-version-negotiation +test-664 = 664-version-negotiation +test-665 = 665-version-negotiation +test-666 = 666-version-negotiation +test-667 = 667-version-negotiation +test-668 = 668-version-negotiation +test-669 = 669-version-negotiation +test-670 = 670-version-negotiation +test-671 = 671-version-negotiation +test-672 = 672-version-negotiation +test-673 = 673-version-negotiation +test-674 = 674-version-negotiation +test-675 = 675-version-negotiation # =========================================================== [0-version-negotiation] @@ -475,6 +790,7 @@ [4-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [4-version-negotiation-client] @@ -499,8 +815,6 @@ [5-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [5-version-negotiation-client] @@ -525,7 +839,7 @@ [6-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = SSLv3 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem @@ -551,7 +865,7 @@ [7-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem @@ -577,7 +891,7 @@ [8-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem @@ -603,6 +917,7 @@ [9-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem @@ -628,8 +943,8 @@ [10-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [10-version-negotiation-client] @@ -654,8 +969,7 @@ [11-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [11-version-negotiation-client] @@ -680,7 +994,7 @@ [12-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem @@ -706,6 +1020,7 @@ [13-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem @@ -731,8 +1046,8 @@ [14-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [14-version-negotiation-client] @@ -757,8 +1072,8 @@ [15-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [15-version-negotiation-client] @@ -783,7 +1098,7 @@ [16-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [16-version-negotiation-client] @@ -808,8 +1123,8 @@ [17-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [17-version-negotiation-client] @@ -834,7 +1149,8 @@ [18-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [18-version-negotiation-client] @@ -859,17 +1175,18 @@ [19-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [19-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-19] -ExpectedResult = ServerFail +ExpectedResult = InternalError # =========================================================== @@ -884,18 +1201,17 @@ [20-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [20-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-20] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -910,18 +1226,18 @@ [21-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [21-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-21] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -936,18 +1252,18 @@ [22-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [22-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-22] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -962,17 +1278,17 @@ [23-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [23-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-23] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -987,18 +1303,18 @@ [24-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [24-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-24] -ExpectedResult = ServerFail +ExpectedResult = InternalError # =========================================================== @@ -1013,19 +1329,17 @@ [25-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [25-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-25] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -1040,8 +1354,7 @@ [26-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [26-version-negotiation-client] @@ -1051,8 +1364,7 @@ VerifyMode = Peer [test-26] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1067,8 +1379,7 @@ [27-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [27-version-negotiation-client] @@ -1094,7 +1405,7 @@ [28-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [28-version-negotiation-client] @@ -1120,8 +1431,7 @@ [29-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [29-version-negotiation-client] @@ -1147,8 +1457,7 @@ [30-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [30-version-negotiation-client] @@ -1174,8 +1483,6 @@ [31-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [31-version-negotiation-client] @@ -1201,7 +1508,8 @@ [32-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = SSLv3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [32-version-negotiation-client] @@ -1211,8 +1519,7 @@ VerifyMode = Peer [test-32] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1227,8 +1534,8 @@ [33-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [33-version-negotiation-client] @@ -1238,7 +1545,8 @@ VerifyMode = Peer [test-33] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -1253,8 +1561,8 @@ [34-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [34-version-negotiation-client] @@ -1264,7 +1572,8 @@ VerifyMode = Peer [test-34] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -1279,7 +1588,8 @@ [35-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [35-version-negotiation-client] @@ -1289,7 +1599,8 @@ VerifyMode = Peer [test-35] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -1304,8 +1615,8 @@ [36-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [36-version-negotiation-client] @@ -1315,7 +1626,8 @@ VerifyMode = Peer [test-36] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -1330,7 +1642,7 @@ [37-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [37-version-negotiation-client] @@ -1340,7 +1652,8 @@ VerifyMode = Peer [test-37] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -1355,17 +1668,19 @@ [38-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [38-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-38] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -1380,12 +1695,13 @@ [39-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [39-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1406,17 +1722,18 @@ [40-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [40-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-40] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -1432,17 +1749,18 @@ [41-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [41-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-41] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -1458,16 +1776,17 @@ [42-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [42-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-42] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -1483,13 +1802,13 @@ [43-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [43-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1509,19 +1828,18 @@ [44-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [44-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-44] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1536,19 +1854,18 @@ [45-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [45-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-45] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1563,19 +1880,17 @@ [46-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [46-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-46] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1590,18 +1905,18 @@ [47-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [47-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-47] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1616,19 +1931,18 @@ [48-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [48-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-48] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1643,19 +1957,17 @@ [49-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [49-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-49] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1670,19 +1982,18 @@ [50-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [50-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-50] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1697,18 +2008,17 @@ [51-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [51-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-51] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1723,8 +2033,7 @@ [52-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [52-version-negotiation-client] @@ -1734,8 +2043,7 @@ VerifyMode = Peer [test-52] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1750,8 +2058,7 @@ [53-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [53-version-negotiation-client] @@ -1761,7 +2068,7 @@ VerifyMode = Peer [test-53] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -1777,7 +2084,7 @@ [54-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [54-version-negotiation-client] @@ -1804,7 +2111,6 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [55-version-negotiation-client] @@ -1814,7 +2120,8 @@ VerifyMode = Peer [test-55] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -1829,7 +2136,7 @@ [56-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [56-version-negotiation-client] @@ -1839,7 +2146,8 @@ VerifyMode = Peer [test-56] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -1854,17 +2162,17 @@ [57-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [57-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-57] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -1879,18 +2187,18 @@ [58-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = SSLv3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [58-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-58] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1905,17 +2213,18 @@ [59-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [59-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-59] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -1931,17 +2240,18 @@ [60-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [60-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-60] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -1957,16 +2267,18 @@ [61-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [61-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-61] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -1982,18 +2294,19 @@ [62-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.3 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [62-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-62] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -2008,18 +2321,17 @@ [63-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [63-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-63] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -2035,18 +2347,18 @@ [64-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [64-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-64] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -2062,18 +2374,18 @@ [65-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [65-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-65] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -2089,17 +2401,18 @@ [66-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [66-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-66] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -2115,18 +2428,18 @@ [67-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.3 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [67-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-67] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -2142,13 +2455,12 @@ [68-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [68-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -2169,18 +2481,18 @@ [69-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [69-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-69] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -2196,17 +2508,18 @@ [70-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [70-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-70] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -2222,13 +2535,13 @@ [71-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [71-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -2249,18 +2562,17 @@ [72-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [72-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-72] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -2276,18 +2588,18 @@ [73-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [73-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-73] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -2302,19 +2614,18 @@ [74-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [74-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-74] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -2334,13 +2645,12 @@ [75-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-75] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -2355,11 +2665,13 @@ [76-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [76-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -2379,17 +2691,17 @@ [77-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [77-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-77] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -2404,17 +2716,17 @@ [78-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [78-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-78] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -2429,16 +2741,17 @@ [79-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [79-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-79] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -2454,15 +2767,17 @@ [80-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [80-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-80] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -2478,17 +2793,18 @@ [81-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [81-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-81] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -2503,17 +2819,17 @@ [82-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [82-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-82] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -2529,17 +2845,16 @@ [83-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [83-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-83] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -2555,18 +2870,18 @@ [84-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [84-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-84] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -2581,16 +2896,18 @@ [85-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [85-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-85] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -2606,17 +2923,18 @@ [86-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [86-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-86] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -2632,17 +2950,18 @@ [87-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [87-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-87] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -2658,12 +2977,13 @@ [88-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [88-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -2684,11 +3004,12 @@ [89-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [89-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -2709,17 +3030,18 @@ [90-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [90-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-90] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -2735,17 +3057,18 @@ [91-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [91-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-91] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -2761,11 +3084,13 @@ [92-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [92-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -2786,12 +3111,13 @@ [93-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [93-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -2812,11 +3138,12 @@ [94-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [94-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -2837,18 +3164,19 @@ [95-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [95-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-95] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -2863,18 +3191,19 @@ [96-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [96-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-96] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -2889,18 +3218,19 @@ [97-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [97-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-97] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -2915,18 +3245,18 @@ [98-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [98-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-98] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -2941,17 +3271,19 @@ [99-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [99-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-99] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -2966,19 +3298,19 @@ [100-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [100-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-100] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -2993,19 +3325,18 @@ [101-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [101-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-101] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -3020,19 +3351,18 @@ [102-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [102-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-102] -ExpectedResult = InternalError +ExpectedResult = ServerFail # =========================================================== @@ -3047,19 +3377,17 @@ [103-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [103-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-103] -ExpectedResult = InternalError +ExpectedResult = ServerFail # =========================================================== @@ -3074,18 +3402,17 @@ [104-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [104-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-104] -ExpectedResult = InternalError +ExpectedResult = ServerFail # =========================================================== @@ -3101,18 +3428,17 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [105-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-105] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -3128,18 +3454,17 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [106-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-106] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -3155,18 +3480,17 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [107-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-107] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -3181,18 +3505,18 @@ [108-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [108-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-108] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -3207,19 +3531,17 @@ [109-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [109-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-109] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -3234,19 +3556,18 @@ [110-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MaxProtocol = SSLv3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [110-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-110] -ExpectedResult = InternalError +ExpectedResult = ServerFail # =========================================================== @@ -3261,18 +3582,19 @@ [111-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [111-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-111] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -3287,19 +3609,19 @@ [112-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [112-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-112] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -3314,18 +3636,19 @@ [113-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [113-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-113] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -3340,18 +3663,19 @@ [114-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [114-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-114] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -3366,18 +3690,17 @@ [115-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [115-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-115] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -3393,13 +3716,13 @@ [116-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [116-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -3420,18 +3743,18 @@ [117-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [117-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-117] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -3447,17 +3770,18 @@ [118-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [118-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-118] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -3473,19 +3797,19 @@ [119-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [119-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-119] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -3500,19 +3824,17 @@ [120-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [120-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-120] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -3529,18 +3851,17 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [121-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-121] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -3557,18 +3878,17 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [122-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-122] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -3584,18 +3904,18 @@ [123-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [123-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-123] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -3611,19 +3931,17 @@ [124-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [124-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-124] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -3639,19 +3957,18 @@ [125-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [125-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-125] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -3667,19 +3984,18 @@ [126-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [126-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-126] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -3695,18 +4011,17 @@ [127-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [127-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-127] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -3722,19 +4037,19 @@ [128-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [128-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-128] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -3749,19 +4064,18 @@ [129-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [129-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-129] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -3776,13 +4090,11 @@ [130-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [130-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -3802,19 +4114,17 @@ [131-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [131-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-131] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -3829,18 +4139,17 @@ [132-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [132-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-132] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -3855,18 +4164,17 @@ [133-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [133-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-133] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -3881,18 +4189,16 @@ [134-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [134-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-134] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -3908,18 +4214,15 @@ [135-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [135-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-135] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -3935,19 +4238,17 @@ [136-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [136-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-136] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -3962,17 +4263,17 @@ [137-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [137-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-137] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -3988,19 +4289,18 @@ [138-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.1 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [138-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-138] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -4015,19 +4315,17 @@ [139-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.2 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [139-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-139] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -4043,19 +4341,17 @@ [140-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [140-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-140] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -4071,19 +4367,16 @@ [141-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [141-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-141] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -4099,18 +4392,17 @@ [142-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [142-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-142] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -4126,19 +4418,17 @@ [143-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [143-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-143] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -4154,19 +4444,17 @@ [144-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.2 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [144-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-144] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -4182,19 +4470,17 @@ [145-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [145-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-145] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -4215,13 +4501,11 @@ [146-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-146] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -4243,8 +4527,6 @@ [147-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -4271,13 +4553,11 @@ [148-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-148] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -4293,18 +4573,17 @@ [149-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [149-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-149] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -4320,19 +4599,17 @@ [150-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [150-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-150] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -4347,18 +4624,18 @@ [151-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [151-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-151] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -4373,18 +4650,18 @@ [152-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [152-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-152] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -4399,18 +4676,16 @@ [153-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [153-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-153] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -4426,18 +4701,17 @@ [154-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [154-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-154] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -4453,18 +4727,16 @@ [155-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [155-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-155] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -4480,18 +4752,18 @@ [156-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [156-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-156] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -4506,19 +4778,18 @@ [157-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [157-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-157] -ExpectedResult = ServerFail +ExpectedResult = InternalError # =========================================================== @@ -4533,20 +4804,18 @@ [158-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [158-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-158] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -4561,20 +4830,18 @@ [159-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [159-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-159] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -4589,20 +4856,18 @@ [160-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [160-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-160] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -4617,19 +4882,17 @@ [161-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [161-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-161] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -4644,20 +4907,19 @@ [162-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MaxProtocol = SSLv3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [162-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-162] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -4672,20 +4934,19 @@ [163-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [163-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-163] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -4700,20 +4961,19 @@ [164-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [164-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-164] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -4728,19 +4988,19 @@ [165-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [165-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-165] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -4755,20 +5015,19 @@ [166-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [166-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-166] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -4783,20 +5042,18 @@ [167-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [167-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-167] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -4811,19 +5068,19 @@ [168-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [168-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-168] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -4838,20 +5095,19 @@ [169-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [169-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-169] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -4866,19 +5122,19 @@ [170-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [170-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-170] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -4893,17 +5149,19 @@ [171-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [171-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-171] -ExpectedResult = ServerFail +ExpectedResult = InternalError # =========================================================== @@ -4918,18 +5176,18 @@ [172-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [172-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-172] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -4945,17 +5203,18 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [173-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-173] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -4971,17 +5230,18 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [174-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-174] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -4996,17 +5256,19 @@ [175-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [175-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-175] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -5021,18 +5283,18 @@ [176-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [176-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-176] -ExpectedResult = ServerFail +ExpectedResult = InternalError # =========================================================== @@ -5047,19 +5309,19 @@ [177-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [177-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-177] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -5074,19 +5336,19 @@ [178-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [178-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-178] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -5101,19 +5363,18 @@ [179-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [179-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-179] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -5128,18 +5389,19 @@ [180-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [180-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-180] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -5154,19 +5416,18 @@ [181-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [181-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-181] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = InternalError # =========================================================== @@ -5181,19 +5442,18 @@ [182-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [182-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-182] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -5208,18 +5468,18 @@ [183-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [183-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-183] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -5235,17 +5495,18 @@ [184-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [184-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-184] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -5261,18 +5522,18 @@ [185-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [185-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-185] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -5288,18 +5549,18 @@ [186-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [186-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-186] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -5315,17 +5576,17 @@ [187-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [187-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-187] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -5341,19 +5602,19 @@ [188-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = SSLv3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [188-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-188] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -5368,17 +5629,19 @@ [189-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [189-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-189] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -5394,18 +5657,20 @@ [190-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [190-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-190] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -5420,13 +5685,14 @@ [191-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [191-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5447,13 +5713,14 @@ [192-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [192-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5474,13 +5741,13 @@ [193-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [193-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5501,12 +5768,14 @@ [194-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [194-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5527,19 +5796,20 @@ [195-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [195-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-195] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -5554,14 +5824,14 @@ [196-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [196-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5582,14 +5852,14 @@ [197-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [197-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5610,14 +5880,13 @@ [198-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [198-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5638,19 +5907,19 @@ [199-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [199-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-199] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -5665,20 +5934,19 @@ [200-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [200-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-200] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -5693,20 +5961,19 @@ [201-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [201-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-201] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -5721,20 +5988,18 @@ [202-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [202-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-202] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -5749,19 +6014,19 @@ [203-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [203-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-203] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -5776,14 +6041,14 @@ [204-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [204-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5803,14 +6068,13 @@ [205-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [205-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5830,13 +6094,14 @@ [206-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [206-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5856,14 +6121,13 @@ [207-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [207-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5883,13 +6147,13 @@ [208-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [208-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5909,18 +6173,19 @@ [209-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [209-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-209] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -5935,18 +6200,18 @@ [210-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [210-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-210] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -5962,13 +6227,13 @@ [211-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [211-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5989,13 +6254,13 @@ [212-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [212-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6021,7 +6286,7 @@ [213-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6049,7 +6314,7 @@ [214-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6076,7 +6341,7 @@ [215-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6104,7 +6369,7 @@ [216-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6132,7 +6397,7 @@ [217-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6153,13 +6418,14 @@ [218-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [218-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6180,19 +6446,18 @@ [219-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [219-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-219] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -6208,19 +6473,19 @@ [220-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [220-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-220] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -6236,14 +6501,14 @@ [221-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [221-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6264,13 +6529,14 @@ [222-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [222-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6291,14 +6557,14 @@ [223-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [223-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6319,14 +6585,13 @@ [224-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [224-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6347,13 +6612,14 @@ [225-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.1 MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [225-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6375,18 +6641,19 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [226-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-226] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -6401,18 +6668,20 @@ [227-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [227-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-227] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -6427,18 +6696,19 @@ [228-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [228-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-228] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -6453,19 +6723,19 @@ [229-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [229-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-229] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -6480,19 +6750,19 @@ [230-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [230-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-230] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -6507,19 +6777,18 @@ [231-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [231-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-231] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -6534,18 +6803,19 @@ [232-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [232-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-232] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -6560,14 +6830,13 @@ [233-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [233-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6587,20 +6856,18 @@ [234-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [234-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-234] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -6615,19 +6882,18 @@ [235-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [235-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-235] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -6643,19 +6909,18 @@ [236-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [236-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-236] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -6671,13 +6936,13 @@ [237-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [237-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6698,19 +6963,18 @@ [238-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [238-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-238] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -6726,19 +6990,17 @@ [239-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [239-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-239] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -6754,20 +7016,19 @@ [240-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = SSLv3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [240-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-240] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -6782,18 +7043,19 @@ [241-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [241-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-241] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -6810,13 +7072,13 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [242-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6838,13 +7100,13 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [243-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6865,13 +7127,14 @@ [244-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [244-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6892,14 +7155,13 @@ [245-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [245-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6920,18 +7182,19 @@ [246-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [246-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-246] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -6947,17 +7210,20 @@ [247-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [247-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-247] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -6972,17 +7238,19 @@ [248-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [248-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-248] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -6998,17 +7266,19 @@ [249-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [249-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-249] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -7024,12 +7294,13 @@ [250-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [250-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -7050,16 +7321,19 @@ [251-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [251-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-251] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -7075,18 +7349,20 @@ [252-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [252-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-252] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -7101,18 +7377,19 @@ [253-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [253-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-253] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -7128,18 +7405,18 @@ [254-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [254-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-254] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -7156,12 +7433,13 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [255-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -7182,12 +7460,14 @@ [256-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [256-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -7208,18 +7488,18 @@ [257-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [257-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-257] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -7235,19 +7515,19 @@ [258-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [258-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-258] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -7262,19 +7542,18 @@ [259-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [259-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-259] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -7289,18 +7568,18 @@ [260-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [260-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-260] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -7315,18 +7594,18 @@ [261-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [261-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-261] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -7342,18 +7621,18 @@ [262-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [262-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-262] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -7369,12 +7648,13 @@ [263-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [263-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -7395,18 +7675,18 @@ [264-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [264-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-264] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -7422,17 +7702,17 @@ [265-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [265-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-265] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -7449,12 +7729,13 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = SSLv3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [266-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -7475,17 +7756,19 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [267-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-267] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -7501,12 +7784,13 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [268-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -7528,17 +7812,18 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [269-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-269] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -7554,17 +7839,19 @@ [270-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [270-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-270] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -7580,19 +7867,19 @@ [271-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [271-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-271] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -7608,18 +7895,19 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [272-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-272] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -7635,13 +7923,13 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [273-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -7663,18 +7951,18 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [274-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-274] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -7690,18 +7978,19 @@ [275-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [275-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-275] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -7717,19 +8006,19 @@ [276-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [276-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-276] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -7745,13 +8034,13 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [277-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -7773,18 +8062,18 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [278-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-278] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -7800,18 +8089,19 @@ [279-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [279-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-279] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -7827,19 +8117,18 @@ [280-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [280-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-280] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -7856,18 +8145,18 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [281-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-281] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -7883,18 +8172,19 @@ [282-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [282-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-282] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -7910,19 +8200,19 @@ [283-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [283-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-283] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -7937,18 +8227,20 @@ [284-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [284-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-284] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -7963,18 +8255,19 @@ [285-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [285-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-285] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -7989,18 +8282,17 @@ [286-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [286-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-286] -ExpectedResult = ClientFail +ExpectedResult = ServerFail # =========================================================== @@ -8015,18 +8307,17 @@ [287-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [287-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-287] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -8042,18 +8333,17 @@ [288-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [288-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-288] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -8069,12 +8359,12 @@ [289-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [289-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -8095,19 +8385,18 @@ [290-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [290-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-290] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -8122,19 +8411,17 @@ [291-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [291-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-291] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -8149,20 +8436,18 @@ [292-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = SSLv3 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [292-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-292] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -8177,19 +8462,18 @@ [293-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [293-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-293] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -8205,18 +8489,18 @@ [294-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.1 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [294-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-294] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -8232,19 +8516,19 @@ [295-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [295-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-295] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -8259,19 +8543,18 @@ [296-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [296-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-296] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -8287,19 +8570,17 @@ [297-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [297-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-297] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -8315,18 +8596,18 @@ [298-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [298-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-298] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -8343,13 +8624,12 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [299-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -8371,13 +8651,12 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [300-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -8398,18 +8677,18 @@ [301-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [301-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-301] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -8425,19 +8704,17 @@ [302-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [302-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-302] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -8453,18 +8730,18 @@ [303-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [303-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-303] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -8480,17 +8757,19 @@ [304-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [304-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-304] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -8505,17 +8784,19 @@ [305-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [305-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-305] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -8530,17 +8811,17 @@ [306-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [306-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-306] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -8557,11 +8838,12 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [307-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -8582,16 +8864,18 @@ [308-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [308-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-308] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -8607,18 +8891,18 @@ [309-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [309-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-309] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -8633,18 +8917,19 @@ [310-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [310-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-310] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -8659,18 +8944,17 @@ [311-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [311-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-311] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -8686,19 +8970,18 @@ [312-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [312-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-312] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -8713,17 +8996,18 @@ [313-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [313-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-313] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -8739,18 +9023,19 @@ [314-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [314-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-314] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -8765,18 +9050,18 @@ [315-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [315-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-315] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -8792,18 +9077,18 @@ [316-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [316-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-316] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -8819,17 +9104,17 @@ [317-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [317-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-317] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -8845,19 +9130,19 @@ [318-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = SSLv3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [318-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-318] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -8872,18 +9157,19 @@ [319-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [319-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-319] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -8899,17 +9185,19 @@ [320-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [320-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-320] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -8926,17 +9214,18 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [321-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-321] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -8952,17 +9241,19 @@ [322-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [322-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-322] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -8978,18 +9269,19 @@ [323-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [323-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-323] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -9005,17 +9297,19 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [324-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-324] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -9031,17 +9325,19 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [325-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-325] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -9057,17 +9353,18 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [326-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-326] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -9083,17 +9380,19 @@ [327-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [327-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-327] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -9109,19 +9408,19 @@ [328-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [328-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-328] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -9136,19 +9435,19 @@ [329-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [329-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-329] -ExpectedResult = ClientFail +ExpectedResult = ServerFail # =========================================================== @@ -9163,19 +9462,19 @@ [330-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [330-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-330] -ExpectedResult = ClientFail +ExpectedResult = ServerFail # =========================================================== @@ -9190,20 +9489,19 @@ [331-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [331-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-331] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -9218,19 +9516,18 @@ [332-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [332-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-332] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -9245,19 +9542,19 @@ [333-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [333-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-333] -ExpectedResult = ClientFail +ExpectedResult = ServerFail # =========================================================== @@ -9272,19 +9569,19 @@ [334-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [334-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-334] -ExpectedResult = ClientFail +ExpectedResult = ServerFail # =========================================================== @@ -9299,20 +9596,18 @@ [335-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [335-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-335] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -9327,19 +9622,19 @@ [336-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [336-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-336] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -9354,19 +9649,18 @@ [337-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [337-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-337] -ExpectedResult = ClientFail +ExpectedResult = ServerFail # =========================================================== @@ -9381,20 +9675,18 @@ [338-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [338-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-338] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -9409,18 +9701,18 @@ [339-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [339-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-339] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -9436,19 +9728,18 @@ [340-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [340-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-340] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -9464,18 +9755,18 @@ [341-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [341-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-341] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -9491,17 +9782,19 @@ [342-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [342-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-342] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -9516,17 +9809,18 @@ [343-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [343-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-343] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -9541,17 +9835,19 @@ [344-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = SSLv3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [344-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-344] -ExpectedResult = ClientFail +ExpectedResult = ServerFail # =========================================================== @@ -9566,17 +9862,19 @@ [345-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [345-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-345] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -9592,16 +9890,19 @@ [346-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [346-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-346] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -9617,18 +9918,20 @@ [347-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.2 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [347-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-347] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -9643,18 +9946,20 @@ [348-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.3 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [348-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-348] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -9669,18 +9974,19 @@ [349-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [349-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-349] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -9695,18 +10001,19 @@ [350-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [350-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-350] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -9722,17 +10029,19 @@ [351-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [351-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-351] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -9748,18 +10057,20 @@ [352-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.2 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [352-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-352] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -9774,18 +10085,20 @@ [353-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [353-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-353] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -9800,18 +10113,18 @@ [354-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [354-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-354] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -9827,17 +10140,19 @@ [355-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [355-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-355] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -9853,18 +10168,20 @@ [356-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.2 MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [356-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-356] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -9879,18 +10196,19 @@ [357-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [357-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-357] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -9911,12 +10229,13 @@ [358-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-358] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -9938,13 +10257,13 @@ [359-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-359] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -9959,17 +10278,8493 @@ [360-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [360-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-360] +ExpectedResult = ServerFail + + +# =========================================================== + +[361-version-negotiation] +ssl_conf = 361-version-negotiation-ssl + +[361-version-negotiation-ssl] +server = 361-version-negotiation-server +client = 361-version-negotiation-client + +[361-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[361-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-361] +ExpectedResult = ServerFail + + +# =========================================================== + +[362-version-negotiation] +ssl_conf = 362-version-negotiation-ssl + +[362-version-negotiation-ssl] +server = 362-version-negotiation-server +client = 362-version-negotiation-client + +[362-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[362-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-362] +ExpectedResult = ServerFail + + +# =========================================================== + +[363-version-negotiation] +ssl_conf = 363-version-negotiation-ssl + +[363-version-negotiation-ssl] +server = 363-version-negotiation-server +client = 363-version-negotiation-client + +[363-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[363-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-363] +ExpectedResult = ServerFail + + +# =========================================================== + +[364-version-negotiation] +ssl_conf = 364-version-negotiation-ssl + +[364-version-negotiation-ssl] +server = 364-version-negotiation-server +client = 364-version-negotiation-client + +[364-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[364-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-364] +ExpectedResult = ServerFail + + +# =========================================================== + +[365-version-negotiation] +ssl_conf = 365-version-negotiation-ssl + +[365-version-negotiation-ssl] +server = 365-version-negotiation-server +client = 365-version-negotiation-client + +[365-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[365-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-365] +ExpectedProtocol = TLSv1 +ExpectedResult = Success + + +# =========================================================== + +[366-version-negotiation] +ssl_conf = 366-version-negotiation-ssl + +[366-version-negotiation-ssl] +server = 366-version-negotiation-server +client = 366-version-negotiation-client + +[366-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[366-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-366] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[367-version-negotiation] +ssl_conf = 367-version-negotiation-ssl + +[367-version-negotiation-ssl] +server = 367-version-negotiation-server +client = 367-version-negotiation-client + +[367-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[367-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-367] ExpectedProtocol = TLSv1.2 ExpectedResult = Success +# =========================================================== + +[368-version-negotiation] +ssl_conf = 368-version-negotiation-ssl + +[368-version-negotiation-ssl] +server = 368-version-negotiation-server +client = 368-version-negotiation-client + +[368-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[368-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-368] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[369-version-negotiation] +ssl_conf = 369-version-negotiation-ssl + +[369-version-negotiation-ssl] +server = 369-version-negotiation-server +client = 369-version-negotiation-client + +[369-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[369-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-369] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[370-version-negotiation] +ssl_conf = 370-version-negotiation-ssl + +[370-version-negotiation-ssl] +server = 370-version-negotiation-server +client = 370-version-negotiation-client + +[370-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[370-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-370] +ExpectedResult = ServerFail + + +# =========================================================== + +[371-version-negotiation] +ssl_conf = 371-version-negotiation-ssl + +[371-version-negotiation-ssl] +server = 371-version-negotiation-server +client = 371-version-negotiation-client + +[371-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[371-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-371] +ExpectedProtocol = TLSv1 +ExpectedResult = Success + + +# =========================================================== + +[372-version-negotiation] +ssl_conf = 372-version-negotiation-ssl + +[372-version-negotiation-ssl] +server = 372-version-negotiation-server +client = 372-version-negotiation-client + +[372-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[372-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-372] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[373-version-negotiation] +ssl_conf = 373-version-negotiation-ssl + +[373-version-negotiation-ssl] +server = 373-version-negotiation-server +client = 373-version-negotiation-client + +[373-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[373-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-373] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[374-version-negotiation] +ssl_conf = 374-version-negotiation-ssl + +[374-version-negotiation-ssl] +server = 374-version-negotiation-server +client = 374-version-negotiation-client + +[374-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[374-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-374] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[375-version-negotiation] +ssl_conf = 375-version-negotiation-ssl + +[375-version-negotiation-ssl] +server = 375-version-negotiation-server +client = 375-version-negotiation-client + +[375-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[375-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-375] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[376-version-negotiation] +ssl_conf = 376-version-negotiation-ssl + +[376-version-negotiation-ssl] +server = 376-version-negotiation-server +client = 376-version-negotiation-client + +[376-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[376-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-376] +ExpectedProtocol = TLSv1 +ExpectedResult = Success + + +# =========================================================== + +[377-version-negotiation] +ssl_conf = 377-version-negotiation-ssl + +[377-version-negotiation-ssl] +server = 377-version-negotiation-server +client = 377-version-negotiation-client + +[377-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[377-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-377] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[378-version-negotiation] +ssl_conf = 378-version-negotiation-ssl + +[378-version-negotiation-ssl] +server = 378-version-negotiation-server +client = 378-version-negotiation-client + +[378-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[378-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-378] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[379-version-negotiation] +ssl_conf = 379-version-negotiation-ssl + +[379-version-negotiation-ssl] +server = 379-version-negotiation-server +client = 379-version-negotiation-client + +[379-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[379-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-379] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[380-version-negotiation] +ssl_conf = 380-version-negotiation-ssl + +[380-version-negotiation-ssl] +server = 380-version-negotiation-server +client = 380-version-negotiation-client + +[380-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[380-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-380] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[381-version-negotiation] +ssl_conf = 381-version-negotiation-ssl + +[381-version-negotiation-ssl] +server = 381-version-negotiation-server +client = 381-version-negotiation-client + +[381-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[381-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-381] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[382-version-negotiation] +ssl_conf = 382-version-negotiation-ssl + +[382-version-negotiation-ssl] +server = 382-version-negotiation-server +client = 382-version-negotiation-client + +[382-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[382-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-382] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[383-version-negotiation] +ssl_conf = 383-version-negotiation-ssl + +[383-version-negotiation-ssl] +server = 383-version-negotiation-server +client = 383-version-negotiation-client + +[383-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[383-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-383] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[384-version-negotiation] +ssl_conf = 384-version-negotiation-ssl + +[384-version-negotiation-ssl] +server = 384-version-negotiation-server +client = 384-version-negotiation-client + +[384-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[384-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-384] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[385-version-negotiation] +ssl_conf = 385-version-negotiation-ssl + +[385-version-negotiation-ssl] +server = 385-version-negotiation-server +client = 385-version-negotiation-client + +[385-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[385-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-385] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[386-version-negotiation] +ssl_conf = 386-version-negotiation-ssl + +[386-version-negotiation-ssl] +server = 386-version-negotiation-server +client = 386-version-negotiation-client + +[386-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[386-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-386] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[387-version-negotiation] +ssl_conf = 387-version-negotiation-ssl + +[387-version-negotiation-ssl] +server = 387-version-negotiation-server +client = 387-version-negotiation-client + +[387-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[387-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-387] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[388-version-negotiation] +ssl_conf = 388-version-negotiation-ssl + +[388-version-negotiation-ssl] +server = 388-version-negotiation-server +client = 388-version-negotiation-client + +[388-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[388-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-388] +ExpectedResult = ServerFail + + +# =========================================================== + +[389-version-negotiation] +ssl_conf = 389-version-negotiation-ssl + +[389-version-negotiation-ssl] +server = 389-version-negotiation-server +client = 389-version-negotiation-client + +[389-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[389-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-389] +ExpectedResult = ServerFail + + +# =========================================================== + +[390-version-negotiation] +ssl_conf = 390-version-negotiation-ssl + +[390-version-negotiation-ssl] +server = 390-version-negotiation-server +client = 390-version-negotiation-client + +[390-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[390-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-390] +ExpectedResult = ServerFail + + +# =========================================================== + +[391-version-negotiation] +ssl_conf = 391-version-negotiation-ssl + +[391-version-negotiation-ssl] +server = 391-version-negotiation-server +client = 391-version-negotiation-client + +[391-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[391-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-391] +ExpectedProtocol = TLSv1 +ExpectedResult = Success + + +# =========================================================== + +[392-version-negotiation] +ssl_conf = 392-version-negotiation-ssl + +[392-version-negotiation-ssl] +server = 392-version-negotiation-server +client = 392-version-negotiation-client + +[392-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[392-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-392] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[393-version-negotiation] +ssl_conf = 393-version-negotiation-ssl + +[393-version-negotiation-ssl] +server = 393-version-negotiation-server +client = 393-version-negotiation-client + +[393-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[393-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-393] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[394-version-negotiation] +ssl_conf = 394-version-negotiation-ssl + +[394-version-negotiation-ssl] +server = 394-version-negotiation-server +client = 394-version-negotiation-client + +[394-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[394-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-394] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[395-version-negotiation] +ssl_conf = 395-version-negotiation-ssl + +[395-version-negotiation-ssl] +server = 395-version-negotiation-server +client = 395-version-negotiation-client + +[395-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[395-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-395] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[396-version-negotiation] +ssl_conf = 396-version-negotiation-ssl + +[396-version-negotiation-ssl] +server = 396-version-negotiation-server +client = 396-version-negotiation-client + +[396-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[396-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-396] +ExpectedResult = ServerFail + + +# =========================================================== + +[397-version-negotiation] +ssl_conf = 397-version-negotiation-ssl + +[397-version-negotiation-ssl] +server = 397-version-negotiation-server +client = 397-version-negotiation-client + +[397-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[397-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-397] +ExpectedProtocol = TLSv1 +ExpectedResult = Success + + +# =========================================================== + +[398-version-negotiation] +ssl_conf = 398-version-negotiation-ssl + +[398-version-negotiation-ssl] +server = 398-version-negotiation-server +client = 398-version-negotiation-client + +[398-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[398-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-398] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[399-version-negotiation] +ssl_conf = 399-version-negotiation-ssl + +[399-version-negotiation-ssl] +server = 399-version-negotiation-server +client = 399-version-negotiation-client + +[399-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[399-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-399] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[400-version-negotiation] +ssl_conf = 400-version-negotiation-ssl + +[400-version-negotiation-ssl] +server = 400-version-negotiation-server +client = 400-version-negotiation-client + +[400-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[400-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-400] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[401-version-negotiation] +ssl_conf = 401-version-negotiation-ssl + +[401-version-negotiation-ssl] +server = 401-version-negotiation-server +client = 401-version-negotiation-client + +[401-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[401-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-401] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[402-version-negotiation] +ssl_conf = 402-version-negotiation-ssl + +[402-version-negotiation-ssl] +server = 402-version-negotiation-server +client = 402-version-negotiation-client + +[402-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[402-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-402] +ExpectedProtocol = TLSv1 +ExpectedResult = Success + + +# =========================================================== + +[403-version-negotiation] +ssl_conf = 403-version-negotiation-ssl + +[403-version-negotiation-ssl] +server = 403-version-negotiation-server +client = 403-version-negotiation-client + +[403-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[403-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-403] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[404-version-negotiation] +ssl_conf = 404-version-negotiation-ssl + +[404-version-negotiation-ssl] +server = 404-version-negotiation-server +client = 404-version-negotiation-client + +[404-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[404-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-404] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[405-version-negotiation] +ssl_conf = 405-version-negotiation-ssl + +[405-version-negotiation-ssl] +server = 405-version-negotiation-server +client = 405-version-negotiation-client + +[405-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[405-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-405] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[406-version-negotiation] +ssl_conf = 406-version-negotiation-ssl + +[406-version-negotiation-ssl] +server = 406-version-negotiation-server +client = 406-version-negotiation-client + +[406-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[406-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-406] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[407-version-negotiation] +ssl_conf = 407-version-negotiation-ssl + +[407-version-negotiation-ssl] +server = 407-version-negotiation-server +client = 407-version-negotiation-client + +[407-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[407-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-407] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[408-version-negotiation] +ssl_conf = 408-version-negotiation-ssl + +[408-version-negotiation-ssl] +server = 408-version-negotiation-server +client = 408-version-negotiation-client + +[408-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[408-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-408] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[409-version-negotiation] +ssl_conf = 409-version-negotiation-ssl + +[409-version-negotiation-ssl] +server = 409-version-negotiation-server +client = 409-version-negotiation-client + +[409-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[409-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-409] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[410-version-negotiation] +ssl_conf = 410-version-negotiation-ssl + +[410-version-negotiation-ssl] +server = 410-version-negotiation-server +client = 410-version-negotiation-client + +[410-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[410-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-410] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[411-version-negotiation] +ssl_conf = 411-version-negotiation-ssl + +[411-version-negotiation-ssl] +server = 411-version-negotiation-server +client = 411-version-negotiation-client + +[411-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[411-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-411] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[412-version-negotiation] +ssl_conf = 412-version-negotiation-ssl + +[412-version-negotiation-ssl] +server = 412-version-negotiation-server +client = 412-version-negotiation-client + +[412-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[412-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-412] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[413-version-negotiation] +ssl_conf = 413-version-negotiation-ssl + +[413-version-negotiation-ssl] +server = 413-version-negotiation-server +client = 413-version-negotiation-client + +[413-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[413-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-413] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[414-version-negotiation] +ssl_conf = 414-version-negotiation-ssl + +[414-version-negotiation-ssl] +server = 414-version-negotiation-server +client = 414-version-negotiation-client + +[414-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[414-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-414] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[415-version-negotiation] +ssl_conf = 415-version-negotiation-ssl + +[415-version-negotiation-ssl] +server = 415-version-negotiation-server +client = 415-version-negotiation-client + +[415-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[415-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-415] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[416-version-negotiation] +ssl_conf = 416-version-negotiation-ssl + +[416-version-negotiation-ssl] +server = 416-version-negotiation-server +client = 416-version-negotiation-client + +[416-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[416-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-416] +ExpectedResult = ServerFail + + +# =========================================================== + +[417-version-negotiation] +ssl_conf = 417-version-negotiation-ssl + +[417-version-negotiation-ssl] +server = 417-version-negotiation-server +client = 417-version-negotiation-client + +[417-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[417-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-417] +ExpectedProtocol = TLSv1 +ExpectedResult = Success + + +# =========================================================== + +[418-version-negotiation] +ssl_conf = 418-version-negotiation-ssl + +[418-version-negotiation-ssl] +server = 418-version-negotiation-server +client = 418-version-negotiation-client + +[418-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[418-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-418] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[419-version-negotiation] +ssl_conf = 419-version-negotiation-ssl + +[419-version-negotiation-ssl] +server = 419-version-negotiation-server +client = 419-version-negotiation-client + +[419-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[419-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-419] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[420-version-negotiation] +ssl_conf = 420-version-negotiation-ssl + +[420-version-negotiation-ssl] +server = 420-version-negotiation-server +client = 420-version-negotiation-client + +[420-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[420-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-420] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[421-version-negotiation] +ssl_conf = 421-version-negotiation-ssl + +[421-version-negotiation-ssl] +server = 421-version-negotiation-server +client = 421-version-negotiation-client + +[421-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[421-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-421] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[422-version-negotiation] +ssl_conf = 422-version-negotiation-ssl + +[422-version-negotiation-ssl] +server = 422-version-negotiation-server +client = 422-version-negotiation-client + +[422-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[422-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-422] +ExpectedResult = ServerFail + + +# =========================================================== + +[423-version-negotiation] +ssl_conf = 423-version-negotiation-ssl + +[423-version-negotiation-ssl] +server = 423-version-negotiation-server +client = 423-version-negotiation-client + +[423-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[423-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-423] +ExpectedProtocol = TLSv1 +ExpectedResult = Success + + +# =========================================================== + +[424-version-negotiation] +ssl_conf = 424-version-negotiation-ssl + +[424-version-negotiation-ssl] +server = 424-version-negotiation-server +client = 424-version-negotiation-client + +[424-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[424-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-424] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[425-version-negotiation] +ssl_conf = 425-version-negotiation-ssl + +[425-version-negotiation-ssl] +server = 425-version-negotiation-server +client = 425-version-negotiation-client + +[425-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[425-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-425] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[426-version-negotiation] +ssl_conf = 426-version-negotiation-ssl + +[426-version-negotiation-ssl] +server = 426-version-negotiation-server +client = 426-version-negotiation-client + +[426-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[426-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-426] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[427-version-negotiation] +ssl_conf = 427-version-negotiation-ssl + +[427-version-negotiation-ssl] +server = 427-version-negotiation-server +client = 427-version-negotiation-client + +[427-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[427-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-427] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[428-version-negotiation] +ssl_conf = 428-version-negotiation-ssl + +[428-version-negotiation-ssl] +server = 428-version-negotiation-server +client = 428-version-negotiation-client + +[428-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[428-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-428] +ExpectedProtocol = TLSv1 +ExpectedResult = Success + + +# =========================================================== + +[429-version-negotiation] +ssl_conf = 429-version-negotiation-ssl + +[429-version-negotiation-ssl] +server = 429-version-negotiation-server +client = 429-version-negotiation-client + +[429-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[429-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-429] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[430-version-negotiation] +ssl_conf = 430-version-negotiation-ssl + +[430-version-negotiation-ssl] +server = 430-version-negotiation-server +client = 430-version-negotiation-client + +[430-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[430-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-430] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[431-version-negotiation] +ssl_conf = 431-version-negotiation-ssl + +[431-version-negotiation-ssl] +server = 431-version-negotiation-server +client = 431-version-negotiation-client + +[431-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[431-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-431] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[432-version-negotiation] +ssl_conf = 432-version-negotiation-ssl + +[432-version-negotiation-ssl] +server = 432-version-negotiation-server +client = 432-version-negotiation-client + +[432-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[432-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-432] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[433-version-negotiation] +ssl_conf = 433-version-negotiation-ssl + +[433-version-negotiation-ssl] +server = 433-version-negotiation-server +client = 433-version-negotiation-client + +[433-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[433-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-433] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[434-version-negotiation] +ssl_conf = 434-version-negotiation-ssl + +[434-version-negotiation-ssl] +server = 434-version-negotiation-server +client = 434-version-negotiation-client + +[434-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[434-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-434] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[435-version-negotiation] +ssl_conf = 435-version-negotiation-ssl + +[435-version-negotiation-ssl] +server = 435-version-negotiation-server +client = 435-version-negotiation-client + +[435-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[435-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-435] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[436-version-negotiation] +ssl_conf = 436-version-negotiation-ssl + +[436-version-negotiation-ssl] +server = 436-version-negotiation-server +client = 436-version-negotiation-client + +[436-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[436-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-436] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[437-version-negotiation] +ssl_conf = 437-version-negotiation-ssl + +[437-version-negotiation-ssl] +server = 437-version-negotiation-server +client = 437-version-negotiation-client + +[437-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[437-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-437] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[438-version-negotiation] +ssl_conf = 438-version-negotiation-ssl + +[438-version-negotiation-ssl] +server = 438-version-negotiation-server +client = 438-version-negotiation-client + +[438-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[438-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-438] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[439-version-negotiation] +ssl_conf = 439-version-negotiation-ssl + +[439-version-negotiation-ssl] +server = 439-version-negotiation-server +client = 439-version-negotiation-client + +[439-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[439-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-439] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[440-version-negotiation] +ssl_conf = 440-version-negotiation-ssl + +[440-version-negotiation-ssl] +server = 440-version-negotiation-server +client = 440-version-negotiation-client + +[440-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[440-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-440] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[441-version-negotiation] +ssl_conf = 441-version-negotiation-ssl + +[441-version-negotiation-ssl] +server = 441-version-negotiation-server +client = 441-version-negotiation-client + +[441-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[441-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-441] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[442-version-negotiation] +ssl_conf = 442-version-negotiation-ssl + +[442-version-negotiation-ssl] +server = 442-version-negotiation-server +client = 442-version-negotiation-client + +[442-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[442-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-442] +ExpectedResult = ServerFail + + +# =========================================================== + +[443-version-negotiation] +ssl_conf = 443-version-negotiation-ssl + +[443-version-negotiation-ssl] +server = 443-version-negotiation-server +client = 443-version-negotiation-client + +[443-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[443-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-443] +ExpectedResult = ClientFail + + +# =========================================================== + +[444-version-negotiation] +ssl_conf = 444-version-negotiation-ssl + +[444-version-negotiation-ssl] +server = 444-version-negotiation-server +client = 444-version-negotiation-client + +[444-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[444-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-444] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[445-version-negotiation] +ssl_conf = 445-version-negotiation-ssl + +[445-version-negotiation-ssl] +server = 445-version-negotiation-server +client = 445-version-negotiation-client + +[445-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[445-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-445] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[446-version-negotiation] +ssl_conf = 446-version-negotiation-ssl + +[446-version-negotiation-ssl] +server = 446-version-negotiation-server +client = 446-version-negotiation-client + +[446-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[446-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-446] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[447-version-negotiation] +ssl_conf = 447-version-negotiation-ssl + +[447-version-negotiation-ssl] +server = 447-version-negotiation-server +client = 447-version-negotiation-client + +[447-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[447-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-447] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[448-version-negotiation] +ssl_conf = 448-version-negotiation-ssl + +[448-version-negotiation-ssl] +server = 448-version-negotiation-server +client = 448-version-negotiation-client + +[448-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[448-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-448] +ExpectedResult = ServerFail + + +# =========================================================== + +[449-version-negotiation] +ssl_conf = 449-version-negotiation-ssl + +[449-version-negotiation-ssl] +server = 449-version-negotiation-server +client = 449-version-negotiation-client + +[449-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[449-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-449] +ExpectedResult = ClientFail + + +# =========================================================== + +[450-version-negotiation] +ssl_conf = 450-version-negotiation-ssl + +[450-version-negotiation-ssl] +server = 450-version-negotiation-server +client = 450-version-negotiation-client + +[450-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[450-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-450] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[451-version-negotiation] +ssl_conf = 451-version-negotiation-ssl + +[451-version-negotiation-ssl] +server = 451-version-negotiation-server +client = 451-version-negotiation-client + +[451-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[451-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-451] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[452-version-negotiation] +ssl_conf = 452-version-negotiation-ssl + +[452-version-negotiation-ssl] +server = 452-version-negotiation-server +client = 452-version-negotiation-client + +[452-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[452-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-452] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[453-version-negotiation] +ssl_conf = 453-version-negotiation-ssl + +[453-version-negotiation-ssl] +server = 453-version-negotiation-server +client = 453-version-negotiation-client + +[453-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[453-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-453] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[454-version-negotiation] +ssl_conf = 454-version-negotiation-ssl + +[454-version-negotiation-ssl] +server = 454-version-negotiation-server +client = 454-version-negotiation-client + +[454-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[454-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-454] +ExpectedResult = ClientFail + + +# =========================================================== + +[455-version-negotiation] +ssl_conf = 455-version-negotiation-ssl + +[455-version-negotiation-ssl] +server = 455-version-negotiation-server +client = 455-version-negotiation-client + +[455-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[455-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-455] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[456-version-negotiation] +ssl_conf = 456-version-negotiation-ssl + +[456-version-negotiation-ssl] +server = 456-version-negotiation-server +client = 456-version-negotiation-client + +[456-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[456-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-456] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[457-version-negotiation] +ssl_conf = 457-version-negotiation-ssl + +[457-version-negotiation-ssl] +server = 457-version-negotiation-server +client = 457-version-negotiation-client + +[457-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[457-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-457] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[458-version-negotiation] +ssl_conf = 458-version-negotiation-ssl + +[458-version-negotiation-ssl] +server = 458-version-negotiation-server +client = 458-version-negotiation-client + +[458-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[458-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-458] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[459-version-negotiation] +ssl_conf = 459-version-negotiation-ssl + +[459-version-negotiation-ssl] +server = 459-version-negotiation-server +client = 459-version-negotiation-client + +[459-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[459-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-459] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[460-version-negotiation] +ssl_conf = 460-version-negotiation-ssl + +[460-version-negotiation-ssl] +server = 460-version-negotiation-server +client = 460-version-negotiation-client + +[460-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[460-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-460] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[461-version-negotiation] +ssl_conf = 461-version-negotiation-ssl + +[461-version-negotiation-ssl] +server = 461-version-negotiation-server +client = 461-version-negotiation-client + +[461-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[461-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-461] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[462-version-negotiation] +ssl_conf = 462-version-negotiation-ssl + +[462-version-negotiation-ssl] +server = 462-version-negotiation-server +client = 462-version-negotiation-client + +[462-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[462-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-462] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[463-version-negotiation] +ssl_conf = 463-version-negotiation-ssl + +[463-version-negotiation-ssl] +server = 463-version-negotiation-server +client = 463-version-negotiation-client + +[463-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[463-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-463] +ExpectedResult = ServerFail + + +# =========================================================== + +[464-version-negotiation] +ssl_conf = 464-version-negotiation-ssl + +[464-version-negotiation-ssl] +server = 464-version-negotiation-server +client = 464-version-negotiation-client + +[464-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[464-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-464] +ExpectedResult = ServerFail + + +# =========================================================== + +[465-version-negotiation] +ssl_conf = 465-version-negotiation-ssl + +[465-version-negotiation-ssl] +server = 465-version-negotiation-server +client = 465-version-negotiation-client + +[465-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[465-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-465] +ExpectedResult = ServerFail + + +# =========================================================== + +[466-version-negotiation] +ssl_conf = 466-version-negotiation-ssl + +[466-version-negotiation-ssl] +server = 466-version-negotiation-server +client = 466-version-negotiation-client + +[466-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[466-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-466] +ExpectedResult = ServerFail + + +# =========================================================== + +[467-version-negotiation] +ssl_conf = 467-version-negotiation-ssl + +[467-version-negotiation-ssl] +server = 467-version-negotiation-server +client = 467-version-negotiation-client + +[467-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[467-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-467] +ExpectedResult = ServerFail + + +# =========================================================== + +[468-version-negotiation] +ssl_conf = 468-version-negotiation-ssl + +[468-version-negotiation-ssl] +server = 468-version-negotiation-server +client = 468-version-negotiation-client + +[468-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[468-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-468] +ExpectedResult = ServerFail + + +# =========================================================== + +[469-version-negotiation] +ssl_conf = 469-version-negotiation-ssl + +[469-version-negotiation-ssl] +server = 469-version-negotiation-server +client = 469-version-negotiation-client + +[469-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[469-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-469] +ExpectedResult = ClientFail + + +# =========================================================== + +[470-version-negotiation] +ssl_conf = 470-version-negotiation-ssl + +[470-version-negotiation-ssl] +server = 470-version-negotiation-server +client = 470-version-negotiation-client + +[470-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[470-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-470] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[471-version-negotiation] +ssl_conf = 471-version-negotiation-ssl + +[471-version-negotiation-ssl] +server = 471-version-negotiation-server +client = 471-version-negotiation-client + +[471-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[471-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-471] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[472-version-negotiation] +ssl_conf = 472-version-negotiation-ssl + +[472-version-negotiation-ssl] +server = 472-version-negotiation-server +client = 472-version-negotiation-client + +[472-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[472-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-472] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[473-version-negotiation] +ssl_conf = 473-version-negotiation-ssl + +[473-version-negotiation-ssl] +server = 473-version-negotiation-server +client = 473-version-negotiation-client + +[473-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[473-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-473] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[474-version-negotiation] +ssl_conf = 474-version-negotiation-ssl + +[474-version-negotiation-ssl] +server = 474-version-negotiation-server +client = 474-version-negotiation-client + +[474-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[474-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-474] +ExpectedResult = ServerFail + + +# =========================================================== + +[475-version-negotiation] +ssl_conf = 475-version-negotiation-ssl + +[475-version-negotiation-ssl] +server = 475-version-negotiation-server +client = 475-version-negotiation-client + +[475-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[475-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-475] +ExpectedResult = ClientFail + + +# =========================================================== + +[476-version-negotiation] +ssl_conf = 476-version-negotiation-ssl + +[476-version-negotiation-ssl] +server = 476-version-negotiation-server +client = 476-version-negotiation-client + +[476-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[476-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-476] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[477-version-negotiation] +ssl_conf = 477-version-negotiation-ssl + +[477-version-negotiation-ssl] +server = 477-version-negotiation-server +client = 477-version-negotiation-client + +[477-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[477-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-477] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[478-version-negotiation] +ssl_conf = 478-version-negotiation-ssl + +[478-version-negotiation-ssl] +server = 478-version-negotiation-server +client = 478-version-negotiation-client + +[478-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[478-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-478] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[479-version-negotiation] +ssl_conf = 479-version-negotiation-ssl + +[479-version-negotiation-ssl] +server = 479-version-negotiation-server +client = 479-version-negotiation-client + +[479-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[479-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-479] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[480-version-negotiation] +ssl_conf = 480-version-negotiation-ssl + +[480-version-negotiation-ssl] +server = 480-version-negotiation-server +client = 480-version-negotiation-client + +[480-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[480-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-480] +ExpectedResult = ClientFail + + +# =========================================================== + +[481-version-negotiation] +ssl_conf = 481-version-negotiation-ssl + +[481-version-negotiation-ssl] +server = 481-version-negotiation-server +client = 481-version-negotiation-client + +[481-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[481-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-481] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[482-version-negotiation] +ssl_conf = 482-version-negotiation-ssl + +[482-version-negotiation-ssl] +server = 482-version-negotiation-server +client = 482-version-negotiation-client + +[482-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[482-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-482] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[483-version-negotiation] +ssl_conf = 483-version-negotiation-ssl + +[483-version-negotiation-ssl] +server = 483-version-negotiation-server +client = 483-version-negotiation-client + +[483-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[483-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-483] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[484-version-negotiation] +ssl_conf = 484-version-negotiation-ssl + +[484-version-negotiation-ssl] +server = 484-version-negotiation-server +client = 484-version-negotiation-client + +[484-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[484-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-484] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[485-version-negotiation] +ssl_conf = 485-version-negotiation-ssl + +[485-version-negotiation-ssl] +server = 485-version-negotiation-server +client = 485-version-negotiation-client + +[485-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[485-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-485] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[486-version-negotiation] +ssl_conf = 486-version-negotiation-ssl + +[486-version-negotiation-ssl] +server = 486-version-negotiation-server +client = 486-version-negotiation-client + +[486-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[486-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-486] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[487-version-negotiation] +ssl_conf = 487-version-negotiation-ssl + +[487-version-negotiation-ssl] +server = 487-version-negotiation-server +client = 487-version-negotiation-client + +[487-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[487-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-487] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[488-version-negotiation] +ssl_conf = 488-version-negotiation-ssl + +[488-version-negotiation-ssl] +server = 488-version-negotiation-server +client = 488-version-negotiation-client + +[488-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[488-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-488] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[489-version-negotiation] +ssl_conf = 489-version-negotiation-ssl + +[489-version-negotiation-ssl] +server = 489-version-negotiation-server +client = 489-version-negotiation-client + +[489-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[489-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-489] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[490-version-negotiation] +ssl_conf = 490-version-negotiation-ssl + +[490-version-negotiation-ssl] +server = 490-version-negotiation-server +client = 490-version-negotiation-client + +[490-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[490-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-490] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[491-version-negotiation] +ssl_conf = 491-version-negotiation-ssl + +[491-version-negotiation-ssl] +server = 491-version-negotiation-server +client = 491-version-negotiation-client + +[491-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[491-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-491] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[492-version-negotiation] +ssl_conf = 492-version-negotiation-ssl + +[492-version-negotiation-ssl] +server = 492-version-negotiation-server +client = 492-version-negotiation-client + +[492-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[492-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-492] +ExpectedResult = ServerFail + + +# =========================================================== + +[493-version-negotiation] +ssl_conf = 493-version-negotiation-ssl + +[493-version-negotiation-ssl] +server = 493-version-negotiation-server +client = 493-version-negotiation-client + +[493-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[493-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-493] +ExpectedResult = ServerFail + + +# =========================================================== + +[494-version-negotiation] +ssl_conf = 494-version-negotiation-ssl + +[494-version-negotiation-ssl] +server = 494-version-negotiation-server +client = 494-version-negotiation-client + +[494-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[494-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-494] +ExpectedResult = ServerFail + + +# =========================================================== + +[495-version-negotiation] +ssl_conf = 495-version-negotiation-ssl + +[495-version-negotiation-ssl] +server = 495-version-negotiation-server +client = 495-version-negotiation-client + +[495-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[495-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-495] +ExpectedResult = ClientFail + + +# =========================================================== + +[496-version-negotiation] +ssl_conf = 496-version-negotiation-ssl + +[496-version-negotiation-ssl] +server = 496-version-negotiation-server +client = 496-version-negotiation-client + +[496-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[496-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-496] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[497-version-negotiation] +ssl_conf = 497-version-negotiation-ssl + +[497-version-negotiation-ssl] +server = 497-version-negotiation-server +client = 497-version-negotiation-client + +[497-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[497-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-497] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[498-version-negotiation] +ssl_conf = 498-version-negotiation-ssl + +[498-version-negotiation-ssl] +server = 498-version-negotiation-server +client = 498-version-negotiation-client + +[498-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[498-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-498] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[499-version-negotiation] +ssl_conf = 499-version-negotiation-ssl + +[499-version-negotiation-ssl] +server = 499-version-negotiation-server +client = 499-version-negotiation-client + +[499-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[499-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-499] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[500-version-negotiation] +ssl_conf = 500-version-negotiation-ssl + +[500-version-negotiation-ssl] +server = 500-version-negotiation-server +client = 500-version-negotiation-client + +[500-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[500-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-500] +ExpectedResult = ServerFail + + +# =========================================================== + +[501-version-negotiation] +ssl_conf = 501-version-negotiation-ssl + +[501-version-negotiation-ssl] +server = 501-version-negotiation-server +client = 501-version-negotiation-client + +[501-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[501-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-501] +ExpectedResult = ClientFail + + +# =========================================================== + +[502-version-negotiation] +ssl_conf = 502-version-negotiation-ssl + +[502-version-negotiation-ssl] +server = 502-version-negotiation-server +client = 502-version-negotiation-client + +[502-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[502-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-502] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[503-version-negotiation] +ssl_conf = 503-version-negotiation-ssl + +[503-version-negotiation-ssl] +server = 503-version-negotiation-server +client = 503-version-negotiation-client + +[503-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[503-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-503] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[504-version-negotiation] +ssl_conf = 504-version-negotiation-ssl + +[504-version-negotiation-ssl] +server = 504-version-negotiation-server +client = 504-version-negotiation-client + +[504-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[504-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-504] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[505-version-negotiation] +ssl_conf = 505-version-negotiation-ssl + +[505-version-negotiation-ssl] +server = 505-version-negotiation-server +client = 505-version-negotiation-client + +[505-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[505-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-505] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[506-version-negotiation] +ssl_conf = 506-version-negotiation-ssl + +[506-version-negotiation-ssl] +server = 506-version-negotiation-server +client = 506-version-negotiation-client + +[506-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[506-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-506] +ExpectedResult = ClientFail + + +# =========================================================== + +[507-version-negotiation] +ssl_conf = 507-version-negotiation-ssl + +[507-version-negotiation-ssl] +server = 507-version-negotiation-server +client = 507-version-negotiation-client + +[507-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[507-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-507] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[508-version-negotiation] +ssl_conf = 508-version-negotiation-ssl + +[508-version-negotiation-ssl] +server = 508-version-negotiation-server +client = 508-version-negotiation-client + +[508-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[508-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-508] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[509-version-negotiation] +ssl_conf = 509-version-negotiation-ssl + +[509-version-negotiation-ssl] +server = 509-version-negotiation-server +client = 509-version-negotiation-client + +[509-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[509-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-509] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[510-version-negotiation] +ssl_conf = 510-version-negotiation-ssl + +[510-version-negotiation-ssl] +server = 510-version-negotiation-server +client = 510-version-negotiation-client + +[510-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[510-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-510] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[511-version-negotiation] +ssl_conf = 511-version-negotiation-ssl + +[511-version-negotiation-ssl] +server = 511-version-negotiation-server +client = 511-version-negotiation-client + +[511-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[511-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-511] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[512-version-negotiation] +ssl_conf = 512-version-negotiation-ssl + +[512-version-negotiation-ssl] +server = 512-version-negotiation-server +client = 512-version-negotiation-client + +[512-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[512-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-512] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[513-version-negotiation] +ssl_conf = 513-version-negotiation-ssl + +[513-version-negotiation-ssl] +server = 513-version-negotiation-server +client = 513-version-negotiation-client + +[513-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[513-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-513] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[514-version-negotiation] +ssl_conf = 514-version-negotiation-ssl + +[514-version-negotiation-ssl] +server = 514-version-negotiation-server +client = 514-version-negotiation-client + +[514-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[514-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-514] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[515-version-negotiation] +ssl_conf = 515-version-negotiation-ssl + +[515-version-negotiation-ssl] +server = 515-version-negotiation-server +client = 515-version-negotiation-client + +[515-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[515-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-515] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[516-version-negotiation] +ssl_conf = 516-version-negotiation-ssl + +[516-version-negotiation-ssl] +server = 516-version-negotiation-server +client = 516-version-negotiation-client + +[516-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[516-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-516] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[517-version-negotiation] +ssl_conf = 517-version-negotiation-ssl + +[517-version-negotiation-ssl] +server = 517-version-negotiation-server +client = 517-version-negotiation-client + +[517-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[517-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-517] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[518-version-negotiation] +ssl_conf = 518-version-negotiation-ssl + +[518-version-negotiation-ssl] +server = 518-version-negotiation-server +client = 518-version-negotiation-client + +[518-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[518-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-518] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[519-version-negotiation] +ssl_conf = 519-version-negotiation-ssl + +[519-version-negotiation-ssl] +server = 519-version-negotiation-server +client = 519-version-negotiation-client + +[519-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[519-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-519] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[520-version-negotiation] +ssl_conf = 520-version-negotiation-ssl + +[520-version-negotiation-ssl] +server = 520-version-negotiation-server +client = 520-version-negotiation-client + +[520-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[520-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-520] +ExpectedResult = ServerFail + + +# =========================================================== + +[521-version-negotiation] +ssl_conf = 521-version-negotiation-ssl + +[521-version-negotiation-ssl] +server = 521-version-negotiation-server +client = 521-version-negotiation-client + +[521-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[521-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-521] +ExpectedResult = ClientFail + + +# =========================================================== + +[522-version-negotiation] +ssl_conf = 522-version-negotiation-ssl + +[522-version-negotiation-ssl] +server = 522-version-negotiation-server +client = 522-version-negotiation-client + +[522-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[522-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-522] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[523-version-negotiation] +ssl_conf = 523-version-negotiation-ssl + +[523-version-negotiation-ssl] +server = 523-version-negotiation-server +client = 523-version-negotiation-client + +[523-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[523-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-523] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[524-version-negotiation] +ssl_conf = 524-version-negotiation-ssl + +[524-version-negotiation-ssl] +server = 524-version-negotiation-server +client = 524-version-negotiation-client + +[524-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[524-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-524] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[525-version-negotiation] +ssl_conf = 525-version-negotiation-ssl + +[525-version-negotiation-ssl] +server = 525-version-negotiation-server +client = 525-version-negotiation-client + +[525-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[525-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-525] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[526-version-negotiation] +ssl_conf = 526-version-negotiation-ssl + +[526-version-negotiation-ssl] +server = 526-version-negotiation-server +client = 526-version-negotiation-client + +[526-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[526-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-526] +ExpectedResult = ServerFail + + +# =========================================================== + +[527-version-negotiation] +ssl_conf = 527-version-negotiation-ssl + +[527-version-negotiation-ssl] +server = 527-version-negotiation-server +client = 527-version-negotiation-client + +[527-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[527-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-527] +ExpectedResult = ClientFail + + +# =========================================================== + +[528-version-negotiation] +ssl_conf = 528-version-negotiation-ssl + +[528-version-negotiation-ssl] +server = 528-version-negotiation-server +client = 528-version-negotiation-client + +[528-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[528-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-528] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[529-version-negotiation] +ssl_conf = 529-version-negotiation-ssl + +[529-version-negotiation-ssl] +server = 529-version-negotiation-server +client = 529-version-negotiation-client + +[529-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[529-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-529] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[530-version-negotiation] +ssl_conf = 530-version-negotiation-ssl + +[530-version-negotiation-ssl] +server = 530-version-negotiation-server +client = 530-version-negotiation-client + +[530-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[530-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-530] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[531-version-negotiation] +ssl_conf = 531-version-negotiation-ssl + +[531-version-negotiation-ssl] +server = 531-version-negotiation-server +client = 531-version-negotiation-client + +[531-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[531-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-531] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[532-version-negotiation] +ssl_conf = 532-version-negotiation-ssl + +[532-version-negotiation-ssl] +server = 532-version-negotiation-server +client = 532-version-negotiation-client + +[532-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[532-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-532] +ExpectedResult = ClientFail + + +# =========================================================== + +[533-version-negotiation] +ssl_conf = 533-version-negotiation-ssl + +[533-version-negotiation-ssl] +server = 533-version-negotiation-server +client = 533-version-negotiation-client + +[533-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[533-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-533] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[534-version-negotiation] +ssl_conf = 534-version-negotiation-ssl + +[534-version-negotiation-ssl] +server = 534-version-negotiation-server +client = 534-version-negotiation-client + +[534-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[534-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-534] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[535-version-negotiation] +ssl_conf = 535-version-negotiation-ssl + +[535-version-negotiation-ssl] +server = 535-version-negotiation-server +client = 535-version-negotiation-client + +[535-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[535-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-535] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[536-version-negotiation] +ssl_conf = 536-version-negotiation-ssl + +[536-version-negotiation-ssl] +server = 536-version-negotiation-server +client = 536-version-negotiation-client + +[536-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[536-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-536] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[537-version-negotiation] +ssl_conf = 537-version-negotiation-ssl + +[537-version-negotiation-ssl] +server = 537-version-negotiation-server +client = 537-version-negotiation-client + +[537-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[537-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-537] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[538-version-negotiation] +ssl_conf = 538-version-negotiation-ssl + +[538-version-negotiation-ssl] +server = 538-version-negotiation-server +client = 538-version-negotiation-client + +[538-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[538-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-538] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[539-version-negotiation] +ssl_conf = 539-version-negotiation-ssl + +[539-version-negotiation-ssl] +server = 539-version-negotiation-server +client = 539-version-negotiation-client + +[539-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[539-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-539] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[540-version-negotiation] +ssl_conf = 540-version-negotiation-ssl + +[540-version-negotiation-ssl] +server = 540-version-negotiation-server +client = 540-version-negotiation-client + +[540-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[540-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-540] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[541-version-negotiation] +ssl_conf = 541-version-negotiation-ssl + +[541-version-negotiation-ssl] +server = 541-version-negotiation-server +client = 541-version-negotiation-client + +[541-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[541-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-541] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[542-version-negotiation] +ssl_conf = 542-version-negotiation-ssl + +[542-version-negotiation-ssl] +server = 542-version-negotiation-server +client = 542-version-negotiation-client + +[542-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[542-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-542] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[543-version-negotiation] +ssl_conf = 543-version-negotiation-ssl + +[543-version-negotiation-ssl] +server = 543-version-negotiation-server +client = 543-version-negotiation-client + +[543-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[543-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-543] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[544-version-negotiation] +ssl_conf = 544-version-negotiation-ssl + +[544-version-negotiation-ssl] +server = 544-version-negotiation-server +client = 544-version-negotiation-client + +[544-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[544-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-544] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[545-version-negotiation] +ssl_conf = 545-version-negotiation-ssl + +[545-version-negotiation-ssl] +server = 545-version-negotiation-server +client = 545-version-negotiation-client + +[545-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[545-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-545] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[546-version-negotiation] +ssl_conf = 546-version-negotiation-ssl + +[546-version-negotiation-ssl] +server = 546-version-negotiation-server +client = 546-version-negotiation-client + +[546-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[546-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-546] +ExpectedResult = ServerFail + + +# =========================================================== + +[547-version-negotiation] +ssl_conf = 547-version-negotiation-ssl + +[547-version-negotiation-ssl] +server = 547-version-negotiation-server +client = 547-version-negotiation-client + +[547-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[547-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-547] +ExpectedResult = ClientFail + + +# =========================================================== + +[548-version-negotiation] +ssl_conf = 548-version-negotiation-ssl + +[548-version-negotiation-ssl] +server = 548-version-negotiation-server +client = 548-version-negotiation-client + +[548-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[548-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-548] +ExpectedResult = ClientFail + + +# =========================================================== + +[549-version-negotiation] +ssl_conf = 549-version-negotiation-ssl + +[549-version-negotiation-ssl] +server = 549-version-negotiation-server +client = 549-version-negotiation-client + +[549-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[549-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-549] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[550-version-negotiation] +ssl_conf = 550-version-negotiation-ssl + +[550-version-negotiation-ssl] +server = 550-version-negotiation-server +client = 550-version-negotiation-client + +[550-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[550-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-550] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[551-version-negotiation] +ssl_conf = 551-version-negotiation-ssl + +[551-version-negotiation-ssl] +server = 551-version-negotiation-server +client = 551-version-negotiation-client + +[551-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[551-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-551] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[552-version-negotiation] +ssl_conf = 552-version-negotiation-ssl + +[552-version-negotiation-ssl] +server = 552-version-negotiation-server +client = 552-version-negotiation-client + +[552-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[552-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-552] +ExpectedResult = ServerFail + + +# =========================================================== + +[553-version-negotiation] +ssl_conf = 553-version-negotiation-ssl + +[553-version-negotiation-ssl] +server = 553-version-negotiation-server +client = 553-version-negotiation-client + +[553-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[553-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-553] +ExpectedResult = ClientFail + + +# =========================================================== + +[554-version-negotiation] +ssl_conf = 554-version-negotiation-ssl + +[554-version-negotiation-ssl] +server = 554-version-negotiation-server +client = 554-version-negotiation-client + +[554-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[554-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-554] +ExpectedResult = ClientFail + + +# =========================================================== + +[555-version-negotiation] +ssl_conf = 555-version-negotiation-ssl + +[555-version-negotiation-ssl] +server = 555-version-negotiation-server +client = 555-version-negotiation-client + +[555-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[555-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-555] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[556-version-negotiation] +ssl_conf = 556-version-negotiation-ssl + +[556-version-negotiation-ssl] +server = 556-version-negotiation-server +client = 556-version-negotiation-client + +[556-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[556-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-556] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[557-version-negotiation] +ssl_conf = 557-version-negotiation-ssl + +[557-version-negotiation-ssl] +server = 557-version-negotiation-server +client = 557-version-negotiation-client + +[557-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[557-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-557] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[558-version-negotiation] +ssl_conf = 558-version-negotiation-ssl + +[558-version-negotiation-ssl] +server = 558-version-negotiation-server +client = 558-version-negotiation-client + +[558-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[558-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-558] +ExpectedResult = ClientFail + + +# =========================================================== + +[559-version-negotiation] +ssl_conf = 559-version-negotiation-ssl + +[559-version-negotiation-ssl] +server = 559-version-negotiation-server +client = 559-version-negotiation-client + +[559-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[559-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-559] +ExpectedResult = ClientFail + + +# =========================================================== + +[560-version-negotiation] +ssl_conf = 560-version-negotiation-ssl + +[560-version-negotiation-ssl] +server = 560-version-negotiation-server +client = 560-version-negotiation-client + +[560-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[560-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-560] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[561-version-negotiation] +ssl_conf = 561-version-negotiation-ssl + +[561-version-negotiation-ssl] +server = 561-version-negotiation-server +client = 561-version-negotiation-client + +[561-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[561-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-561] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[562-version-negotiation] +ssl_conf = 562-version-negotiation-ssl + +[562-version-negotiation-ssl] +server = 562-version-negotiation-server +client = 