Add test for SSLv2 ClientHello

This commit is contained in:
Manuel Pégourié-Gonnard 2014-02-25 14:18:30 +01:00
parent a612b44cc5
commit c1da664e89

View file

@ -9,8 +9,8 @@
# Assumes all options are compiled in. # Assumes all options are compiled in.
PROGS_DIR='../programs/ssl' PROGS_DIR='../programs/ssl'
SRV_CMD="$PROGS_DIR/ssl_server2" P_SRV="$PROGS_DIR/ssl_server2"
CLI_CMD="$PROGS_DIR/ssl_client2" P_CLI="$PROGS_DIR/ssl_client2"
TESTS=0 TESTS=0
FAILS=0 FAILS=0
@ -48,10 +48,10 @@ run_test() {
shift shift
# run the commands # run the commands
$SHELL -c "$SRV_CMD $1" > srv_out & eval "$1" > srv_out 2>&1 &
SRV_PID=$! SRV_PID=$!
sleep 1 sleep 1
$SHELL -c "$CLI_CMD $2" > cli_out eval "$2" > cli_out 2>&1
CLI_EXIT=$? CLI_EXIT=$?
echo SERVERQUIT | openssl s_client -no_ticket \ echo SERVERQUIT | openssl s_client -no_ticket \
-cert data_files/cli2.crt -key data_files/cli2.key \ -cert data_files/cli2.crt -key data_files/cli2.key \
@ -120,25 +120,42 @@ run_test() {
killall -q openssl ssl_server ssl_server2 killall -q openssl ssl_server ssl_server2
# Test for SSLv2 ClientHello
run_test "SSLv2 ClientHello #0 (reference)" \
"$P_SRV debug_level=3" \
"echo GET / HTTP/1.0 | openssl s_client -no_ssl2" \
0 \
-S "parse client hello v2" \
-S "ssl_handshake returned"
# Adding a SSL2-only suite makes OpenSSL client send SSLv2 ClientHello
run_test "SSLv2 ClientHello #1 (actual test)" \
"$P_SRV debug_level=3" \
"echo GET / HTTP/1.0 | openssl s_client -cipher DES-CBC-MD5:ALL" \
0 \
-s "parse client hello v2" \
-S "ssl_handshake returned"
# Tests for Truncated HMAC extension # Tests for Truncated HMAC extension
run_test "Truncated HMAC #0" \ run_test "Truncated HMAC #0" \
"debug_level=5" \ "$P_SRV debug_level=5" \
"trunc_hmac=0 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ "$P_CLI trunc_hmac=0 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
0 \ 0 \
-s "dumping 'computed mac' (20 bytes)" -s "dumping 'computed mac' (20 bytes)"
run_test "Truncated HMAC #1" \ run_test "Truncated HMAC #1" \
"debug_level=5" \ "$P_SRV debug_level=5" \
"trunc_hmac=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ "$P_CLI trunc_hmac=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
0 \ 0 \
-s "dumping 'computed mac' (10 bytes)" -s "dumping 'computed mac' (10 bytes)"
# Tests for Session Tickets # Tests for Session Tickets
run_test "Session resume using tickets #1" \ run_test "Session resume using tickets #1" \
"debug_level=4 tickets=1" \ "$P_SRV debug_level=4 tickets=1" \
"debug_level=4 tickets=1 reconnect=1" \ "$P_CLI debug_level=4 tickets=1 reconnect=1" \
0 \ 0 \
-c "client hello, adding session ticket extension" \ -c "client hello, adding session ticket extension" \
-s "found session ticket extension" \ -s "found session ticket extension" \
@ -151,8 +168,8 @@ run_test "Session resume using tickets #1" \
-c "a session has been resumed" -c "a session has been resumed"
run_test "Session resume using tickets #2" \ run_test "Session resume using tickets #2" \
"debug_level=4 tickets=1 cache_max=0" \ "$P_SRV debug_level=4 tickets=1 cache_max=0" \
"debug_level=4 tickets=1 reconnect=1" \ "$P_CLI debug_level=4 tickets=1 reconnect=1" \
0 \ 0 \
-c "client hello, adding session ticket extension" \ -c "client hello, adding session ticket extension" \
-s "found session ticket extension" \ -s "found session ticket extension" \
@ -165,8 +182,8 @@ run_test "Session resume using tickets #2" \
-c "a session has been resumed" -c "a session has been resumed"
run_test "Session resume using tickets #3" \ run_test "Session resume using tickets #3" \
"debug_level=4 tickets=1 cache_max=0 ticket_timeout=1" \ "$P_SRV debug_level=4 tickets=1 cache_max=0 ticket_timeout=1" \
