| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | OpenSSL 1.1 is dead. Make this optionally use 3.3 instead. | tb | 2024-12-27 | 1 | -4/+4 |
| | | |||||
| * | catch unset error when validation fails. | beck | 2020-10-26 | 1 | -1/+12 |
| | | |||||
| * | Don't leak bundle_file and cert_file paths at the end. | tb | 2020-10-10 | 1 | -1/+3 |
| | | |||||
| * | Read cert.pem once and reuse it instead of reading it twice per test cert | tb | 2020-10-08 | 1 | -18/+10 |
| | | | | | | | | | chain. It only takes a few dozens of ms to read it, but doing this 7290 times adds up to a few minutes run time. This way, the test completes in a handful of seconds. Diagnosed by jsing, ok beck | ||||
| * | KNF | tb | 2020-10-03 | 1 | -12/+11 |
| | | |||||
| * | typo | tb | 2020-10-03 | 1 | -1/+1 |
| | | |||||
| * | spelling, punctuation, whitespace | tb | 2020-10-02 | 2 | -6/+6 |
| | | |||||
| * | Add possibility to link and run this test against the OpenSSL 1.1.1 package | tb | 2020-10-02 | 1 | -1/+7 |
| | | | | | | | using the make variable EOPENSSL11. Suggested by jsing | ||||
| * | Use += and ?= and tidy up whitespace | tb | 2020-10-02 | 1 | -8/+8 |
| | | |||||
| * | Tidy up: no need to link statically against libcrypto and no need | tb | 2020-10-02 | 1 | -4/+4 |
| | | | | | to look at its private headers either. | ||||
| * | Make this test compile against OpenSSL 1.1 | tb | 2020-10-02 | 1 | -11/+21 |
| | | | | | | | | The X509_STORE_CTX struct is opaque in OpenSSL 1.1. To avoid reaching inside it, reuse the trusted certificate store that was just assigned to it and use X509_STORE_CTX_get0_param(3) to access the verification parameters. | ||||
| * | Move variable declaration to beginning of scope in order to make this | tb | 2020-09-18 | 1 | -3/+4 |
| | | | | | test compile and pass on sparc64. | ||||
| * | Change the known output to be the expected output, so that we | beck | 2020-09-14 | 1 | -1421/+1421 |
| | | | | | | | no longer ignore the expected failures from the legacy name constraints validation, and will have a regress failure if we regress. | ||||
| * | Use a fixed validation time in these tests so we never | beck | 2020-09-14 | 1 | -2/+4 |
| | | | | | | have to re-generate these certificates and this should just keep working even if the certs get old | ||||
| * | Fix perl bugs that had me printing the wrong cert number for errors | beck | 2020-07-16 | 1 | -8/+9 |
| | | |||||
| * | The exit code from the perl matters here | beck | 2020-07-15 | 1 | -1/+3 |
| | | |||||
| * | Don't leak the X509_STORE | beck | 2020-07-15 | 1 | -1/+3 |
| | | |||||
| * | Add certificate validation tests generated using the tools from | beck | 2020-07-15 | 10945 | -0/+444760 |
| bettertls.com, and a verification suite to try each certificate in the same manner as the web based tests do using X509_verify. This includes the list of "known" failures today in our validaion code so we can move forward without moving back. | |||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |