summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Don't fall back to heapsort() if we would otherwise switch tomillert2017-05-301-7/+7
| | | | insertion sort (when the number of elements is < 7).
* Randomize link-order of libcrypto as we do with libc. This libraryderaadt2017-05-291-1/+2
| | | | | | | | | | | | | | has many small functions without significant local storage, therefore less tail protection from -fstack-protector-strong to prevent their use as ROP gadgets. It is used in security contexts. Also many functions dribble pointers onto the stack, allowing discovery of gadgets via the fixed relative addresses, so let's randomly bias those. ok tedu jsing The rc script will soon need a strategy for skipping this step on machines with poor IO performance. Or maybe do it less often? However, I don't see many more libraries we'll do this with, these are the two most important ones.
* Also test arrays of double and long long.millert2017-05-271-142/+421
|
* Synchronise chacha test cases with the referenced draft - this adds ajsing2017-05-261-23/+23
| | | | | | | | missing test case, reassigns two of the labels and removes a test case that was from an earlier draft. Inconsistency noted by Steven Roberts <fenderq at gmail dot com>, some time ago...
* Avoid a potential NULL pointer dereference in d2i_ECPrivateKey().jsing2017-05-261-1/+7
| | | | | | Reported by Robert Swiecki, who found the issue using honggfuzz. ok bcook@
* Fix gcc warnings triggered by WARNINGS=yes.bluhm2017-05-261-9/+9
| | | | OK florian@
* Add definitions for three OIDs used in EV certificates.jsing2017-05-252-0/+9
| | | | From Kyle J. McKay <mackyle at gmail dot com>
* Support swapping 32-bit aligned elements on 64-bit platforms.millert2017-05-241-22/+63
| | | | | Previously they would be swapped a byte at a time when sizeof(int) != sizeof(long). Idea from FreeBSD.
* Add timing and test name options.millert2017-05-221-12/+83
|
* Instead of embedding pre-generated tables from McIlroy's "A Killermillert2017-05-223-1538/+315
| | | | | Adversary for Quicksort", just include the code to generate them. Also allow the number of elements to be specified on the command line.
* correct a return value testjsg2017-05-211-1/+1
| | | | ok millert@
* Document that qsort falls back to heapsort() if the recursion depthmillert2017-05-201-3/+13
| | | | exceeds 2 lg N and add a reference to the introsort paper.
* Use David Musser's introsort algorithm to fall back to heapsort(3)millert2017-05-202-14/+45
| | | | | | when the recursion depth reaches 2*lg(n + 1). This avoids quicksort's quadratic behavior for pathological input without appreciably changing the average run time.
* Add input targeted at the Bentley and McIrlroy quicksort generatedmillert2017-05-191-6/+1389
| | | | | by McIlroy's "A Killer Adversary for Quicksort". This results in quadratic behavior and the test aborts before completion.
* use mergesort instead of heapsort when comparing resultsmillert2017-05-181-9/+17
|
* Avoid running the "killer" tests multiple times with the samemillert2017-05-171-10/+19
| | | | parameters.
* Add "median of three" killer, as seen in "Introspective Sorting andmillert2017-05-171-18/+44
| | | | Selection Algorithms" by David R Musser.
* Approximate nlgn instead of using libm. The same approximation maymillert2017-05-172-10/+8
| | | | be used in qsort.c in a later commit.
* Add "killer" input from "algorithmic complexity attacks and libcmillert2017-05-171-0/+12
| | | | | | | qsort()". This causes quadratic behavior with the 4.4BSD qsort's "switch to insertion sort" optimization when the input appears to be mostly sorted. That optimization was removed in qsort.c r1.12 but it is worth having in the regress test too.