"debug_level=4 tickets=1 reconnect=1 reco_delay=2" \ "$P_CLI debug_level=4 tickets=1 reconnect=1 reco_delay=2" \
0 \ 0 \
-c "client hello, adding session ticket extension" \ -c "client hello, adding session ticket extension" \
-s "found session ticket extension" \ -s "found session ticket extension" \
@ -179,8 +196,8 @@ run_test "Session resume using tickets #3" \
-C "a session has been resumed" -C "a session has been resumed"
run_test "Session resume using tickets #4" \ run_test "Session resume using tickets #4" \
"debug_level=4 tickets=1 cache_max=0 ticket_timeout=2" \ "$P_SRV debug_level=4 tickets=1 cache_max=0 ticket_timeout=2" \
"debug_level=4 tickets=1 reconnect=1 reco_delay=0" \ "$P_CLI debug_level=4 tickets=1 reconnect=1 reco_delay=0" \
0 \ 0 \
-c "client hello, adding session ticket extension" \ -c "client hello, adding session ticket extension" \
-s "found session ticket extension" \ -s "found session ticket extension" \
@ -195,8 +212,8 @@ run_test "Session resume using tickets #4" \
# Tests for Session Resume based on session-ID and cache # Tests for Session Resume based on session-ID and cache
run_test "Session resume using cache #1 (tickets enabled on client)" \ run_test "Session resume using cache #1 (tickets enabled on client)" \
"debug_level=4 tickets=0" \ "$P_SRV debug_level=4 tickets=0" \
"debug_level=4 tickets=1 reconnect=1" \ "$P_CLI debug_level=4 tickets=1 reconnect=1" \
0 \ 0 \
-c "client hello, adding session ticket extension" \ -c "client hello, adding session ticket extension" \
-s "found session ticket extension" \ -s "found session ticket extension" \
@ -209,8 +226,8 @@ run_test "Session resume using cache #1 (tickets enabled on client)" \
-c "a session has been resumed" -c "a session has been resumed"
run_test "Session resume using cache #2 (tickets enabled on server)" \ run_test "Session resume using cache #2 (tickets enabled on server)" \
"debug_level=4 tickets=1" \ "$P_SRV debug_level=4 tickets=1" \
"debug_level=4 tickets=0 reconnect=1" \ "$P_CLI debug_level=4 tickets=0 reconnect=1" \
0 \ 0 \
-C "client hello, adding session ticket extension" \ -C "client hello, adding session ticket extension" \
-S "found session ticket extension" \ -S "found session ticket extension" \
@ -223,8 +240,8 @@ run_test "Session resume using cache #2 (tickets enabled on server)" \
-c "a session has been resumed" -c "a session has been resumed"
run_test "Session resume using cache #3 (cache_max=0)" \ run_test "Session resume using cache #3 (cache_max=0)" \
"debug_level=4 tickets=0 cache_max=0" \ "$P_SRV debug_level=4 tickets=0 cache_max=0" \
"debug_level=4 tickets=0 reconnect=1" \ "$P_CLI debug_level=4 tickets=0 reconnect=1" \
0 \ 0 \
-S "session successfully restored from cache" \ -S "session successfully restored from cache" \
-S "session successfully restored from ticket" \ -S "session successfully restored from ticket" \
@ -232,8 +249,8 @@ run_test "Session resume using cache #3 (cache_max=0)" \
-C "a session has been resumed" -C "a session has been resumed"
run_test "Session resume using cache #4 (cache_max=1)" \ run_test "Session resume using cache #4 (cache_max=1)" \
"debug_level=4 tickets=0 cache_max=1" \ "$P_SRV debug_level=4 tickets=0 cache_max=1" \
"debug_level=4 tickets=0 reconnect=1" \ "$P_CLI debug_level=4 tickets=0 reconnect=1" \
0 \ 0 \
-s "session successfully restored from cache" \ -s "session successfully restored from cache" \
-S "session successfully restored from ticket" \ -S "session successfully restored from ticket" \
@ -241,8 +258,8 @@ run_test "Session resume using cache #4 (cache_max=1)" \
