openbsd/src/regress/lib/libssl/tlsext, branch OPENBSD_6_5

openbsd/src/regress/lib/libssl/tlsext, branch OPENBSD_6_5_BASE A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=OPENBSD_6_5_BASE 2019-03-25T18:12:05+00:00 Update regress following sigalgs changes. 2019-03-25T18:12:05+00:00 jsing 2019-03-25T18:12:05+00:00 urn:sha1:856201ba7fab9705348ec37aaf27977f053300e0 Use malloc() and memcpy() the test X25519 x25519_peer_public value. 2019-02-03T14:03:46+00:00 jsing 2019-02-03T14:03:46+00:00 urn:sha1:9f38d897227cb5fcb751777593a0744c0b2cd53b Otherwise, if tlsext_keyshare_server_build() fails we call free with a pointer to static memory and bad things happen. Reported by bcook@ Add server side of versions, keyshare, and client and server of cookie 2019-01-24T02:56:41+00:00 beck 2019-01-24T02:56:41+00:00 urn:sha1:0e0dded0edfa8150131664aa928c1c890377082d extensions for tls1.3. versions is currently defanged to ignore its result until tls13 server side wired in full, so that server side code still works today when we only support tls 1.2 ok bcook@ tb@ jsing@ Remove SHA224 based sigalgs from use in TLS 1.2 as SHA224 is deprecated. 2019-01-24T00:07:58+00:00 beck 2019-01-24T00:07:58+00:00 urn:sha1:0c4d3f4e4b1febe6578a3147f00c5604cbbba167 Remove GOST based sigalgs from TLS 1.2 since they don't work with TLS 1.2. ok jsing@ Modify sigalgs extension processing to accomodate TLS 1.3. 2019-01-23T18:39:28+00:00 beck 2019-01-23T18:39:28+00:00 urn:sha1:5b044ab96482aee07d5182930013d4e606d4740d - Make a separate sigalgs list for TLS 1.3 including only modern algorithm choices which we use when the handshake will not negotiate TLS 1.2. - Modify the legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as mandated by RFC8446 when the handshake will permit negotiation of TLS 1.2 from a 1.3 handshake. ok jsing@ tb@ revert previous, accidentally contained another diff in addition 2019-01-23T18:24:40+00:00 beck 2019-01-23T18:24:40+00:00 urn:sha1:9a6a5e403c8b66eb5bbc3532a5f1b5e325b172c1 to the one I intended to commit Modify sigalgs extension processing for TLS 1.3. 2019-01-23T16:46:04+00:00 beck 2019-01-23T16:46:04+00:00 urn:sha1:eb8cfbe6972b8b99de20acf4ed8e9b7ffc9b22df - Make a separate sigalgs list for TLS 1.3 including only modern algorithm choices which we use when the handshake will not negotiate TLS 1.2 - Modify the legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as mandated by RFC8446 when the handshake will permit negotiation of TLS 1.2 ok jsing@ tb@ Add client side of supported versions and keyshare extensions with basic regress 2019-01-18T12:09:52+00:00 beck 2019-01-18T12:09:52+00:00 urn:sha1:ce47e4d50f0d2d1f5283e840350417b0292ea5f4 ok jsing@ Update regress following TLS extension renaming. 2019-01-18T00:55:15+00:00 jsing 2019-01-18T00:55:15+00:00 urn:sha1:d3e4cdbf1ae1265b3c47a8d23d4e9140e50e12af Make sure the interop test happen last (since they take a long time) 2018-11-10T08:10:31+00:00 beck 2018-11-10T08:10:31+00:00 urn:sha1:23eb946b5cec1a98fd1599f973060fc71400eb77