openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	Revert accidental commit	tb	2021-08-30	1	-2/+2
\|
*	link verify regress tests to build	tb	2021-08-30	1	-2/+2
\|
*	1) Move the interop tests to the end so we see tlsfuzzer first	beck	2020-09-21	1	-4/+10
\| \| \| \| \| \| \| \| \| \|	2) Reorder the interop tests so the really slow "cert" test is at the end 3) Change the cert tests to use REGRESS_SLOW_TARGETS when testing combination of client and server that does not involve libressl. This way we can skip testing openssl to openssl11 when running these manually by setting REGRESS_SKIP_SLOW to "yet" in mk.conf ok jsing@
*	Test botan TLS client with libressl, openssl, openssl11 server.	bluhm	2020-09-15	1	-1/+2
\|
*	Connect a client to a server. Both can be current libressl, or	bluhm	2020-09-14	1	-1/+2
\| \| \| \| \| \| \|	openssl 1.0.2, or openssl 1.1. Pin client or server to a fixed TLS version number. Incompatible versions must fail. Check that client and server have used correct version by grepping in their session print out.
*	Enable cert and cipher interop tests. cert just works. cipher has	bluhm	2020-09-11	1	-3/+3
\| \| \| \| \| \| \| \|	been fixed to work with libressl TLS 1.3. Both libressl and openssl11 replace obsolete TLS 1.2 ciphers with AEAD-AES256-GCM-SHA384 or TLS_AES_256_GCM_SHA384 in TLS 1.3 respectively. The test expects that now. Currently GOST does not work with libressl and TLS 1.3 and is disabled.
*	Disable cert interop tests for now.	jsing	2020-01-25	1	-2/+2
\| \| \| \| \| \| \| \|	The libressl TLSv1.3 client and server currently lack client certificate authentication support and this test expects all clients can auth with all servers. We can likely turn this back on in the near future.
*	Actually disable cipher interop tests.	jsing	2020-01-25	1	-3/+3
\|
*	Disable the cipher interop tests.	jsing	2020-01-25	1	-3/+4
\| \| \| \| \| \| \| \| \| \|	These make far too many assumptions about cipher suites - TLSv1.3 cipher suites can only be used with TLSv1.3 and there is tests using TLSv1.3 cipher suites with TLSv1.2 will not work. Likewise, expecting TLSv1.2 cipher suites to work with TLSv1.3 is futile. Additionally, eopenssl11 lists TLSv1.3 cipher suites with different names to libressl. Futher work will be necessary before this can be re-enabled.
*	Test that all supported TLS ciphers actually work. Establish	bluhm	2019-02-21	1	-1/+2
\| \| \| \| \| \|	connections between client and server implemented with LibreSSL or OpenSSL with a fixed cipher on each side. Check the used cipher in the session print out.
*	Reorganize libssl interop tests. Move netcat tests into separate	bluhm	2018-11-11	1	-1/+2
\| \| \| \| \|	directory. Keep all log files for easier debugging. Name regress target names consistently.
*	Regress client and server can do session reuse now. Test this with	bluhm	2018-11-10	1	-2/+5
\| \| \| \| \|	all combinations of LibreSSL, OpenSSL 1.0.2, and OpenSSL 1.1. It is currently disabled for TLS 1.3 as this needs more setup.
*	The cert subdir is testing all combinations of certificate validation.	bluhm	2018-11-09	1	-2/+2
\| \| \| \| \| \|	Having the three libraries, client and server certificates, missing or invalid CA or certificates, and enforcing peer certificate results in 1944 new test cases.
*	Add interop test with OpenSSL 1.1. TLS 1.3 should be used automatically	bluhm	2018-11-07	1	-2/+2
\| \| \| \| \|	when it becomes available in LibreSSL. thanks to sthen@ for the new OpenSSL port
*	Test TLS interoperability between LibreSSL and OpenSSL.	bluhm	2018-11-07	1	-0/+5
	Implement simple SSL client and server in C. Create four binaries by linking them with LibreSSL or OpenSSL. This way API compatibility is tested. Connect and accept with netcat to test protocol compatibility with libtls. Currently OpenSSL 1.0.2p from ports is used. Plan is to move to OpenSSL 1.1 and and test TLS 1.3. idea from beck@; help from jsing@