openbsd/src/regress/lib/libssl/ssl, branch OPENBSD_7_8_BASE A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=OPENBSD_7_8_BASE 2024-03-01T03:45:16+00:00 ssltest: drop another use of CRYPTO_mem_leaks() 2024-03-01T03:45:16+00:00 tb 2024-03-01T03:45:16+00:00 urn:sha1:3f8118d230db791e442d7c0356a9b1c3752f6d4a Remove last OPENSSL_NO_ENGINE from libssl regress 2023-11-19T13:12:06+00:00 tb 2023-11-19T13:12:06+00:00 urn:sha1:b275ac283a395bb2a4f1409dcc2f3818c43d5043 Avoid memcmp() with NULL pointer and 0 length 2023-08-15T11:20:57+00:00 tb 2023-08-15T11:20:57+00:00 urn:sha1:54c3f0124d3c0055bc2bcc55c0c47db3620da274 Prepare the ssltest for the upcoming bump 2023-07-27T07:08:09+00:00 tb 2023-07-27T07:08:09+00:00 urn:sha1:e20061c65d48ab2376dad6b927a54138ea5a7eb1 This is a hack. The test is in rather poor shape and it is hard to tell whether it still does what it is supposed to be doing. Hopefully somemone will rewrite this in a style that doesn't make me squeal on opening this file... Plug leak in the ssltest 2023-07-04T08:47:01+00:00 tb 2023-07-04T08:47:01+00:00 urn:sha1:286247b132e6b61664f4095f00f8454ccb395e84 Removing -tls1 moved some tests from the legacy stack to the TLSv1.3 stack. On a HRR, the alpn callback would be called twice and allocate the global twice, thereby leaking. So free it up front. Joint suffering with bcook and beck Disable TLS 1.0 and TLS 1.1 in libssl 2023-07-02T17:21:33+00:00 beck 2023-07-02T17:21:33+00:00 urn:sha1:4edd92a57f3a74829fe519f35b5c7c79e03ce0b0 Their time has long since past, and they should not be used. This change restricts ssl to versions 1.2 and 1.3, and changes the regression tests to understand we no longer speak the legacy protocols. For the moment the magical "golden" byte for byte comparison tests of raw handshake values are disabled util jsing fixes them. ok jsing@ tb@ ssltest: Drop more policy go from this test. 2023-04-15T16:50:05+00:00 tb 2023-04-15T16:50:05+00:00 urn:sha1:9f05de38a30ac8f2e70977a361fc0d26b403940b Hopefully that is all. What an absolutely horrid mess. ssltest: initial pass of dropping proxy cert goo 2023-04-15T16:17:57+00:00 tb 2023-04-15T16:17:57+00:00 urn:sha1:3cf1029b1f3ee136a9ab977a03e1380542e80a04 Sync function prototypes and declarations to satisfy clang 15. 2023-02-02T12:37:14+00:00 anton 2023-02-02T12:37:14+00:00 urn:sha1:ec08cb0adb3ed1bd870b2eeebb5ab254a4a4d6a6 ok jsing@ Make internal header file names consistent 2022-11-26T16:08:57+00:00 tb 2022-11-26T16:08:57+00:00 urn:sha1:81d98bf600a381a625eb11b39a725b08c0ba547f Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special. Adjust all .c files in libcrypto, libssl and regress. The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually. discussed with jsing, no objection bcook