-c "a session has been resumed" -c "a session has been resumed"
run_test "Session resume using cache #5 (timemout > delay)" \ run_test "Session resume using cache #5 (timemout > delay)" \
"debug_level=4 tickets=0 cache_timeout=1" \ "$P_SRV debug_level=4 tickets=0 cache_timeout=1" \
"debug_level=4 tickets=0 reconnect=1 reco_delay=0" \ "$P_CLI debug_level=4 tickets=0 reconnect=1 reco_delay=0" \
0 \ 0 \
-s "session successfully restored from cache" \ -s "session successfully restored from cache" \
-S "session successfully restored from ticket" \ -S "session successfully restored from ticket" \
@ -250,8 +267,8 @@ run_test "Session resume using cache #5 (timemout > delay)" \
-c "a session has been resumed" -c "a session has been resumed"
run_test "Session resume using cache #6 (timeout < delay)" \ run_test "Session resume using cache #6 (timeout < delay)" \
"debug_level=4 tickets=0 cache_timeout=1" \ "$P_SRV debug_level=4 tickets=0 cache_timeout=1" \
"debug_level=4 tickets=0 reconnect=1 reco_delay=2" \ "$P_CLI debug_level=4 tickets=0 reconnect=1 reco_delay=2" \
0 \ 0 \
-S "session successfully restored from cache" \ -S "session successfully restored from cache" \
-S "session successfully restored from ticket" \ -S "session successfully restored from ticket" \
@ -259,8 +276,8 @@ run_test "Session resume using cache #6 (timeout < delay)" \
-C "a session has been resumed" -C "a session has been resumed"
run_test "Session resume using cache #7 (no timeout)" \ run_test "Session resume using cache #7 (no timeout)" \
"debug_level=4 tickets=0 cache_timeout=0" \ "$P_SRV debug_level=4 tickets=0 cache_timeout=0" \
"debug_level=4 tickets=0 reconnect=1 reco_delay=2" \ "$P_CLI debug_level=4 tickets=0 reconnect=1 reco_delay=2" \
0 \ 0 \
-s "session successfully restored from cache" \ -s "session successfully restored from cache" \
-S "session successfully restored from ticket" \ -S "session successfully restored from ticket" \
@ -270,8 +287,8 @@ run_test "Session resume using cache #7 (no timeout)" \
# Tests for Max Fragment Length extension # Tests for Max Fragment Length extension
run_test "Max fragment length #1" \ run_test "Max fragment length #1" \
"debug_level=4" \ "$P_SRV debug_level=4" \
"debug_level=4" \ "$P_CLI debug_level=4" \
0 \ 0 \
-C "client hello, adding max_fragment_length extension" \ -C "client hello, adding max_fragment_length extension" \
-S "found max fragment length extension" \ -S "found max fragment length extension" \
@ -279,8 +296,8 @@ run_test "Max fragment length #1" \
-C "found max_fragment_length extension" -C "found max_fragment_length extension"
run_test "Max fragment length #2" \ run_test "Max fragment length #2" \
"debug_level=4" \ "$P_SRV debug_level=4" \
"debug_level=4 max_frag_len=4096" \ "$P_CLI debug_level=4 max_frag_len=4096" \
0 \ 0 \
-c "client hello, adding max_fragment_length extension" \ -c "client hello, adding max_fragment_length extension" \
-s "found max fragment length extension" \ -s "found max fragment length extension" \
@ -288,8 +305,8 @@ run_test "Max fragment length #2" \
-c "found max_fragment_length extension" -c "found max_fragment_length extension"
run_test "Max fragment length #3" \ run_test "Max fragment length #3" \
"debug_level=4 max_frag_len=4096" \ "$P_SRV debug_level=4 max_frag_len=4096" \
"debug_level=4" \ "$P_CLI debug_level=4" \
0 \ 0 \
-C "client hello, adding max_fragment_length extension" \ -C "client hello, adding max_fragment_length extension" \
-S "found max fragment length extension" \ -S "found max fragment length extension" \
@ -299,8 +316,8 @@ run_test "Max fragment length #3" \
