summaryrefslogtreecommitdiff
path: root/src/regress/lib/libssl/tlsext/tlsexttest.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* parametes -> parameterstb2024-09-111-2/+2
|
* Revise regress to match cipher suite values change.jsing2024-07-221-8/+4
|
* Initialize quic_method in tlsexttesttb2024-03-301-3/+3
| | | | | | | This is only there to pretend a quic method was set on the SSL, but apparently some compilers warn about an uninitialized variable. from Christian Andersen
* Fix coverity complaints.beck2024-03-281-4/+6
|
* fix leaks in the horrible ssl whackery necessary for this test.beck2024-03-271-4/+5
| | | | ok tb@
* Fix up server processing of key shares.beck2024-03-271-5/+96
| | | | | | | | | | | | | | | | | | | Ensure that the client can not provide a duplicate key share for any group, or send more key shares than groups they support. Ensure that the key shares must be provided in the same order as the client preference order specified in supported_groups. Ensure we only will choose to use a key share that is for the most preferred group by the client that we also support, to avoid the client being downgraded by sending a less preferred key share. If we do not end up with a key share for the most preferred mutually supported group, will then do a hello retry request selecting that group. Add regress for this to regress/tlsext/tlsexttest.c ok jsing@
* Fix expected client hello value to allow for supported_groups change.beck2024-03-261-4/+4
| | | | ok jsing@
* Revise for TLS extension parsing/processing changes.jsing2024-03-251-108/+42
|
* Revise TLS extension regress for parse/process changes.jsing2024-03-251-43/+108
|
* tlsexttest: \178 isn't a valid octal escape sequencetb2023-12-131-2/+2
|
* Avoid undefined behavior in tlsexttesttb2023-07-051-11/+18
| | | | | | | | | An empty array cannot be initialized and it is an incomplete type, so the sizeof() operator can't be applied to it. Therefore initialize it with a zero byte and replace sizeof() use with lengths. Slightly tweaked version of a patch by inoguchi in portable. Discussed with bcook, beck, kettenis
* tlsexttest: check additional logic in tlsext randomizationtb2023-04-271-1/+103
| | | | | | | This verifies that we put PSK always last and that the Apache 2 special does what it is supposed to do. There is also some weak validation of the Fisher-Yates shuffle that will likely catch errors introduced in tlsext_randomize_build_order()
* Fix the client test and the tlsext test to work with randomizedtb2023-04-231-1/+11
| | | | | TLS extensions (this involves unrandomizing the extension order for the tests that rely on golden numbers.
* Make internal header file names consistenttb2022-11-261-2/+2
| | | | | | | | | | | | | | | | Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special. Adjust all .c files in libcrypto, libssl and regress. The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually. discussed with jsing, no objection bcook
* tlsexttest.c: make various static structs consttb2022-10-211-19/+19
|
* quic tlsext tests: use byte vector in place of stringtb2022-10-211-10/+8
| | | | | | | While this doesn't actually change anything, it should appease Coverity. CID 358678 CID 358679
* Revise for SSL_CTX_INTERNAL and SSL_INTERNAL removal.jsing2022-10-021-51/+51
|
* Revise regress now that SSL_QUIC_METHOD exists.jsing2022-08-211-4/+6
|
* fix error messagetb2022-08-051-2/+2
|
* Use the FAIL macro instead of fprintf(stderr, "FAIL: ...\n");tb2022-08-051-10/+10
|
* Make the bogokey[] global static const.tb2022-08-051-7/+8
|
* Move CBB_init() to a consistent place.tb2022-08-051-10/+10
|
* Consistently initialize failure to 1 at the top of the function andtb2022-08-051-76/+62
| | | | clear it right before the done label.
* Consistently check for CBB_init() failure.tb2022-08-051-45/+89
|
* Remove most of the indirection introduced in previous and instead fetchtb2022-08-051-400/+339
| | | | | | | the appropriate tls_extension_funcs pointers for client and server from libssl and reach into them directly. ok jsing
* Add some glue to fetch the tlsext functions from the tls_extensions[]tb2022-08-041-190/+440
| | | | table rather than calling the functions directly.
* Revise regress for QUIC transport parameters TLS extension.jsing2022-07-171-15/+32
|
* Adjust to new tls1_ec_nid2group_id API.tb2022-07-021-7/+13
|
* Add support for sending QUIC transport parametersbeck2022-06-291-1/+257
| | | | | | | | | | This is the start of adding the boringssl API for QUIC support, and the TLS extensions necessary to send and receive QUIC transport data. Inspired by boringssl's https://boringssl-review.googlesource.com/24464 ok jsing@ tb@
* Minor tweaks to psk modes regresstb2022-06-061-3/+3
|
* move the calls to psk kex modes tests down to match order in ssl_tlsext.ctb2022-06-051-4/+4
|
* Add regress coverage for PSK kex modes tlsext handlers.tb2022-06-051-2/+210
|
* Plug a number of leaks reported by Ilya Shipitsintb2022-02-081-2/+9
|
* Revise for S3I removal.jsing2022-02-051-81/+81
|
* Revise for changes to tls_key_share_peer_public()jsing2022-01-111-2/+4
|
* Revise for change to tls_key_share_peer_public()jsing2022-01-061-3/+2
|
* Revise for tls13_key_share rename.jsing2022-01-051-11/+11
|
* One more leak of the same kindtb2021-12-291-2/+2
|
* Plug memleaktb2021-12-291-3/+3
| | | | CID 345160
* Add regress that calls SSL_set_tlsext_host_name() with a NULL host name.jsing2021-11-021-1/+15
|
* Rework SNI hostname regress to be table driven.jsing2021-11-011-62/+147
| | | | | | | Also adjust for the changes to tlsext_sni_is_valid_hostname() and include tests for IPv4 and IPv6 literals. ok beck@
* Free memory on text exit to make asan quieterbeck2021-10-261-53/+83
| | | | ok tb@
* Revise regress for removal of SSL_SESSION_INTERNAL.jsing2021-10-261-27/+27
|
* The server only sends a cookie during a HRR, not a SHtb2021-03-241-4/+4
|
* Update regress for new_cipher rename.jsing2021-03-241-4/+4
|
* Revise regress to match handshake struct changes.jsing2021-03-211-18/+18
|
* Revise TLS extension regress to match version handling changes.jsing2021-03-101-57/+25
|
* No longer need to cast away const in srtp_find_profile_by_name()tb2020-10-111-2/+2
|
* Unbreak regress following SRTP_PROTECTION_PROFILE const change.jsing2020-10-111-2/+2
|
* Update golden values to match P-521 being enabled by default in the client.jsing2020-08-091-10/+11
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-25 18:05:29 +0000