summaryrefslogtreecommitdiff
path: root/src/regress/lib/libssl/tlsext (follow)
Commit message (Collapse)AuthorAgeFilesLines
* tlsexttest: \178 isn't a valid octal escape sequencetb2023-12-131-2/+2
|
* Avoid undefined behavior in tlsexttesttb2023-07-051-11/+18
| | | | | | | | | An empty array cannot be initialized and it is an incomplete type, so the sizeof() operator can't be applied to it. Therefore initialize it with a zero byte and replace sizeof() use with lengths. Slightly tweaked version of a patch by inoguchi in portable. Discussed with bcook, beck, kettenis
* tlsexttest: check additional logic in tlsext randomizationtb2023-04-271-1/+103
| | | | | | | This verifies that we put PSK always last and that the Apache 2 special does what it is supposed to do. There is also some weak validation of the Fisher-Yates shuffle that will likely catch errors introduced in tlsext_randomize_build_order()
* Fix the client test and the tlsext test to work with randomizedtb2023-04-231-1/+11
| | | | | TLS extensions (this involves unrandomizing the extension order for the tests that rely on golden numbers.
* Make internal header file names consistenttb2022-11-261-2/+2
| | | | | | | | | | | | | | | | Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special. Adjust all .c files in libcrypto, libssl and regress. The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually. discussed with jsing, no objection bcook
* tlsexttest.c: make various static structs consttb2022-10-211-19/+19
|
* quic tlsext tests: use byte vector in place of stringtb2022-10-211-10/+8
| | | | | | | While this doesn't actually change anything, it should appease Coverity. CID 358678 CID 358679
* Revise for SSL_CTX_INTERNAL and SSL_INTERNAL removal.jsing2022-10-021-51/+51
|
* Revise regress now that SSL_QUIC_METHOD exists.jsing2022-08-211-4/+6
|
* fix error messagetb2022-08-051-2/+2
|
* Use the FAIL macro instead of fprintf(stderr, "FAIL: ...\n");tb2022-08-051-10/+10
|
* Make the bogokey[] global static const.tb2022-08-051-7/+8
|
* Move CBB_init() to a consistent place.tb2022-08-051-10/+10
|
* Consistently initialize failure to 1 at the top of the function andtb2022-08-051-76/+62
| | | | clear it right before the done label.
* Consistently check for CBB_init() failure.tb2022-08-051-45/+89
|
* Remove most of the indirection introduced in previous and instead fetchtb2022-08-051-400/+339
| | | | | | | the appropriate tls_extension_funcs pointers for client and server from libssl and reach into them directly. ok jsing
* Add some glue to fetch the tlsext functions from the tls_extensions[]tb2022-08-041-190/+440
| | | | table rather than calling the functions directly.
* Revise regress for QUIC transport parameters TLS extension.jsing2022-07-171-15/+32
|
* Adjust to new tls1_ec_nid2group_id API.tb2022-07-021-7/+13
|
* Add support for sending QUIC transport parametersbeck2022-06-291-1/+257
| | | | | | | | | | This is the start of adding the boringssl API for QUIC support, and the TLS extensions necessary to send and receive QUIC transport data. Inspired by boringssl's https://boringssl-review.googlesource.com/24464 ok jsing@ tb@
* Use relative paths so beck can run regress in his git tree and havetb2022-06-291-2/+3
| | | | the correct ssl_local.h etc be picked up.
* Minor tweaks to psk modes regresstb2022-06-061-3/+3
|
* move the calls to psk kex modes tests down to match order in ssl_tlsext.ctb2022-06-051-4/+4
|
* Add regress coverage for PSK kex modes tlsext handlers.tb2022-06-051-2/+210
|
* Plug a number of leaks reported by Ilya Shipitsintb2022-02-081-2/+9
|
* Revise for S3I removal.jsing2022-02-051-81/+81
|
* Revise for changes to tls_key_share_peer_public()jsing2022-01-111-2/+4
|
* Revise for change to tls_key_share_peer_public()jsing2022-01-061-3/+2
|
* Revise for tls13_key_share rename.jsing2022-01-051-11/+11
|
* One more leak of the same kindtb2021-12-291-2/+2
|
* Plug memleaktb2021-12-291-3/+3
| | | | CID 345160
* Add regress that calls SSL_set_tlsext_host_name() with a NULL host name.jsing2021-11-021-1/+15
|
* Rework SNI hostname regress to be table driven.jsing2021-11-011-62/+147
| | | | | | | Also adjust for the changes to tlsext_sni_is_valid_hostname() and include tests for IPv4 and IPv6 literals. ok beck@
* Free memory on text exit to make asan quieterbeck2021-10-261-53/+83
| | | | ok tb@
* Revise regress for removal of SSL_SESSION_INTERNAL.jsing2021-10-261-27/+27
|
* The server only sends a cookie during a HRR, not a SHtb2021-03-241-4/+4
|
* Update regress for new_cipher rename.jsing2021-03-241-4/+4
|
* Revise regress to match handshake struct changes.jsing2021-03-211-18/+18
|
* Revise TLS extension regress to match version handling changes.jsing2021-03-101-57/+25
|
* No longer need to cast away const in srtp_find_profile_by_name()tb2020-10-111-2/+2
|
* Unbreak regress following SRTP_PROTECTION_PROFILE const change.jsing2020-10-111-2/+2
|
* Update golden values to match P-521 being enabled by default in the client.jsing2020-08-091-10/+11
|
* tlsexttest: pass message type to the extension functionstb2020-07-031-144/+144
| | | | ok beck jsing
* adjust tlsexttest to new argument ordertb2020-07-031-5/+5
|
* Previous commit caught a few errx() cases by accident. undo them.tb2020-05-241-25/+25
|
* include newlines in FAIL messagestb2020-05-241-108/+108
|
* address some nits from jsingtb2020-05-241-7/+11
|
* Enforce that SNI hostnames be correct as per rfc 6066 and 5980.beck2020-05-231-1/+79
| | | | | | | Correct SNI alerts to differentiate between illegal parameter and an unknown name. ok tb@`
* Revise regress for TLSv1.3 server being enabled.jsing2020-05-111-5/+8
|
* Update key share regress to match previous change.jsing2020-04-171-4/+4
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2026-02-10 07:12:09 +0000