# Tests for renegotiation # Tests for renegotiation
run_test "Renegotiation #0 (none)" \ run_test "Renegotiation #0 (none)" \
"debug_level=4" \ "$P_SRV debug_level=4" \
"debug_level=4" \ "$P_CLI debug_level=4" \
0 \ 0 \
-C "client hello, adding renegotiation extension" \ -C "client hello, adding renegotiation extension" \
-s "received TLS_EMPTY_RENEGOTIATION_INFO" \ -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
@ -312,8 +329,8 @@ run_test "Renegotiation #0 (none)" \
-S "write hello request" -S "write hello request"
run_test "Renegotiation #1 (enabled, client-initiated)" \ run_test "Renegotiation #1 (enabled, client-initiated)" \
"debug_level=4" \ "$P_SRV debug_level=4" \
"debug_level=4 renegotiate=1" \ "$P_CLI debug_level=4 renegotiate=1" \
0 \ 0 \
-c "client hello, adding renegotiation extension" \ -c "client hello, adding renegotiation extension" \
-s "received TLS_EMPTY_RENEGOTIATION_INFO" \ -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
@ -325,8 +342,8 @@ run_test "Renegotiation #1 (enabled, client-initiated)" \
-S "write hello request" -S "write hello request"
run_test "Renegotiation #2 (enabled, server-initiated)" \ run_test "Renegotiation #2 (enabled, server-initiated)" \
"debug_level=4 renegotiate=1" \ "$P_SRV debug_level=4 renegotiate=1" \
"debug_level=4" \ "$P_CLI debug_level=4" \
0 \ 0 \
-c "client hello, adding renegotiation extension" \ -c "client hello, adding renegotiation extension" \
-s "received TLS_EMPTY_RENEGOTIATION_INFO" \ -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
@ -338,8 +355,8 @@ run_test "Renegotiation #2 (enabled, server-initiated)" \
-s "write hello request" -s "write hello request"
run_test "Renegotiation #3 (enabled, double)" \ run_test "Renegotiation #3 (enabled, double)" \
"debug_level=4 renegotiate=1" \ "$P_SRV debug_level=4 renegotiate=1" \
"debug_level=4 renegotiate=1" \ "$P_CLI debug_level=4 renegotiate=1" \
0 \ 0 \
-c "client hello, adding renegotiation extension" \ -c "client hello, adding renegotiation extension" \
-s "received TLS_EMPTY_RENEGOTIATION_INFO" \ -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
@ -351,8 +368,8 @@ run_test "Renegotiation #3 (enabled, double)" \
-s "write hello request" -s "write hello request"
run_test "Renegotiation #4 (client-initiated, server-rejected)" \ run_test "Renegotiation #4 (client-initiated, server-rejected)" \
"debug_level=4 renegotiation=0" \ "$P_SRV debug_level=4 renegotiation=0" \
"debug_level=4 renegotiate=1" \ "$P_CLI debug_level=4 renegotiate=1" \
1 \ 1 \
-c "client hello, adding renegotiation extension" \ -c "client hello, adding renegotiation extension" \
-s "received TLS_EMPTY_RENEGOTIATION_INFO" \ -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
@ -364,8 +381,8 @@ run_test "Renegotiation #4 (client-initiated, server-rejected)" \
-S "write hello request" -S "write hello request"
run_test "Renegotiation #5 (server-initiated, client-rejected)" \ run_test "Renegotiation #5 (server-initiated, client-rejected)" \
"debug_level=4 renegotiate=1" \ "$P_SRV debug_level=4 renegotiate=1" \
"debug_level=4 renegotiation=0" \ "$P_CLI debug_level=4 renegotiation=0" \
0 \ 0 \
-C "client hello, adding renegotiation extension" \ -C "client hello, adding renegotiation extension" \
-s "received TLS_EMPTY_RENEGOTIATION_INFO" \ -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
@ -381,9 +398,9 @@ run_test "Renegotiation #5 (server-initiated, client-rejected)" \
# Tests for auth_mode # Tests for auth_mode
run_test "Authentication #1 (server badcert, client required)" \ run_test "Authentication #1 (server badcert, client required)" \
