1 files changed, 54 insertions, 0 deletions

diff --git a/test/ssl-tests/01-simple.cnf.in b/test/ssl-tests/01-simple.cnf.in
new file mode 100644
index 000000000000..bcd41e3065be
--- /dev/null
+++ b/test/ssl-tests/01-simple.cnf.in
@@ -0,0 +1,54 @@
+# -*- mode: perl; -*-
+# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+
+## SSL test configurations
+
+package ssltests;
+
+our @tests = (
+    {
+        name => "default",
+        server => { },
+        client => { },
+        test   => { "ExpectedResult" => "Success" },
+    },
+
+    {
+        name => "Server signature algorithms bug",
+        # Should have no effect as we aren't doing client auth
+        server => { "ClientSignatureAlgorithms" => "PSS+SHA512:RSA+SHA512" },
+        client => { "SignatureAlgorithms" => "PSS+SHA256:RSA+SHA256" },
+        test   => { "ExpectedResult" => "Success" },
+    },
+
+    {
+        name => "verify-cert",
+        server => { },
+        client => {
+            # Don't set up the client root file.
+            "VerifyCAFile" => undef,
+        },
+        test   => {
+          "ExpectedResult" => "ClientFail",
+          "ExpectedClientAlert" => "UnknownCA",
+        },
+    },
+
+    {
+        name => "name-constraints-no-san-in-ee",
+        server => {
+            "Certificate" => test_pem("goodcn2-chain.pem"),
+            "PrivateKey"  => test_pem("goodcn2-key.pem"),
+        },
+        client => {
+            "VerifyCAFile" => test_pem("root-cert.pem"),
+        },
+        test   => { "ExpectedResult" => "Success" },
+    },
+);