mirror of
https://github.com/sonertari/SSLproxy
synced 2024-10-31 21:20:21 +00:00
8f63ec7f82
The ReconnectSSL option allows rule developers to write struct filtering rules using SNI and CN SSL specifications to override the SSL configuration of a connection. Otherwise, without this new option, filtering rules cannot change SSL options using SSL filtering fields to match connections (the SSL config in the rule would not have any effect on the server side of the matching connection). Without ReconnectSSL, only DstIP and DstPort fields can be used to override the SSL config of a connection. If the ReconnectSSL option in a struct filtering rule is set, we disconnect and free the server side of the matching SSL connection, and reconnect it with the SSL options in the matching struct filtering rule. This enforces the SSL config in the rule. Do not use the ReconnectSSL option if server disconnect is not desirable or acceptable in your case.
67 lines
1.9 KiB
JSON
67 lines
1.9 KiB
JSON
{
|
|
"comment": "SSLproxy tests",
|
|
"testharnesses": {
|
|
"1": {
|
|
"comment": "HTTP tests",
|
|
"testsets": {
|
|
"1": "http_testset_1.json",
|
|
"2": "http_testset_2.json",
|
|
"3": "http_testset_3.json"
|
|
}
|
|
},
|
|
"2": {
|
|
"comment": "SSL config tests",
|
|
"testsets": {
|
|
"1": "ssl_testset_1.json",
|
|
"2": "ssl_testset_2.json",
|
|
"3": "ssl_testset_3.json",
|
|
"4": "ssl_testset_4.json",
|
|
"5": "ssl_testset_5.json",
|
|
"6": "ssl_testset_6.json"
|
|
}
|
|
},
|
|
"3": {
|
|
"comment": "Protocol validation tests",
|
|
"testsets": {
|
|
"1": "tcp_ssl_testends_testset_1.json",
|
|
"2": "ssl_tcp_testends_testset_1.json",
|
|
"3": "proto_validate_testset_1.json",
|
|
"4": "proto_validate_testset_2.json",
|
|
"5": "proto_validate_testset_3.json",
|
|
"6": "proto_validate_testset_4.json"
|
|
}
|
|
},
|
|
"4": {
|
|
"comment": "Various option tests",
|
|
"testsets": {
|
|
"1": "passthrough_testset_1.json",
|
|
"2": "verifypeer_testset_1.json",
|
|
"3": "verifypeer_testset_2.json",
|
|
"4": "ca_testset_1.json",
|
|
"5": "ca_testset_2.json",
|
|
"6": "userauth_testset_1.json",
|
|
"7": "userauth_testset_2.json"
|
|
}
|
|
},
|
|
"5": {
|
|
"comment": "Filtering rules tests",
|
|
"testsets": {
|
|
"1": "filter_divert_testset_1.json",
|
|
"2": "filter_split_testset_1.json",
|
|
"3": "filter_pass_testset_1.json",
|
|
"4": "filter_block_testset_1.json",
|
|
"5": "filter_sni_testset_1.json",
|
|
"6": "filter_sni_testset_2.json",
|
|
"7": "filter_cn_testset_1.json",
|
|
"8": "filter_cn_testset_2.json",
|
|
"9": "filter_host_testset_1.json",
|
|
"10": "filter_host_testset_2.json",
|
|
"11": "filter_uri_testset_1.json",
|
|
"12": "filter_uri_testset_2.json",
|
|
"13": "filter_struct_testset_1.json",
|
|
"14": "filter_struct_reconnect_testset_1.json"
|
|
}
|
|
}
|
|
}
|
|
}
|