"crt_file=data_files/server5-badsign.crt \ "$P_SRV crt_file=data_files/server5-badsign.crt \
key_file=data_files/server5.key" \ key_file=data_files/server5.key" \
"debug_level=2 auth_mode=required" \ "$P_CLI debug_level=2 auth_mode=required" \
1 \ 1 \
-c "x509_verify_cert() returned" \ -c "x509_verify_cert() returned" \
-c "! self-signed or not signed by a trusted CA" \ -c "! self-signed or not signed by a trusted CA" \
@ -391,9 +408,9 @@ run_test "Authentication #1 (server badcert, client required)" \
-c "X509 - Certificate verification failed" -c "X509 - Certificate verification failed"
run_test "Authentication #2 (server badcert, client optional)" \ run_test "Authentication #2 (server badcert, client optional)" \
"crt_file=data_files/server5-badsign.crt \ "$P_SRV crt_file=data_files/server5-badsign.crt \
key_file=data_files/server5.key" \ key_file=data_files/server5.key" \
"debug_level=2 auth_mode=optional" \ "$P_CLI debug_level=2 auth_mode=optional" \
0 \ 0 \
-c "x509_verify_cert() returned" \ -c "x509_verify_cert() returned" \
-c "! self-signed or not signed by a trusted CA" \ -c "! self-signed or not signed by a trusted CA" \
@ -401,9 +418,9 @@ run_test "Authentication #2 (server badcert, client optional)" \
-C "X509 - Certificate verification failed" -C "X509 - Certificate verification failed"
run_test "Authentication #3 (server badcert, client none)" \ run_test "Authentication #3 (server badcert, client none)" \
"crt_file=data_files/server5-badsign.crt \ "$P_SRV crt_file=data_files/server5-badsign.crt \
key_file=data_files/server5.key" \ key_file=data_files/server5.key" \
"debug_level=2 auth_mode=none" \ "$P_CLI debug_level=2 auth_mode=none" \
0 \ 0 \
-C "x509_verify_cert() returned" \ -C "x509_verify_cert() returned" \
-C "! self-signed or not signed by a trusted CA" \ -C "! self-signed or not signed by a trusted CA" \
@ -411,8 +428,8 @@ run_test "Authentication #3 (server badcert, client none)" \
-C "X509 - Certificate verification failed" -C "X509 - Certificate verification failed"
run_test "Authentication #4 (client badcert, server required)" \ run_test "Authentication #4 (client badcert, server required)" \
"debug_level=4 auth_mode=required" \ "$P_SRV debug_level=4 auth_mode=required" \
"debug_level=4 crt_file=data_files/server5-badsign.crt \ "$P_CLI debug_level=4 crt_file=data_files/server5-badsign.crt \
key_file=data_files/server5.key" \ key_file=data_files/server5.key" \
1 \ 1 \
-S "skip write certificate request" \ -S "skip write certificate request" \
@ -428,8 +445,8 @@ run_test "Authentication #4 (client badcert, server required)" \
-s "X509 - Certificate verification failed" -s "X509 - Certificate verification failed"
run_test "Authentication #5 (client badcert, server optional)" \ run_test "Authentication #5 (client badcert, server optional)" \
"debug_level=4 auth_mode=optional" \ "$P_SRV debug_level=4 auth_mode=optional" \
"debug_level=4 crt_file=data_files/server5-badsign.crt \ "$P_CLI debug_level=4 crt_file=data_files/server5-badsign.crt \
key_file=data_files/server5.key" \ key_file=data_files/server5.key" \
0 \ 0 \
-S "skip write certificate request" \ -S "skip write certificate request" \
@ -445,8 +462,8 @@ run_test "Authentication #5 (client badcert, server optional)" \
-S "X509 - Certificate verification failed" -S "X509 - Certificate verification failed"
run_test "Authentication #6 (client badcert, server none)" \ run_test "Authentication #6 (client badcert, server none)" \
"debug_level=4 auth_mode=none" \ "$P_SRV debug_level=4 auth_mode=none" \
"debug_level=4 crt_file=data_files/server5-badsign.crt \ "$P_CLI debug_level=4 crt_file=data_files/server5-badsign.crt \