562-version-negotiation-client + +[562-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[562-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-562] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[563-version-negotiation] +ssl_conf = 563-version-negotiation-ssl + +[563-version-negotiation-ssl] +server = 563-version-negotiation-server +client = 563-version-negotiation-client + +[563-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[563-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-563] +ExpectedResult = ClientFail + + +# =========================================================== + +[564-version-negotiation] +ssl_conf = 564-version-negotiation-ssl + +[564-version-negotiation-ssl] +server = 564-version-negotiation-server +client = 564-version-negotiation-client + +[564-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[564-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-564] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[565-version-negotiation] +ssl_conf = 565-version-negotiation-ssl + +[565-version-negotiation-ssl] +server = 565-version-negotiation-server +client = 565-version-negotiation-client + +[565-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[565-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-565] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[566-version-negotiation] +ssl_conf = 566-version-negotiation-ssl + +[566-version-negotiation-ssl] +server = 566-version-negotiation-server +client = 566-version-negotiation-client + +[566-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[566-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-566] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[567-version-negotiation] +ssl_conf = 567-version-negotiation-ssl + +[567-version-negotiation-ssl] +server = 567-version-negotiation-server +client = 567-version-negotiation-client + +[567-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[567-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-567] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[568-version-negotiation] +ssl_conf = 568-version-negotiation-ssl + +[568-version-negotiation-ssl] +server = 568-version-negotiation-server +client = 568-version-negotiation-client + +[568-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[568-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-568] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[569-version-negotiation] +ssl_conf = 569-version-negotiation-ssl + +[569-version-negotiation-ssl] +server = 569-version-negotiation-server +client = 569-version-negotiation-client + +[569-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[569-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-569] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[570-version-negotiation] +ssl_conf = 570-version-negotiation-ssl + +[570-version-negotiation-ssl] +server = 570-version-negotiation-server +client = 570-version-negotiation-client + +[570-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[570-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-570] +ExpectedResult = ServerFail + + +# =========================================================== + +[571-version-negotiation] +ssl_conf = 571-version-negotiation-ssl + +[571-version-negotiation-ssl] +server = 571-version-negotiation-server +client = 571-version-negotiation-client + +[571-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[571-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-571] +ExpectedResult = ServerFail + + +# =========================================================== + +[572-version-negotiation] +ssl_conf = 572-version-negotiation-ssl + +[572-version-negotiation-ssl] +server = 572-version-negotiation-server +client = 572-version-negotiation-client + +[572-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[572-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-572] +ExpectedResult = ServerFail + + +# =========================================================== + +[573-version-negotiation] +ssl_conf = 573-version-negotiation-ssl + +[573-version-negotiation-ssl] +server = 573-version-negotiation-server +client = 573-version-negotiation-client + +[573-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[573-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-573] +ExpectedResult = ClientFail + + +# =========================================================== + +[574-version-negotiation] +ssl_conf = 574-version-negotiation-ssl + +[574-version-negotiation-ssl] +server = 574-version-negotiation-server +client = 574-version-negotiation-client + +[574-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[574-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-574] +ExpectedResult = ClientFail + + +# =========================================================== + +[575-version-negotiation] +ssl_conf = 575-version-negotiation-ssl + +[575-version-negotiation-ssl] +server = 575-version-negotiation-server +client = 575-version-negotiation-client + +[575-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[575-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-575] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[576-version-negotiation] +ssl_conf = 576-version-negotiation-ssl + +[576-version-negotiation-ssl] +server = 576-version-negotiation-server +client = 576-version-negotiation-client + +[576-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[576-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-576] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[577-version-negotiation] +ssl_conf = 577-version-negotiation-ssl + +[577-version-negotiation-ssl] +server = 577-version-negotiation-server +client = 577-version-negotiation-client + +[577-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[577-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-577] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[578-version-negotiation] +ssl_conf = 578-version-negotiation-ssl + +[578-version-negotiation-ssl] +server = 578-version-negotiation-server +client = 578-version-negotiation-client + +[578-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[578-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-578] +ExpectedResult = ServerFail + + +# =========================================================== + +[579-version-negotiation] +ssl_conf = 579-version-negotiation-ssl + +[579-version-negotiation-ssl] +server = 579-version-negotiation-server +client = 579-version-negotiation-client + +[579-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[579-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-579] +ExpectedResult = ClientFail + + +# =========================================================== + +[580-version-negotiation] +ssl_conf = 580-version-negotiation-ssl + +[580-version-negotiation-ssl] +server = 580-version-negotiation-server +client = 580-version-negotiation-client + +[580-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[580-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-580] +ExpectedResult = ClientFail + + +# =========================================================== + +[581-version-negotiation] +ssl_conf = 581-version-negotiation-ssl + +[581-version-negotiation-ssl] +server = 581-version-negotiation-server +client = 581-version-negotiation-client + +[581-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[581-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-581] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[582-version-negotiation] +ssl_conf = 582-version-negotiation-ssl + +[582-version-negotiation-ssl] +server = 582-version-negotiation-server +client = 582-version-negotiation-client + +[582-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[582-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-582] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[583-version-negotiation] +ssl_conf = 583-version-negotiation-ssl + +[583-version-negotiation-ssl] +server = 583-version-negotiation-server +client = 583-version-negotiation-client + +[583-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[583-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-583] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[584-version-negotiation] +ssl_conf = 584-version-negotiation-ssl + +[584-version-negotiation-ssl] +server = 584-version-negotiation-server +client = 584-version-negotiation-client + +[584-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[584-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-584] +ExpectedResult = ClientFail + + +# =========================================================== + +[585-version-negotiation] +ssl_conf = 585-version-negotiation-ssl + +[585-version-negotiation-ssl] +server = 585-version-negotiation-server +client = 585-version-negotiation-client + +[585-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[585-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-585] +ExpectedResult = ClientFail + + +# =========================================================== + +[586-version-negotiation] +ssl_conf = 586-version-negotiation-ssl + +[586-version-negotiation-ssl] +server = 586-version-negotiation-server +client = 586-version-negotiation-client + +[586-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[586-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-586] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[587-version-negotiation] +ssl_conf = 587-version-negotiation-ssl + +[587-version-negotiation-ssl] +server = 587-version-negotiation-server +client = 587-version-negotiation-client + +[587-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[587-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-587] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[588-version-negotiation] +ssl_conf = 588-version-negotiation-ssl + +[588-version-negotiation-ssl] +server = 588-version-negotiation-server +client = 588-version-negotiation-client + +[588-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[588-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-588] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[589-version-negotiation] +ssl_conf = 589-version-negotiation-ssl + +[589-version-negotiation-ssl] +server = 589-version-negotiation-server +client = 589-version-negotiation-client + +[589-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[589-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-589] +ExpectedResult = ClientFail + + +# =========================================================== + +[590-version-negotiation] +ssl_conf = 590-version-negotiation-ssl + +[590-version-negotiation-ssl] +server = 590-version-negotiation-server +client = 590-version-negotiation-client + +[590-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[590-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-590] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[591-version-negotiation] +ssl_conf = 591-version-negotiation-ssl + +[591-version-negotiation-ssl] +server = 591-version-negotiation-server +client = 591-version-negotiation-client + +[591-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[591-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-591] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[592-version-negotiation] +ssl_conf = 592-version-negotiation-ssl + +[592-version-negotiation-ssl] +server = 592-version-negotiation-server +client = 592-version-negotiation-client + +[592-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[592-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-592] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[593-version-negotiation] +ssl_conf = 593-version-negotiation-ssl + +[593-version-negotiation-ssl] +server = 593-version-negotiation-server +client = 593-version-negotiation-client + +[593-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[593-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-593] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[594-version-negotiation] +ssl_conf = 594-version-negotiation-ssl + +[594-version-negotiation-ssl] +server = 594-version-negotiation-server +client = 594-version-negotiation-client + +[594-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[594-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-594] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[595-version-negotiation] +ssl_conf = 595-version-negotiation-ssl + +[595-version-negotiation-ssl] +server = 595-version-negotiation-server +client = 595-version-negotiation-client + +[595-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[595-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-595] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[596-version-negotiation] +ssl_conf = 596-version-negotiation-ssl + +[596-version-negotiation-ssl] +server = 596-version-negotiation-server +client = 596-version-negotiation-client + +[596-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[596-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-596] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[597-version-negotiation] +ssl_conf = 597-version-negotiation-ssl + +[597-version-negotiation-ssl] +server = 597-version-negotiation-server +client = 597-version-negotiation-client + +[597-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[597-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-597] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[598-version-negotiation] +ssl_conf = 598-version-negotiation-ssl + +[598-version-negotiation-ssl] +server = 598-version-negotiation-server +client = 598-version-negotiation-client + +[598-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[598-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-598] +ExpectedResult = ServerFail + + +# =========================================================== + +[599-version-negotiation] +ssl_conf = 599-version-negotiation-ssl + +[599-version-negotiation-ssl] +server = 599-version-negotiation-server +client = 599-version-negotiation-client + +[599-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[599-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-599] +ExpectedResult = ClientFail + + +# =========================================================== + +[600-version-negotiation] +ssl_conf = 600-version-negotiation-ssl + +[600-version-negotiation-ssl] +server = 600-version-negotiation-server +client = 600-version-negotiation-client + +[600-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[600-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-600] +ExpectedResult = ClientFail + + +# =========================================================== + +[601-version-negotiation] +ssl_conf = 601-version-negotiation-ssl + +[601-version-negotiation-ssl] +server = 601-version-negotiation-server +client = 601-version-negotiation-client + +[601-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[601-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-601] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[602-version-negotiation] +ssl_conf = 602-version-negotiation-ssl + +[602-version-negotiation-ssl] +server = 602-version-negotiation-server +client = 602-version-negotiation-client + +[602-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[602-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-602] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[603-version-negotiation] +ssl_conf = 603-version-negotiation-ssl + +[603-version-negotiation-ssl] +server = 603-version-negotiation-server +client = 603-version-negotiation-client + +[603-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[603-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-603] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[604-version-negotiation] +ssl_conf = 604-version-negotiation-ssl + +[604-version-negotiation-ssl] +server = 604-version-negotiation-server +client = 604-version-negotiation-client + +[604-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[604-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-604] +ExpectedResult = ServerFail + + +# =========================================================== + +[605-version-negotiation] +ssl_conf = 605-version-negotiation-ssl + +[605-version-negotiation-ssl] +server = 605-version-negotiation-server +client = 605-version-negotiation-client + +[605-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[605-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-605] +ExpectedResult = ClientFail + + +# =========================================================== + +[606-version-negotiation] +ssl_conf = 606-version-negotiation-ssl + +[606-version-negotiation-ssl] +server = 606-version-negotiation-server +client = 606-version-negotiation-client + +[606-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[606-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-606] +ExpectedResult = ClientFail + + +# =========================================================== + +[607-version-negotiation] +ssl_conf = 607-version-negotiation-ssl + +[607-version-negotiation-ssl] +server = 607-version-negotiation-server +client = 607-version-negotiation-client + +[607-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[607-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-607] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[608-version-negotiation] +ssl_conf = 608-version-negotiation-ssl + +[608-version-negotiation-ssl] +server = 608-version-negotiation-server +client = 608-version-negotiation-client + +[608-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[608-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-608] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[609-version-negotiation] +ssl_conf = 609-version-negotiation-ssl + +[609-version-negotiation-ssl] +server = 609-version-negotiation-server +client = 609-version-negotiation-client + +[609-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[609-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-609] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[610-version-negotiation] +ssl_conf = 610-version-negotiation-ssl + +[610-version-negotiation-ssl] +server = 610-version-negotiation-server +client = 610-version-negotiation-client + +[610-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[610-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-610] +ExpectedResult = ClientFail + + +# =========================================================== + +[611-version-negotiation] +ssl_conf = 611-version-negotiation-ssl + +[611-version-negotiation-ssl] +server = 611-version-negotiation-server +client = 611-version-negotiation-client + +[611-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[611-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-611] +ExpectedResult = ClientFail + + +# =========================================================== + +[612-version-negotiation] +ssl_conf = 612-version-negotiation-ssl + +[612-version-negotiation-ssl] +server = 612-version-negotiation-server +client = 612-version-negotiation-client + +[612-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[612-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-612] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[613-version-negotiation] +ssl_conf = 613-version-negotiation-ssl + +[613-version-negotiation-ssl] +server = 613-version-negotiation-server +client = 613-version-negotiation-client + +[613-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[613-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-613] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[614-version-negotiation] +ssl_conf = 614-version-negotiation-ssl + +[614-version-negotiation-ssl] +server = 614-version-negotiation-server +client = 614-version-negotiation-client + +[614-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[614-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-614] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[615-version-negotiation] +ssl_conf = 615-version-negotiation-ssl + +[615-version-negotiation-ssl] +server = 615-version-negotiation-server +client = 615-version-negotiation-client + +[615-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[615-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-615] +ExpectedResult = ClientFail + + +# =========================================================== + +[616-version-negotiation] +ssl_conf = 616-version-negotiation-ssl + +[616-version-negotiation-ssl] +server = 616-version-negotiation-server +client = 616-version-negotiation-client + +[616-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[616-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-616] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[617-version-negotiation] +ssl_conf = 617-version-negotiation-ssl + +[617-version-negotiation-ssl] +server = 617-version-negotiation-server +client = 617-version-negotiation-client + +[617-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[617-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-617] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[618-version-negotiation] +ssl_conf = 618-version-negotiation-ssl + +[618-version-negotiation-ssl] +server = 618-version-negotiation-server +client = 618-version-negotiation-client + +[618-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[618-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-618] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[619-version-negotiation] +ssl_conf = 619-version-negotiation-ssl + +[619-version-negotiation-ssl] +server = 619-version-negotiation-server +client = 619-version-negotiation-client + +[619-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[619-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-619] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[620-version-negotiation] +ssl_conf = 620-version-negotiation-ssl + +[620-version-negotiation-ssl] +server = 620-version-negotiation-server +client = 620-version-negotiation-client + +[620-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[620-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-620] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[621-version-negotiation] +ssl_conf = 621-version-negotiation-ssl + +[621-version-negotiation-ssl] +server = 621-version-negotiation-server +client = 621-version-negotiation-client + +[621-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[621-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-621] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[622-version-negotiation] +ssl_conf = 622-version-negotiation-ssl + +[622-version-negotiation-ssl] +server = 622-version-negotiation-server +client = 622-version-negotiation-client + +[622-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[622-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-622] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[623-version-negotiation] +ssl_conf = 623-version-negotiation-ssl + +[623-version-negotiation-ssl] +server = 623-version-negotiation-server +client = 623-version-negotiation-client + +[623-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[623-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-623] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[624-version-negotiation] +ssl_conf = 624-version-negotiation-ssl + +[624-version-negotiation-ssl] +server = 624-version-negotiation-server +client = 624-version-negotiation-client + +[624-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[624-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-624] +ExpectedResult = ServerFail + + +# =========================================================== + +[625-version-negotiation] +ssl_conf = 625-version-negotiation-ssl + +[625-version-negotiation-ssl] +server = 625-version-negotiation-server +client = 625-version-negotiation-client + +[625-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[625-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-625] +ExpectedResult = ServerFail + + +# =========================================================== + +[626-version-negotiation] +ssl_conf = 626-version-negotiation-ssl + +[626-version-negotiation-ssl] +server = 626-version-negotiation-server +client = 626-version-negotiation-client + +[626-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[626-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-626] +ExpectedResult = ServerFail + + +# =========================================================== + +[627-version-negotiation] +ssl_conf = 627-version-negotiation-ssl + +[627-version-negotiation-ssl] +server = 627-version-negotiation-server +client = 627-version-negotiation-client + +[627-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[627-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-627] +ExpectedResult = ServerFail + + +# =========================================================== + +[628-version-negotiation] +ssl_conf = 628-version-negotiation-ssl + +[628-version-negotiation-ssl] +server = 628-version-negotiation-server +client = 628-version-negotiation-client + +[628-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[628-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-628] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[629-version-negotiation] +ssl_conf = 629-version-negotiation-ssl + +[629-version-negotiation-ssl] +server = 629-version-negotiation-server +client = 629-version-negotiation-client + +[629-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[629-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-629] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[630-version-negotiation] +ssl_conf = 630-version-negotiation-ssl + +[630-version-negotiation-ssl] +server = 630-version-negotiation-server +client = 630-version-negotiation-client + +[630-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[630-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-630] +ExpectedResult = ServerFail + + +# =========================================================== + +[631-version-negotiation] +ssl_conf = 631-version-negotiation-ssl + +[631-version-negotiation-ssl] +server = 631-version-negotiation-server +client = 631-version-negotiation-client + +[631-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[631-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-631] +ExpectedResult = ServerFail + + +# =========================================================== + +[632-version-negotiation] +ssl_conf = 632-version-negotiation-ssl + +[632-version-negotiation-ssl] +server = 632-version-negotiation-server +client = 632-version-negotiation-client + +[632-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[632-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-632] +ExpectedResult = ServerFail + + +# =========================================================== + +[633-version-negotiation] +ssl_conf = 633-version-negotiation-ssl + +[633-version-negotiation-ssl] +server = 633-version-negotiation-server +client = 633-version-negotiation-client + +[633-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[633-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-633] +ExpectedResult = ServerFail + + +# =========================================================== + +[634-version-negotiation] +ssl_conf = 634-version-negotiation-ssl + +[634-version-negotiation-ssl] +server = 634-version-negotiation-server +client = 634-version-negotiation-client + +[634-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[634-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-634] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[635-version-negotiation] +ssl_conf = 635-version-negotiation-ssl + +[635-version-negotiation-ssl] +server = 635-version-negotiation-server +client = 635-version-negotiation-client + +[635-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[635-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-635] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[636-version-negotiation] +ssl_conf = 636-version-negotiation-ssl + +[636-version-negotiation-ssl] +server = 636-version-negotiation-server +client = 636-version-negotiation-client + +[636-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[636-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-636] +ExpectedResult = ServerFail + + +# =========================================================== + +[637-version-negotiation] +ssl_conf = 637-version-negotiation-ssl + +[637-version-negotiation-ssl] +server = 637-version-negotiation-server +client = 637-version-negotiation-client + +[637-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[637-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-637] +ExpectedResult = ServerFail + + +# =========================================================== + +[638-version-negotiation] +ssl_conf = 638-version-negotiation-ssl + +[638-version-negotiation-ssl] +server = 638-version-negotiation-server +client = 638-version-negotiation-client + +[638-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[638-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-638] +ExpectedResult = ServerFail + + +# =========================================================== + +[639-version-negotiation] +ssl_conf = 639-version-negotiation-ssl + +[639-version-negotiation-ssl] +server = 639-version-negotiation-server +client = 639-version-negotiation-client + +[639-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[639-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-639] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[640-version-negotiation] +ssl_conf = 640-version-negotiation-ssl + +[640-version-negotiation-ssl] +server = 640-version-negotiation-server +client = 640-version-negotiation-client + +[640-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[640-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-640] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[641-version-negotiation] +ssl_conf = 641-version-negotiation-ssl + +[641-version-negotiation-ssl] +server = 641-version-negotiation-server +client = 641-version-negotiation-client + +[641-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[641-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-641] +ExpectedResult = ServerFail + + +# =========================================================== + +[642-version-negotiation] +ssl_conf = 642-version-negotiation-ssl + +[642-version-negotiation-ssl] +server = 642-version-negotiation-server +client = 642-version-negotiation-client + +[642-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[642-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-642] +ExpectedResult = ServerFail + + +# =========================================================== + +[643-version-negotiation] +ssl_conf = 643-version-negotiation-ssl + +[643-version-negotiation-ssl] +server = 643-version-negotiation-server +client = 643-version-negotiation-client + +[643-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[643-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-643] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[644-version-negotiation] +ssl_conf = 644-version-negotiation-ssl + +[644-version-negotiation-ssl] +server = 644-version-negotiation-server +client = 644-version-negotiation-client + +[644-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[644-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-644] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[645-version-negotiation] +ssl_conf = 645-version-negotiation-ssl + +[645-version-negotiation-ssl] +server = 645-version-negotiation-server +client = 645-version-negotiation-client + +[645-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[645-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-645] +ExpectedResult = ServerFail + + +# =========================================================== + +[646-version-negotiation] +ssl_conf = 646-version-negotiation-ssl + +[646-version-negotiation-ssl] +server = 646-version-negotiation-server +client = 646-version-negotiation-client + +[646-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[646-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-646] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[647-version-negotiation] +ssl_conf = 647-version-negotiation-ssl + +[647-version-negotiation-ssl] +server = 647-version-negotiation-server +client = 647-version-negotiation-client + +[647-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[647-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-647] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[648-version-negotiation] +ssl_conf = 648-version-negotiation-ssl + +[648-version-negotiation-ssl] +server = 648-version-negotiation-server +client = 648-version-negotiation-client + +[648-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[648-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-648] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[649-version-negotiation] +ssl_conf = 649-version-negotiation-ssl + +[649-version-negotiation-ssl] +server = 649-version-negotiation-server +client = 649-version-negotiation-client + +[649-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[649-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-649] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[650-version-negotiation] +ssl_conf = 650-version-negotiation-ssl + +[650-version-negotiation-ssl] +server = 650-version-negotiation-server +client = 650-version-negotiation-client + +[650-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[650-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-650] +ExpectedResult = ServerFail + + +# =========================================================== + +[651-version-negotiation] +ssl_conf = 651-version-negotiation-ssl + +[651-version-negotiation-ssl] +server = 651-version-negotiation-server +client = 651-version-negotiation-client + +[651-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[651-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-651] +ExpectedResult = ServerFail + + +# =========================================================== + +[652-version-negotiation] +ssl_conf = 652-version-negotiation-ssl + +[652-version-negotiation-ssl] +server = 652-version-negotiation-server +client = 652-version-negotiation-client + +[652-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[652-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-652] +ExpectedResult = ServerFail + + +# =========================================================== + +[653-version-negotiation] +ssl_conf = 653-version-negotiation-ssl + +[653-version-negotiation-ssl] +server = 653-version-negotiation-server +client = 653-version-negotiation-client + +[653-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[653-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-653] +ExpectedResult = ServerFail + + +# =========================================================== + +[654-version-negotiation] +ssl_conf = 654-version-negotiation-ssl + +[654-version-negotiation-ssl] +server = 654-version-negotiation-server +client = 654-version-negotiation-client + +[654-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[654-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-654] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[655-version-negotiation] +ssl_conf = 655-version-negotiation-ssl + +[655-version-negotiation-ssl] +server = 655-version-negotiation-server +client = 655-version-negotiation-client + +[655-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[655-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-655] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[656-version-negotiation] +ssl_conf = 656-version-negotiation-ssl + +[656-version-negotiation-ssl] +server = 656-version-negotiation-server +client = 656-version-negotiation-client + +[656-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[656-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-656] +ExpectedResult = ServerFail + + +# =========================================================== + +[657-version-negotiation] +ssl_conf = 657-version-negotiation-ssl + +[657-version-negotiation-ssl] +server = 657-version-negotiation-server +client = 657-version-negotiation-client + +[657-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[657-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-657] +ExpectedResult = ServerFail + + +# =========================================================== + +[658-version-negotiation] +ssl_conf = 658-version-negotiation-ssl + +[658-version-negotiation-ssl] +server = 658-version-negotiation-server +client = 658-version-negotiation-client + +[658-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[658-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-658] +ExpectedResult = ServerFail + + +# =========================================================== + +[659-version-negotiation] +ssl_conf = 659-version-negotiation-ssl + +[659-version-negotiation-ssl] +server = 659-version-negotiation-server +client = 659-version-negotiation-client + +[659-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[659-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-659] +ExpectedResult = ServerFail + + +# =========================================================== + +[660-version-negotiation] +ssl_conf = 660-version-negotiation-ssl + +[660-version-negotiation-ssl] +server = 660-version-negotiation-server +client = 660-version-negotiation-client + +[660-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[660-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-660] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[661-version-negotiation] +ssl_conf = 661-version-negotiation-ssl + +[661-version-negotiation-ssl] +server = 661-version-negotiation-server +client = 661-version-negotiation-client + +[661-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[661-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-661] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[662-version-negotiation] +ssl_conf = 662-version-negotiation-ssl + +[662-version-negotiation-ssl] +server = 662-version-negotiation-server +client = 662-version-negotiation-client + +[662-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[662-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-662] +ExpectedResult = ServerFail + + +# =========================================================== + +[663-version-negotiation] +ssl_conf = 663-version-negotiation-ssl + +[663-version-negotiation-ssl] +server = 663-version-negotiation-server +client = 663-version-negotiation-client + +[663-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[663-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-663] +ExpectedResult = ServerFail + + +# =========================================================== + +[664-version-negotiation] +ssl_conf = 664-version-negotiation-ssl + +[664-version-negotiation-ssl] +server = 664-version-negotiation-server +client = 664-version-negotiation-client + +[664-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[664-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-664] +ExpectedResult = ServerFail + + +# =========================================================== + +[665-version-negotiation] +ssl_conf = 665-version-negotiation-ssl + +[665-version-negotiation-ssl] +server = 665-version-negotiation-server +client = 665-version-negotiation-client + +[665-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[665-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-665] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[666-version-negotiation] +ssl_conf = 666-version-negotiation-ssl + +[666-version-negotiation-ssl] +server = 666-version-negotiation-server +client = 666-version-negotiation-client + +[666-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[666-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-666] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[667-version-negotiation] +ssl_conf = 667-version-negotiation-ssl + +[667-version-negotiation-ssl] +server = 667-version-negotiation-server +client = 667-version-negotiation-client + +[667-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[667-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-667] +ExpectedResult = ServerFail + + +# =========================================================== + +[668-version-negotiation] +ssl_conf = 668-version-negotiation-ssl + +[668-version-negotiation-ssl] +server = 668-version-negotiation-server +client = 668-version-negotiation-client + +[668-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[668-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-668] +ExpectedResult = ServerFail + + +# =========================================================== + +[669-version-negotiation] +ssl_conf = 669-version-negotiation-ssl + +[669-version-negotiation-ssl] +server = 669-version-negotiation-server +client = 669-version-negotiation-client + +[669-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[669-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-669] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[670-version-negotiation] +ssl_conf = 670-version-negotiation-ssl + +[670-version-negotiation-ssl] +server = 670-version-negotiation-server +client = 670-version-negotiation-client + +[670-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[670-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-670] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[671-version-negotiation] +ssl_conf = 671-version-negotiation-ssl + +[671-version-negotiation-ssl] +server = 671-version-negotiation-server +client = 671-version-negotiation-client + +[671-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[671-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-671] +ExpectedResult = ServerFail + + +# =========================================================== + +[672-version-negotiation] +ssl_conf = 672-version-negotiation-ssl + +[672-version-negotiation-ssl] +server = 672-version-negotiation-server +client = 672-version-negotiation-client + +[672-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[672-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-672] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[673-version-negotiation] +ssl_conf = 673-version-negotiation-ssl + +[673-version-negotiation-ssl] +server = 673-version-negotiation-server +client = 673-version-negotiation-client + +[673-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[673-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-673] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[674-version-negotiation] +ssl_conf = 674-version-negotiation-ssl + +[674-version-negotiation-ssl] +server = 674-version-negotiation-server +client = 674-version-negotiation-client + +[674-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[674-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-674] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[675-version-negotiation] +ssl_conf = 675-version-negotiation-ssl + +[675-version-negotiation-ssl] +server = 675-version-negotiation-server +client = 675-version-negotiation-client + +[675-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[675-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-675] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + +
diff --git a/test/ssl-tests/10-resumption.conf b/test/ssl-tests/10-resumption.conf index b2deee4..0a58f48 100644 --- a/test/ssl-tests/10-resumption.conf +++ b/test/ssl-tests/10-resumption.conf
@@ -1,6 +1,6 @@ # Generated with generate_ssl_tests.pl -num_tests = 36 +num_tests = 64 test-0 = 0-resumption test-1 = 1-resumption @@ -38,6 +38,34 @@ test-33 = 33-resumption test-34 = 34-resumption test-35 = 35-resumption +test-36 = 36-resumption +test-37 = 37-resumption +test-38 = 38-resumption +test-39 = 39-resumption +test-40 = 40-resumption +test-41 = 41-resumption +test-42 = 42-resumption +test-43 = 43-resumption +test-44 = 44-resumption +test-45 = 45-resumption +test-46 = 46-resumption +test-47 = 47-resumption +test-48 = 48-resumption +test-49 = 49-resumption +test-50 = 50-resumption +test-51 = 51-resumption +test-52 = 52-resumption +test-53 = 53-resumption +test-54 = 54-resumption +test-55 = 55-resumption +test-56 = 56-resumption +test-57 = 57-resumption +test-58 = 58-resumption +test-59 = 59-resumption +test-60 = 60-resumption +test-61 = 61-resumption +test-62 = 62-resumption +test-63 = 63-resumption # =========================================================== [0-resumption] @@ -268,15 +296,15 @@ [6-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [6-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [6-resumption-client] @@ -285,7 +313,7 @@ VerifyMode = Peer [test-6] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 HandshakeMode = Resume ResumptionExpected = No @@ -304,15 +332,15 @@ [7-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [7-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [7-resumption-client] @@ -321,7 +349,7 @@ VerifyMode = Peer [test-7] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 HandshakeMode = Resume ResumptionExpected = No @@ -348,7 +376,7 @@ [8-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [8-resumption-client] @@ -357,9 +385,9 @@ VerifyMode = Peer [test-8] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 HandshakeMode = Resume -ResumptionExpected = Yes +ResumptionExpected = No # =========================================================== @@ -384,7 +412,7 @@ [9-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [9-resumption-client] @@ -393,9 +421,9 @@ VerifyMode = Peer [test-9] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 HandshakeMode = Resume -ResumptionExpected = Yes +ResumptionExpected = No # =========================================================== @@ -420,7 +448,7 @@ [10-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [10-resumption-client] @@ -429,9 +457,9 @@ VerifyMode = Peer [test-10] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 HandshakeMode = Resume -ResumptionExpected = No +ResumptionExpected = Yes # =========================================================== @@ -456,7 +484,7 @@ [11-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [11-resumption-client] @@ -465,9 +493,9 @@ VerifyMode = Peer [test-11] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 HandshakeMode = Resume -ResumptionExpected = No +ResumptionExpected = Yes # =========================================================== @@ -484,15 +512,15 @@ [12-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [12-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [12-resumption-client] @@ -501,7 +529,7 @@ VerifyMode = Peer [test-12] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.2 HandshakeMode = Resume ResumptionExpected = No @@ -520,15 +548,15 @@ [13-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [13-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [13-resumption-client] @@ -537,7 +565,7 @@ VerifyMode = Peer [test-13] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.2 HandshakeMode = Resume ResumptionExpected = No @@ -556,15 +584,15 @@ [14-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [14-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [14-resumption-client] @@ -573,7 +601,7 @@ VerifyMode = Peer [test-14] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 HandshakeMode = Resume ResumptionExpected = No @@ -592,15 +620,15 @@ [15-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [15-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [15-resumption-client] @@ -609,7 +637,7 @@ VerifyMode = Peer [test-15] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 HandshakeMode = Resume ResumptionExpected = No @@ -636,7 +664,7 @@ [16-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [16-resumption-client] @@ -645,9 +673,9 @@ VerifyMode = Peer [test-16] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 HandshakeMode = Resume -ResumptionExpected = Yes +ResumptionExpected = No # =========================================================== @@ -672,7 +700,7 @@ [17-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [17-resumption-client] @@ -681,9 +709,9 @@ VerifyMode = Peer [test-17] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 HandshakeMode = Resume -ResumptionExpected = Yes +ResumptionExpected = No # =========================================================== @@ -694,32 +722,32 @@ [18-resumption-ssl] server = 18-resumption-server client = 18-resumption-client -resume-server = 18-resumption-server -resume-client = 18-resumption-resume-client +resume-server = 18-resumption-resume-server +resume-client = 18-resumption-client [18-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +[18-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + [18-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer - -[18-resumption-resume-client] -CipherString = DEFAULT -MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-18] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.1 HandshakeMode = Resume -ResumptionExpected = Yes +ResumptionExpected = No # =========================================================== @@ -730,32 +758,32 @@ [19-resumption-ssl] server = 19-resumption-server client = 19-resumption-client -resume-server = 19-resumption-server -resume-client = 19-resumption-resume-client +resume-server = 19-resumption-resume-server +resume-client = 19-resumption-client [19-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +[19-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + [19-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer - -[19-resumption-resume-client] -CipherString = DEFAULT -MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-19] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.1 HandshakeMode = Resume -ResumptionExpected = Yes +ResumptionExpected = No # =========================================================== @@ -766,32 +794,32 @@ [20-resumption-ssl] server = 20-resumption-server client = 20-resumption-client -resume-server = 20-resumption-server -resume-client = 20-resumption-resume-client +resume-server = 20-resumption-resume-server +resume-client = 20-resumption-client [20-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +[20-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + [20-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer - -[20-resumption-resume-client] -CipherString = DEFAULT -MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-20] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 HandshakeMode = Resume -ResumptionExpected = No +ResumptionExpected = Yes # =========================================================== @@ -802,32 +830,32 @@ [21-resumption-ssl] server = 21-resumption-server client = 21-resumption-client -resume-server = 21-resumption-server -resume-client = 21-resumption-resume-client +resume-server = 21-resumption-resume-server +resume-client = 21-resumption-client [21-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +[21-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + [21-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer - -[21-resumption-resume-client] -CipherString = DEFAULT -MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-21] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 HandshakeMode = Resume -ResumptionExpected = No +ResumptionExpected = Yes # =========================================================== @@ -838,30 +866,30 @@ [22-resumption-ssl] server = 22-resumption-server client = 22-resumption-client -resume-server = 22-resumption-server -resume-client = 22-resumption-resume-client +resume-server = 22-resumption-resume-server +resume-client = 22-resumption-client [22-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +[22-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + [22-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer - -[22-resumption-resume-client] -CipherString = DEFAULT -MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-22] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.3 HandshakeMode = Resume ResumptionExpected = No @@ -874,30 +902,30 @@ [23-resumption-ssl] server = 23-resumption-server client = 23-resumption-client -resume-server = 23-resumption-server -resume-client = 23-resumption-resume-client +resume-server = 23-resumption-resume-server +resume-client = 23-resumption-client [23-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +[23-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + [23-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer - -[23-resumption-resume-client] -CipherString = DEFAULT -MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-23] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.3 HandshakeMode = Resume ResumptionExpected = No @@ -910,25 +938,25 @@ [24-resumption-ssl] server = 24-resumption-server client = 24-resumption-client -resume-server = 24-resumption-server -resume-client = 24-resumption-resume-client +resume-server = 24-resumption-resume-server +resume-client = 24-resumption-client [24-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +[24-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + [24-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer - -[24-resumption-resume-client] -CipherString = DEFAULT -MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -946,25 +974,25 @@ [25-resumption-ssl] server = 25-resumption-server client = 25-resumption-client -resume-server = 25-resumption-server -resume-client = 25-resumption-resume-client +resume-server = 25-resumption-resume-server +resume-client = 25-resumption-client [25-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +[25-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + [25-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer - -[25-resumption-resume-client] -CipherString = DEFAULT -MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -982,32 +1010,32 @@ [26-resumption-ssl] server = 26-resumption-server client = 26-resumption-client -resume-server = 26-resumption-server -resume-client = 26-resumption-resume-client +resume-server = 26-resumption-resume-server +resume-client = 26-resumption-client [26-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +[26-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + [26-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer - -[26-resumption-resume-client] -CipherString = DEFAULT -MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-26] ExpectedProtocol = TLSv1.1 HandshakeMode = Resume -ResumptionExpected = Yes +ResumptionExpected = No # =========================================================== @@ -1018,32 +1046,32 @@ [27-resumption-ssl] server = 27-resumption-server client = 27-resumption-client -resume-server = 27-resumption-server -resume-client = 27-resumption-resume-client +resume-server = 27-resumption-resume-server +resume-client = 27-resumption-client [27-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +[27-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + [27-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer - -[27-resumption-resume-client] -CipherString = DEFAULT -MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-27] ExpectedProtocol = TLSv1.1 HandshakeMode = Resume -ResumptionExpected = Yes +ResumptionExpected = No # =========================================================== @@ -1054,25 +1082,25 @@ [28-resumption-ssl] server = 28-resumption-server client = 28-resumption-client -resume-server = 28-resumption-server -resume-client = 28-resumption-resume-client +resume-server = 28-resumption-resume-server +resume-client = 28-resumption-client [28-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +[28-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + [28-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer - -[28-resumption-resume-client] -CipherString = DEFAULT -MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1090,25 +1118,25 @@ [29-resumption-ssl] server = 29-resumption-server client = 29-resumption-client -resume-server = 29-resumption-server -resume-client = 29-resumption-resume-client +resume-server = 29-resumption-resume-server +resume-client = 29-resumption-client [29-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +[29-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + [29-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer - -[29-resumption-resume-client] -CipherString = DEFAULT -MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1126,32 +1154,32 @@ [30-resumption-ssl] server = 30-resumption-server client = 30-resumption-client -resume-server = 30-resumption-server -resume-client = 30-resumption-resume-client +resume-server = 30-resumption-resume-server +resume-client = 30-resumption-client [30-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +[30-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + [30-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer - -[30-resumption-resume-client] -CipherString = DEFAULT -MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-30] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 