* The BSD qsort() performs tail recursion elimination on the secondmillert2017-05-171-10/+25
| | | | | | | | side of the array being partitioned to save on stack space. Greater savings can be gained by choosing recursion for the smaller side of the partition and eliminating recursion for the larger side. This also results in a small but measurable performance gain. OK otto@ schwarze@
* There's no need to track the number of errors (and the counter mightmillert2017-05-171-21/+30
| | | | wrap), make it a flag instead. Pointed out by schwarze@
* Add qsort(3) regress based on Bentley & McIlroy's "Engineering a Sort Function"millert2017-05-173-2/+278
|
* Plug a memory leak. The main_cert needs to be X509_free()ed sinceclaudio2017-05-161-0/+2
| | | | | | SSL_get_peer_certificate() increases the ref count whereas extra_certs do not because SSL_get_peer_cert_chain() won't increase ref counts. OK beck@
* typo: ket -> key.tb2017-05-161-3/+3
| | | | from "fenderq" on freenode via tj
* Typo: freezeo -> freezerotb2017-05-151-3/+3
| | | | From "fenderq" on freenode via tj@
* - fix bug wrt posix_memalign(3) of blocks between half a page and a pageotto2017-05-132-8/+18
| | | | | - document posix_memalign() does not play nice with reacallocarray(3) and freezero(3)
* Fix a problem introduced in freezero() conversion and usejsg2017-05-111-2/+2
| | | | | | | | | | sizeof(struct) not sizeof(pointer). otto@ points out that on OpenBSD currently freezero() would have still zeroed the entire allocation, but this is not documented behaviour and may change in future. ok tom@
* Implement nc -W recvlimit to terminate netcat after receiving abluhm2017-05-102-8/+28
| | | | | | number of packets. This allows to send a UDP request, receive a reply and check the result on the command line. input jmc@; OK millert@
* simplify startdate/enddate validationbeck2017-05-081-27/+5
| | | | ok jsing@
* Print size_t's correctly.beck2017-05-081-3/+3
| | | | Fix from Jonas 'Sortie' Termansen <sortie@maxsi.org>
* BUF_MEM_grow_clean() returns an int, not a size_t. Humourously, on successjsing2017-05-081-3/+3
| | | | it returns "len", which is a size_t value, as an int...
* Revise cipher suites in regress to match DSS cipher suite removal.jsing2017-05-071-96/+82
|
* Drop cipher suites with DSS authentication - there is no good reason tojsing2017-05-071-197/+1
| | | | | | keep these around. ok beck@
* Instead of starting a 'zero-sized' CBB at the size of the first additionjsing2017-05-071-5/+8
| | | | | | | | to the CBB, then doubling, start with an initial size of 64 bytes. Almost all uses will exceed this size and we avoid multiple small recallocarray() calls during the initial usage. ok beck@
* Move state from ssl->internal to the handshake structure.beck2017-05-0715-256/+267
| | | | | | | while we are at it, convert SSLerror to use a function internally, so that we may later allocate the handshake structure and check for it ok jsing@
* Limit -Werror to gcc4 as was done in libcrypto/libssl/libtls to avoidjsg2017-05-072-6/+14
| | | | | | failed builds with different compilers. ok jsing@
* Ensure that a client context has been connected before attempting tojsing2017-05-072-4/+12
| | | | complete a TLS handshake.
* Add a (currently failing) call to tls_handshake() on a client context thatjsing2017-05-071-1/+8
| | | | | has not yet been connected. We expect this to fail, but it should fail gracefully.
* Also test calling tls_handshake() on a server connection context that hasjsing2017-05-071-1/+7
| | | | already completed a TLS handshake.
* Return an error if tls_handshake() is called on a TLS context that hasjsing2017-05-071-1/+6
| | | | already completed a TLS handshake.
* Add a test that calls tls_handshake() on a connection that has alreadyjsing2017-05-071-1/+7
| | | | | completed a TLS handshake. This should return a failure, but currently succeeds (hence the regress currently fails).
* An an initial sequencing/ordering test for libtls.jsing2017-05-071-1/+61
|
* Split TLS client/server handshake and close code into separate functionsjsing2017-05-061-4/+27
| | | | so that it can be reused.
* Bring in an SSL_HANDSHAKE structure and commence the great shovellingbeck2017-05-0612-115/+121
| | | | ok jsing@, gcc@, regress@
* Move TLS test code into a function that is called from main, making itjsing2017-05-062-17/+33
| | | | easier for new tests to be added.
* Free tls_configs earlier now that we have refcounting.jsing2017-05-061-4/+4
|
* Use freezero() for the tls_load_file() failure case, since we'rejsing2017-05-061-4/+4
| | | | | | potentially dealing with key material. Also switch a calloc to malloc, since we immediately copy the same amount of data to the newly allocated buffer.
* BIO_free_all() and EVP_PKEY_free() can be called with NULL.jsing2017-05-061-5/+3
|
* Add more functions.jsing2017-05-061-1/+5
|
* Sort/group functions.jsing2017-05-061-5/+10
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 18:23:41 +0000