key_file=data_files/server5.key" \ key_file=data_files/server5.key" \
0 \ 0 \
-s "skip write certificate request" \ -s "skip write certificate request" \
@ -464,9 +481,9 @@ run_test "Authentication #6 (client badcert, server none)" \
# tests for SNI # tests for SNI
run_test "SNI #0 (no SNI callback)" \ run_test "SNI #0 (no SNI callback)" \
"debug_level=4 server_addr=127.0.0.1 \ "$P_SRV debug_level=4 server_addr=127.0.0.1 \
crt_file=data_files/server5.crt key_file=data_files/server5.key" \ crt_file=data_files/server5.crt key_file=data_files/server5.key" \
"debug_level=0 server_addr=127.0.0.1 \ "$P_CLI debug_level=0 server_addr=127.0.0.1 \
server_name=localhost" \ server_name=localhost" \
0 \ 0 \
-S "parse ServerName extension" \ -S "parse ServerName extension" \
@ -474,10 +491,10 @@ run_test "SNI #0 (no SNI callback)" \
-c "subject name *: C=NL, O=PolarSSL, CN=localhost" -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
run_test "SNI #1 (matching cert 1)" \ run_test "SNI #1 (matching cert 1)" \
"debug_level=4 server_addr=127.0.0.1 \ "$P_SRV debug_level=4 server_addr=127.0.0.1 \
crt_file=data_files/server5.crt key_file=data_files/server5.key \ crt_file=data_files/server5.crt key_file=data_files/server5.key \
sni='localhost,data_files/server2.crt,data_files/server2.key,PolarSSL Server 1,data_files/server1.crt,data_files/server1.key'" \ sni='localhost,data_files/server2.crt,data_files/server2.key,PolarSSL Server 1,data_files/server1.crt,data_files/server1.key'" \
"debug_level=0 server_addr=127.0.0.1 \ "$P_CLI debug_level=0 server_addr=127.0.0.1 \
server_name=localhost" \ server_name=localhost" \
0 \ 0 \
-s "parse ServerName extension" \ -s "parse ServerName extension" \
@ -485,10 +502,10 @@ run_test "SNI #1 (matching cert 1)" \
-c "subject name *: C=NL, O=PolarSSL, CN=localhost" -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
run_test "SNI #2 (matching cert 2)" \ run_test "SNI #2 (matching cert 2)" \
"debug_level=4 server_addr=127.0.0.1 \ "$P_SRV debug_level=4 server_addr=127.0.0.1 \
crt_file=data_files/server5.crt key_file=data_files/server5.key \ crt_file=data_files/server5.crt key_file=data_files/server5.key \
sni='localhost,data_files/server2.crt,data_files/server2.key,PolarSSL Server 1,data_files/server1.crt,data_files/server1.key'" \ sni='localhost,data_files/server2.crt,data_files/server2.key,PolarSSL Server 1,data_files/server1.crt,data_files/server1.key'" \
"debug_level=0 server_addr=127.0.0.1 \ "$P_CLI debug_level=0 server_addr=127.0.0.1 \
server_name='PolarSSL Server 1'" \ server_name='PolarSSL Server 1'" \
0 \ 0 \
-s "parse ServerName extension" \ -s "parse ServerName extension" \
@ -496,10 +513,10 @@ run_test "SNI #2 (matching cert 2)" \
-c "subject name *: C=NL, O=PolarSSL, CN=PolarSSL Server 1" -c "subject name *: C=NL, O=PolarSSL, CN=PolarSSL Server 1"
run_test "SNI #3 (no matching cert)" \ run_test "SNI #3 (no matching cert)" \
"debug_level=4 server_addr=127.0.0.1 \ "$P_SRV debug_level=4 server_addr=127.0.0.1 \
crt_file=data_files/server5.crt key_file=data_files/server5.key \ crt_file=data_files/server5.crt key_file=data_files/server5.key \
sni='localhost,data_files/server2.crt,data_files/server2.key,PolarSSL Server 1,data_files/server1.crt,data_files/server1.key'" \ sni='localhost,data_files/server2.crt,data_files/server2.key,PolarSSL Server 1,data_files/server1.crt,data_files/server1.key'" \
"debug_level=0 server_addr=127.0.0.1 \ "$P_CLI debug_level=0 server_addr=127.0.0.1 \
server_name='PolarSSL Server 2'" \ server_name='PolarSSL Server 2'" \
1 \ 1 \
-s "parse ServerName extension" \ -s "parse ServerName extension" \