HandshakeMode = Resume -ResumptionExpected = No +ResumptionExpected = Yes # =========================================================== @@ -1162,32 +1190,32 @@ [31-resumption-ssl] server = 31-resumption-server client = 31-resumption-client -resume-server = 31-resumption-server -resume-client = 31-resumption-resume-client +resume-server = 31-resumption-resume-server +resume-client = 31-resumption-client [31-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +[31-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + [31-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer - -[31-resumption-resume-client] -CipherString = DEFAULT -MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-31] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 HandshakeMode = Resume -ResumptionExpected = No +ResumptionExpected = Yes # =========================================================== @@ -1209,21 +1237,21 @@ [32-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [32-resumption-resume-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-32] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 HandshakeMode = Resume -ResumptionExpected = No +ResumptionExpected = Yes # =========================================================== @@ -1245,21 +1273,21 @@ [33-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [33-resumption-resume-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-33] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 HandshakeMode = Resume -ResumptionExpected = No +ResumptionExpected = Yes # =========================================================== @@ -1281,21 +1309,21 @@ [34-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [34-resumption-resume-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-34] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 HandshakeMode = Resume -ResumptionExpected = Yes +ResumptionExpected = No # =========================================================== @@ -1317,20 +1345,1028 @@ [35-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [35-resumption-resume-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-35] +ExpectedProtocol = TLSv1.1 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[36-resumption] +ssl_conf = 36-resumption-ssl + +[36-resumption-ssl] +server = 36-resumption-server +client = 36-resumption-client +resume-server = 36-resumption-server +resume-client = 36-resumption-resume-client + +[36-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[36-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[36-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-36] ExpectedProtocol = TLSv1.2 HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[37-resumption] +ssl_conf = 37-resumption-ssl + +[37-resumption-ssl] +server = 37-resumption-server +client = 37-resumption-client +resume-server = 37-resumption-server +resume-client = 37-resumption-resume-client + +[37-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[37-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[37-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-37] +ExpectedProtocol = TLSv1.2 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[38-resumption] +ssl_conf = 38-resumption-ssl + +[38-resumption-ssl] +server = 38-resumption-server +client = 38-resumption-client +resume-server = 38-resumption-server +resume-client = 38-resumption-resume-client + +[38-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[38-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[38-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-38] +ExpectedProtocol = TLSv1.3 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[39-resumption] +ssl_conf = 39-resumption-ssl + +[39-resumption-ssl] +server = 39-resumption-server +client = 39-resumption-client +resume-server = 39-resumption-server +resume-client = 39-resumption-resume-client + +[39-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[39-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[39-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-39] +ExpectedProtocol = TLSv1.3 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[40-resumption] +ssl_conf = 40-resumption-ssl + +[40-resumption-ssl] +server = 40-resumption-server +client = 40-resumption-client +resume-server = 40-resumption-server +resume-client = 40-resumption-resume-client + +[40-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[40-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[40-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-40] +ExpectedProtocol = TLSv1 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[41-resumption] +ssl_conf = 41-resumption-ssl + +[41-resumption-ssl] +server = 41-resumption-server +client = 41-resumption-client +resume-server = 41-resumption-server +resume-client = 41-resumption-resume-client + +[41-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[41-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[41-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-41] +ExpectedProtocol = TLSv1 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[42-resumption] +ssl_conf = 42-resumption-ssl + +[42-resumption-ssl] +server = 42-resumption-server +client = 42-resumption-client +resume-server = 42-resumption-server +resume-client = 42-resumption-resume-client + +[42-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[42-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[42-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-42] +ExpectedProtocol = TLSv1.1 +HandshakeMode = Resume +ResumptionExpected = Yes + + +# =========================================================== + +[43-resumption] +ssl_conf = 43-resumption-ssl + +[43-resumption-ssl] +server = 43-resumption-server +client = 43-resumption-client +resume-server = 43-resumption-server +resume-client = 43-resumption-resume-client + +[43-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[43-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[43-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-43] +ExpectedProtocol = TLSv1.1 +HandshakeMode = Resume +ResumptionExpected = Yes + + +# =========================================================== + +[44-resumption] +ssl_conf = 44-resumption-ssl + +[44-resumption-ssl] +server = 44-resumption-server +client = 44-resumption-client +resume-server = 44-resumption-server +resume-client = 44-resumption-resume-client + +[44-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[44-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[44-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-44] +ExpectedProtocol = TLSv1.2 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[45-resumption] +ssl_conf = 45-resumption-ssl + +[45-resumption-ssl] +server = 45-resumption-server +client = 45-resumption-client +resume-server = 45-resumption-server +resume-client = 45-resumption-resume-client + +[45-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[45-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[45-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-45] +ExpectedProtocol = TLSv1.2 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[46-resumption] +ssl_conf = 46-resumption-ssl + +[46-resumption-ssl] +server = 46-resumption-server +client = 46-resumption-client +resume-server = 46-resumption-server +resume-client = 46-resumption-resume-client + +[46-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[46-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[46-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-46] +ExpectedProtocol = TLSv1.3 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[47-resumption] +ssl_conf = 47-resumption-ssl + +[47-resumption-ssl] +server = 47-resumption-server +client = 47-resumption-client +resume-server = 47-resumption-server +resume-client = 47-resumption-resume-client + +[47-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[47-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[47-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-47] +ExpectedProtocol = TLSv1.3 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[48-resumption] +ssl_conf = 48-resumption-ssl + +[48-resumption-ssl] +server = 48-resumption-server +client = 48-resumption-client +resume-server = 48-resumption-server +resume-client = 48-resumption-resume-client + +[48-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[48-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[48-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-48] +ExpectedProtocol = TLSv1 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[49-resumption] +ssl_conf = 49-resumption-ssl + +[49-resumption-ssl] +server = 49-resumption-server +client = 49-resumption-client +resume-server = 49-resumption-server +resume-client = 49-resumption-resume-client + +[49-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[49-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[49-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-49] +ExpectedProtocol = TLSv1 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[50-resumption] +ssl_conf = 50-resumption-ssl + +[50-resumption-ssl] +server = 50-resumption-server +client = 50-resumption-client +resume-server = 50-resumption-server +resume-client = 50-resumption-resume-client + +[50-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[50-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[50-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-50] +ExpectedProtocol = TLSv1.1 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[51-resumption] +ssl_conf = 51-resumption-ssl + +[51-resumption-ssl] +server = 51-resumption-server +client = 51-resumption-client +resume-server = 51-resumption-server +resume-client = 51-resumption-resume-client + +[51-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[51-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[51-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-51] +ExpectedProtocol = TLSv1.1 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[52-resumption] +ssl_conf = 52-resumption-ssl + +[52-resumption-ssl] +server = 52-resumption-server +client = 52-resumption-client +resume-server = 52-resumption-server +resume-client = 52-resumption-resume-client + +[52-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[52-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[52-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-52] +ExpectedProtocol = TLSv1.2 +HandshakeMode = Resume +ResumptionExpected = Yes + + +# =========================================================== + +[53-resumption] +ssl_conf = 53-resumption-ssl + +[53-resumption-ssl] +server = 53-resumption-server +client = 53-resumption-client +resume-server = 53-resumption-server +resume-client = 53-resumption-resume-client + +[53-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[53-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[53-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-53] +ExpectedProtocol = TLSv1.2 +HandshakeMode = Resume +ResumptionExpected = Yes + + +# =========================================================== + +[54-resumption] +ssl_conf = 54-resumption-ssl + +[54-resumption-ssl] +server = 54-resumption-server +client = 54-resumption-client +resume-server = 54-resumption-server +resume-client = 54-resumption-resume-client + +[54-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[54-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[54-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-54] +ExpectedProtocol = TLSv1.3 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[55-resumption] +ssl_conf = 55-resumption-ssl + +[55-resumption-ssl] +server = 55-resumption-server +client = 55-resumption-client +resume-server = 55-resumption-server +resume-client = 55-resumption-resume-client + +[55-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[55-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[55-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-55] +ExpectedProtocol = TLSv1.3 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[56-resumption] +ssl_conf = 56-resumption-ssl + +[56-resumption-ssl] +server = 56-resumption-server +client = 56-resumption-client +resume-server = 56-resumption-server +resume-client = 56-resumption-resume-client + +[56-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[56-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[56-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-56] +ExpectedProtocol = TLSv1 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[57-resumption] +ssl_conf = 57-resumption-ssl + +[57-resumption-ssl] +server = 57-resumption-server +client = 57-resumption-client +resume-server = 57-resumption-server +resume-client = 57-resumption-resume-client + +[57-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[57-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[57-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-57] +ExpectedProtocol = TLSv1 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[58-resumption] +ssl_conf = 58-resumption-ssl + +[58-resumption-ssl] +server = 58-resumption-server +client = 58-resumption-client +resume-server = 58-resumption-server +resume-client = 58-resumption-resume-client + +[58-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[58-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[58-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-58] +ExpectedProtocol = TLSv1.1 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[59-resumption] +ssl_conf = 59-resumption-ssl + +[59-resumption-ssl] +server = 59-resumption-server +client = 59-resumption-client +resume-server = 59-resumption-server +resume-client = 59-resumption-resume-client + +[59-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[59-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[59-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-59] +ExpectedProtocol = TLSv1.1 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[60-resumption] +ssl_conf = 60-resumption-ssl + +[60-resumption-ssl] +server = 60-resumption-server +client = 60-resumption-client +resume-server = 60-resumption-server +resume-client = 60-resumption-resume-client + +[60-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[60-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[60-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-60] +ExpectedProtocol = TLSv1.2 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[61-resumption] +ssl_conf = 61-resumption-ssl + +[61-resumption-ssl] +server = 61-resumption-server +client = 61-resumption-client +resume-server = 61-resumption-server +resume-client = 61-resumption-resume-client + +[61-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[61-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[61-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-61] +ExpectedProtocol = TLSv1.2 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[62-resumption] +ssl_conf = 62-resumption-ssl + +[62-resumption-ssl] +server = 62-resumption-server +client = 62-resumption-client +resume-server = 62-resumption-server +resume-client = 62-resumption-resume-client + +[62-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[62-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[62-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-62] +ExpectedProtocol = TLSv1.3 +HandshakeMode = Resume +ResumptionExpected = Yes + + +# =========================================================== + +[63-resumption] +ssl_conf = 63-resumption-ssl + +[63-resumption-ssl] +server = 63-resumption-server +client = 63-resumption-client +resume-server = 63-resumption-server +resume-client = 63-resumption-resume-client + +[63-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[63-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[63-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-63] +ExpectedProtocol = TLSv1.3 +HandshakeMode = Resume ResumptionExpected = Yes
diff --git a/test/ssl-tests/13-fragmentation.conf b/test/ssl-tests/13-fragmentation.conf index 4c1e9e2..14aec20 100644 --- a/test/ssl-tests/13-fragmentation.conf +++ b/test/ssl-tests/13-fragmentation.conf
@@ -267,6 +267,7 @@ [10-large-app-data-aes-sha1-multibuffer-client] CipherString = AES128-SHA +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -291,6 +292,7 @@ [11-large-app-data-aes-sha2-multibuffer-client] CipherString = AES128-SHA256 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -315,6 +317,7 @@ [12-large-app-data-aes-sha1-multibuffer-odd-fragment-client] CipherString = AES128-SHA +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -339,6 +342,7 @@ [13-large-app-data-aes-sha2-multibuffer-odd-fragment-client] CipherString = AES128-SHA256 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -363,6 +367,7 @@ [14-small-app-data-aes-sha1-multibuffer-client] CipherString = AES128-SHA +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -387,6 +392,7 @@ [15-small-app-data-aes-sha2-multibuffer-client] CipherString = AES128-SHA256 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer
diff --git a/test/ssl-tests/13-fragmentation.conf.in b/test/ssl-tests/13-fragmentation.conf.in index 645163c..ae6446e 100644 --- a/test/ssl-tests/13-fragmentation.conf.in +++ b/test/ssl-tests/13-fragmentation.conf.in
@@ -114,6 +114,7 @@ server => { }, client => { CipherString => "AES128-SHA", + MaxProtocol => "TLSv1.2" }, test => { ApplicationData => 1024 * 1024, @@ -125,6 +126,7 @@ server => { }, client => { CipherString => "AES128-SHA256", + MaxProtocol => "TLSv1.2" }, test => { ApplicationData => 1024 * 1024, @@ -136,6 +138,7 @@ server => { }, client => { CipherString => "AES128-SHA", + MaxProtocol => "TLSv1.2" }, test => { ApplicationData => 1024 * 1024 + 3, @@ -147,6 +150,7 @@ server => { }, client => { CipherString => "AES128-SHA256", + MaxProtocol => "TLSv1.2" }, test => { ApplicationData => 1024 * 1024 - 3, @@ -161,6 +165,7 @@ server => { }, client => { CipherString => "AES128-SHA", + MaxProtocol => "TLSv1.2" }, test => { ApplicationData => 4 * 1024, @@ -172,6 +177,7 @@ server => { }, client => { CipherString => "AES128-SHA256", + MaxProtocol => "TLSv1.2" }, test => { ApplicationData => 4 * 1024,
diff --git a/test/ssl-tests/14-curves.conf b/test/ssl-tests/14-curves.conf index d4c19c7..17d00b5 100644 --- a/test/ssl-tests/14-curves.conf +++ b/test/ssl-tests/14-curves.conf
@@ -44,6 +44,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect163k1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [0-curve-sect163k1-client] @@ -69,6 +70,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect163r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [1-curve-sect163r1-client] @@ -94,6 +96,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect163r2 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [2-curve-sect163r2-client] @@ -119,6 +122,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect193r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [3-curve-sect193r1-client] @@ -144,6 +148,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect193r2 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [4-curve-sect193r2-client] @@ -169,6 +174,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect233k1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [5-curve-sect233k1-client] @@ -194,6 +200,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect233r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [6-curve-sect233r1-client] @@ -219,6 +226,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect239k1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [7-curve-sect239k1-client] @@ -244,6 +252,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect283k1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [8-curve-sect283k1-client] @@ -269,6 +278,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect283r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [9-curve-sect283r1-client] @@ -294,6 +304,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect409k1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [10-curve-sect409k1-client] @@ -319,6 +330,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect409r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [11-curve-sect409r1-client] @@ -344,6 +356,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect571k1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [12-curve-sect571k1-client] @@ -369,6 +382,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect571r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [13-curve-sect571r1-client] @@ -394,6 +408,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = secp160k1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [14-curve-secp160k1-client] @@ -419,6 +434,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = secp160r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [15-curve-secp160r1-client] @@ -444,6 +460,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = secp160r2 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [16-curve-secp160r2-client] @@ -469,6 +486,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = secp192k1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [17-curve-secp192k1-client] @@ -494,6 +512,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = prime192v1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [18-curve-prime192v1-client] @@ -519,6 +538,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = secp224k1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [19-curve-secp224k1-client] @@ -544,6 +564,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = secp224r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [20-curve-secp224r1-client] @@ -569,6 +590,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = secp256k1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [21-curve-secp256k1-client] @@ -594,6 +616,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = prime256v1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [22-curve-prime256v1-client] @@ -619,6 +642,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = secp384r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [23-curve-secp384r1-client] @@ -644,6 +668,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = secp521r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [24-curve-secp521r1-client] @@ -669,6 +694,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = brainpoolP256r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [25-curve-brainpoolP256r1-client] @@ -694,6 +720,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = brainpoolP384r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [26-curve-brainpoolP384r1-client] @@ -719,6 +746,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = brainpoolP512r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [27-curve-brainpoolP512r1-client] @@ -744,6 +772,7 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = X25519 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [28-curve-X25519-client]
diff --git a/test/ssl-tests/14-curves.conf.in b/test/ssl-tests/14-curves.conf.in index f39ff7d..dec2be2 100644 --- a/test/ssl-tests/14-curves.conf.in +++ b/test/ssl-tests/14-curves.conf.in
@@ -27,7 +27,9 @@ push @tests, { name => "curve-${curve}", server => { - "Curves" => $curve + "Curves" => $curve, + # TODO(TLS1.3): Can we get this to work for TLSv1.3? + "MaxProtocol" => "TLSv1.2" }, client => { "CipherString" => "ECDHE",
diff --git a/test/ssl-tests/protocol_version.pm b/test/ssl-tests/protocol_version.pm index c711362..7146b8a 100644 --- a/test/ssl-tests/protocol_version.pm +++ b/test/ssl-tests/protocol_version.pm
@@ -20,12 +20,12 @@ use OpenSSL::Test::Utils qw/anydisabled alldisabled/; setup("no_test_here"); -my @tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2"); +my @tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"); # undef stands for "no limit". -my @min_tls_protocols = (undef, "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2"); -my @max_tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", undef); +my @min_tls_protocols = (undef, "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"); +my @max_tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3", undef); -my @is_tls_disabled = anydisabled("ssl3", "tls1", "tls1_1", "tls1_2"); +my @is_tls_disabled = anydisabled("ssl3", "tls1", "tls1_1", "tls1_2", "tls1_3"); my $min_tls_enabled; my $max_tls_enabled; @@ -74,7 +74,7 @@ sub no_tests { my ($dtls) = @_; return $dtls ? alldisabled("dtls1", "dtls1_2") : - alldisabled("ssl3", "tls1", "tls1_1", "tls1_2"); + alldisabled("ssl3", "tls1", "tls1_1", "tls1_2", "tls1_3"); } sub generate_version_tests { @@ -234,9 +234,15 @@ # Server doesn't support the client range. return ("ServerFail", undef); } elsif ($c_min > $s_max) { - # Server will try with a version that is lower than the lowest - # supported client version. - return ("ClientFail", undef); + my @prots = @$protocols; + if ($prots[$c_min] eq "TLSv1.3") { + # Client won't have sent any ciphersuite the server recognises + return ("ServerFail", undef); + } else { + # Server will try with a version that is lower than the lowest + # supported client version. + return ("ClientFail", undef); + } } else { # Server and client ranges overlap. my $max_common = $s_max < $c_max ? $s_max : $c_max;
diff --git a/test/ssl_test_ctx.c b/test/ssl_test_ctx.c index 0a528d8..e8f2943 100644 --- a/test/ssl_test_ctx.c +++ b/test/ssl_test_ctx.c
@@ -152,6 +152,7 @@ /********************/ static const test_enum ssl_protocols[] = { + {"TLSv1.3", TLS1_3_VERSION}, {"TLSv1.2", TLS1_2_VERSION}, {"TLSv1.1", TLS1_1_VERSION}, {"TLSv1", TLS1_VERSION},
diff --git a/test/ssltest_old.c b/test/ssltest_old.c index 6a5cd70..356359d 100644 --- a/test/ssltest_old.c +++ b/test/ssltest_old.c
@@ -886,6 +886,7 @@ {"tls1", TLS1_VERSION}, {"tls1.1", TLS1_1_VERSION}, {"tls1.2", TLS1_2_VERSION}, + {"tls1.3", TLS1_3_VERSION}, {"dtls1", DTLS1_VERSION}, {"dtls1.2", DTLS1_2_VERSION}}; size_t i; @@ -958,7 +959,7 @@ int badop = 0; enum { BIO_MEM, BIO_PAIR, BIO_IPV4, BIO_IPV6 } bio_type = BIO_MEM; int force = 0; - int dtls1 = 0, dtls12 = 0, dtls = 0, tls1 = 0, ssl3 = 0, ret = 1; + int dtls1 = 0, dtls12 = 0, dtls = 0, tls1 = 0, tls1_2 = 0, ssl3 = 0, ret = 1; int client_auth = 0; int server_auth = 0, i; struct app_verify_arg app_verify_arg = @@ -1123,7 +1124,9 @@ min_version = TLS1_VERSION; } #endif - else if (strcmp(*argv, "-tls1") == 0) { + else if (strcmp(*argv, "-tls1_2") == 0) { + tls1_2 = 1; + } else if (strcmp(*argv, "-tls1") == 0) { tls1 = 1; } else if (strcmp(*argv, "-ssl3") == 0) { ssl3 = 1; @@ -1329,8 +1332,8 @@ goto end; } - if (ssl3 + tls1 + dtls + dtls1 + dtls12 > 1) { - fprintf(stderr, "At most one of -ssl3, -tls1, -dtls, -dtls1 or -dtls12 should " + if (ssl3 + tls1 + tls1_2 + dtls + dtls1 + dtls12 > 1) { + fprintf(stderr, "At most one of -ssl3, -tls1, -tls1_2, -dtls, -dtls1 or -dtls12 should " "be requested.\n"); EXIT(1); } @@ -1345,6 +1348,11 @@ no_protocol = 1; else #endif +#ifdef OPENSSL_NO_TLS1_2 + if (tls1_2) + no_protocol = 1; + else +#endif #if defined(OPENSSL_NO_DTLS) || defined(OPENSSL_NO_DTLS1) if (dtls1) no_protocol = 1; @@ -1369,10 +1377,11 @@ goto end; } - if (!ssl3 && !tls1 && !dtls && !dtls1 && !dtls12 && number > 1 && !reuse && !force) { + if (!ssl3 && !tls1 && !tls1_2 && !dtls && !dtls1 && !dtls12 && number > 1 + && !reuse && !force) { fprintf(stderr, "This case cannot work. Use -f to perform " "the test anyway (and\n-d to see what happens), " - "or add one of -ssl3, -tls1, -dtls, -dtls1, -dtls12, -reuse\n" + "or add one of -ssl3, -tls1, -tls1_2, -dtls, -dtls1, -dtls12, -reuse\n" "to avoid protocol mismatch.\n"); EXIT(1); } @@ -1435,6 +1444,9 @@ } else if (tls1) { min_version = TLS1_VERSION; max_version = TLS1_VERSION; + } else if (tls1_2) { + min_version = TLS1_2_VERSION; + max_version = TLS1_2_VERSION; } #endif #ifndef OPENSSL_NO_DTLS
diff --git a/util/TLSProxy/Proxy.pm b/util/TLSProxy/Proxy.pm index eeb83ed..c15019d 100644 --- a/util/TLSProxy/Proxy.pm +++ b/util/TLSProxy/Proxy.pm
@@ -147,8 +147,10 @@ or die "Failed to redirect stdout: $!"; open(STDERR, ">&STDOUT"); } + # TODO(TLS1.3): Temporarily disabled for TLS1.3...no shared cipher + # because the TLS1.3 ciphersuites are not compatible with ossltest my $execcmd = $self->execute - ." s_server -no_comp -rev -engine ossltest -accept " + ." s_server -no_tls1_3 -no_comp -rev -engine ossltest -accept " .($self->server_port) ." -cert ".$self->cert." -naccept ".$self->serverconnects; if ($self->ciphers ne "") {