openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	catch unset error when validation fails.	beck	2020-10-26	1	-1/+12
\|
*	Don't leak bundle_file and cert_file paths at the end.	tb	2020-10-10	1	-1/+3
\|
*	Read cert.pem once and reuse it instead of reading it twice per test cert	tb	2020-10-08	1	-18/+10
\| \| \| \| \| \| \| \|	chain. It only takes a few dozens of ms to read it, but doing this 7290 times adds up to a few minutes run time. This way, the test completes in a handful of seconds. Diagnosed by jsing, ok beck
*	KNF	tb	2020-10-03	1	-12/+11
\|
*	Make this test compile against OpenSSL 1.1	tb	2020-10-02	1	-11/+21
\| \| \| \| \| \| \|	The X509_STORE_CTX struct is opaque in OpenSSL 1.1. To avoid reaching inside it, reuse the trusted certificate store that was just assigned to it and use X509_STORE_CTX_get0_param(3) to access the verification parameters.
*	Move variable declaration to beginning of scope in order to make this	tb	2020-09-18	1	-3/+4
\| \| \| \|	test compile and pass on sparc64.
*	Use a fixed validation time in these tests so we never	beck	2020-09-14	1	-2/+4
\| \| \| \| \|	have to re-generate these certificates and this should just keep working even if the certs get old
*	Don't leak the X509_STORE	beck	2020-07-15	1	-1/+3
\|
*	Add certificate validation tests generated using the tools from	beck	2020-07-15	1	-0/+237
	bettertls.com, and a verification suite to try each certificate in the same manner as the web based tests do using X509_verify. This includes the list of "known" failures today in our validaion code so we can move forward without moving back.