openbsd/src/regress/lib/libssl/interop, branch libressl-v3.2.1

openbsd/src/regress/lib/libssl/interop, branch libressl-v3.2.1 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v3.2.1 2020-05-11T18:20:24+00:00 Revise regress for TLSv1.3 server being enabled. 2020-05-11T18:20:24+00:00 jsing 2020-05-11T18:20:24+00:00 urn:sha1:9cb614ecfae85e33f73e37c50b4b124384f3403e Disable cert interop tests for now. 2020-01-25T16:10:32+00:00 jsing 2020-01-25T16:10:32+00:00 urn:sha1:7d21cbd7f1e56eb8ddf1d70461ed852a17e87e91 The libressl TLSv1.3 client and server currently lack client certificate authentication support and this test expects all clients can auth with all servers. We can likely turn this back on in the near future. Actually disable cipher interop tests. 2020-01-25T16:09:05+00:00 jsing 2020-01-25T16:09:05+00:00 urn:sha1:2de79ce59f152afc2bd7f8ebf2d6e99265f6df6f Disable the cipher interop tests. 2020-01-25T16:08:25+00:00 jsing 2020-01-25T16:08:25+00:00 urn:sha1:56946132136f68c15473210cddc908c241274b83 These make far too many assumptions about cipher suites - TLSv1.3 cipher suites can only be used with TLSv1.3 and there is tests using TLSv1.3 cipher suites with TLSv1.2 will not work. Likewise, expecting TLSv1.2 cipher suites to work with TLSv1.3 is futile. Additionally, eopenssl11 lists TLSv1.3 cipher suites with different names to libressl. Futher work will be necessary before this can be re-enabled. Accept both TLSv1.2 and TLSv1.3 protocols for netcat. 2020-01-25T16:03:31+00:00 jsing 2020-01-25T16:03:31+00:00 urn:sha1:c8f22637e2e0244253a8ef175e56c99345346a71 This can potentially be improved by adding knowledge about which libraries support which versions and handle differences between clients and servers. Disable session regress for libressl client talking to openssl11 server. 2020-01-25T16:01:43+00:00 jsing 2020-01-25T16:01:43+00:00 urn:sha1:384c09873c7773d469f4e61d01fdef728e0b80d6 This is now talking over TLSv1.3 and needs session support. Enable GOST cipher selection test after libssl has been fixed. 2019-03-28T22:24:13+00:00 bluhm 2019-03-28T22:24:13+00:00 urn:sha1:c9f5a90a62bcbef702ae80d4c3d2063e5bfab8f7 Fix typo in usage and comment. 2019-03-21T17:52:26+00:00 bluhm 2019-03-21T17:52:26+00:00 urn:sha1:b45cb195c7a0d58f9ee417f6a2035faec7d3a555 Test that all supported TLS ciphers actually work. Establish 2019-02-21T23:06:33+00:00 bluhm 2019-02-21T23:06:33+00:00 urn:sha1:375349e3dab4ad23aaba1771a89b29b9525e2c0c connections between client and server implemented with LibreSSL or OpenSSL with a fixed cipher on each side. Check the used cipher in the session print out. getopt(3) returns int, not char. Fix type of ch variable to prevent 2019-02-11T12:22:44+00:00 bluhm 2019-02-11T12:22:44+00:00 urn:sha1:88618333f84d8a2726a86ece227e023659dbf0cc sign error during arm regress.