111 lines
1.4 KiB
Plaintext
111 lines
1.4 KiB
Plaintext
# THIS TEST IS BROKEN
|
|
# server TLSv1.3 downgrade
|
|
#-v d
|
|
#-l TLS13-CHACHA20-POLY1305-SHA256
|
|
|
|
# client TLSv1.2
|
|
#-v 3
|
|
|
|
# server TLSv1.2
|
|
-v 3
|
|
|
|
# client TLSv1.3 downgrade
|
|
-v d
|
|
|
|
# server TLSv1.3 downgrade
|
|
-v d
|
|
|
|
# client TLSv1.3 downgrade
|
|
-v d
|
|
|
|
# server TLSv1.3 downgrade but don't and resume
|
|
-v d
|
|
-r
|
|
|
|
# client TLSv1.3 downgrade but don't and resume
|
|
-v d
|
|
-r
|
|
|
|
# server TLSv1.3 downgrade and resume
|
|
-v d
|
|
-r
|
|
|
|
# client TLSv1.2 and resume
|
|
-v 3
|
|
-r
|
|
|
|
# server TLSv1.2 and resume
|
|
-v d
|
|
-r
|
|
|
|
# cient TLSv1.3 downgrade and resume
|
|
-v 3
|
|
-r
|
|
|
|
# server TLSv1.3
|
|
-v 4
|
|
-l TLS13-AES128-GCM-SHA256
|
|
-H exitWithRet
|
|
|
|
# client TLSv1.2, should fail
|
|
-v 3
|
|
-H exitWithRet
|
|
|
|
# server TLSv1.2
|
|
-v 3
|
|
-l ECDHE-RSA-AES256-GCM-SHA384
|
|
-H exitWithRet
|
|
|
|
# client TLSv1.3, should fail
|
|
-v 4
|
|
-H exitWithRet
|
|
|
|
# server TLSv1.2
|
|
-v 3
|
|
-l ECDHE-RSA-AES256-GCM-SHA384
|
|
-H exitWithRet
|
|
|
|
# client
|
|
# enable downgrade
|
|
# minimum downgradable TLSv 1.3
|
|
# expect to be failure
|
|
-7 4
|
|
-v d
|
|
-H exitWithRet
|
|
|
|
# server
|
|
# enable downgrade
|
|
# minimum downgradable TLSv 1.3
|
|
-7 4
|
|
-v d
|
|
-l TLS13-AES128-GCM-SHA256
|
|
|
|
# client
|
|
# enable downgrade
|
|
# minimum downgradable TLSv 1.3
|
|
-7 4
|
|
-v d
|
|
|
|
# server
|
|
# enable downgrade
|
|
# minimum downgradable TLSv 1.2
|
|
-7 3
|
|
-v d
|
|
-l ECDHE-RSA-AES256-GCM-SHA384
|
|
|
|
# client TLSv 1.2
|
|
-v 3
|
|
|
|
# server
|
|
# enable downgrade
|
|
# minimum downgradable TLSv 1.3
|
|
# expect to be failure
|
|
-7 4
|
|
-v d
|
|
-l TLS13-AES128-GCM-SHA256
|
|
-H exitWithRet
|
|
|
|
# client TLSv 1.2
|
|
-v 3
|
|
-H exitWithRet
|