summaryrefslogtreecommitdiff
path: root/src/regress/lib/libssl/tlsext (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Revise for changes to tls_key_share_peer_public()jsing2022-01-111-2/+4
|
* Revise for change to tls_key_share_peer_public()jsing2022-01-061-3/+2
|
* Revise for tls13_key_share rename.jsing2022-01-051-11/+11
|
* One more leak of the same kindtb2021-12-291-2/+2
|
* Plug memleaktb2021-12-291-3/+3
| | | | CID 345160
* Add regress that calls SSL_set_tlsext_host_name() with a NULL host name.jsing2021-11-021-1/+15
|
* Rework SNI hostname regress to be table driven.jsing2021-11-011-62/+147
| | | | | | | Also adjust for the changes to tlsext_sni_is_valid_hostname() and include tests for IPv4 and IPv6 literals. ok beck@
* Free memory on text exit to make asan quieterbeck2021-10-261-53/+83
| | | | ok tb@
* Revise regress for removal of SSL_SESSION_INTERNAL.jsing2021-10-261-27/+27
|
* The server only sends a cookie during a HRR, not a SHtb2021-03-241-4/+4
|
* Update regress for new_cipher rename.jsing2021-03-241-4/+4
|
* Revise regress to match handshake struct changes.jsing2021-03-211-18/+18
|
* Revise TLS extension regress to match version handling changes.jsing2021-03-101-57/+25
|
* No longer need to cast away const in srtp_find_profile_by_name()tb2020-10-111-2/+2
|
* Unbreak regress following SRTP_PROTECTION_PROFILE const change.jsing2020-10-111-2/+2
|
* Update golden values to match P-521 being enabled by default in the client.jsing2020-08-091-10/+11
|
* tlsexttest: pass message type to the extension functionstb2020-07-031-144/+144
| | | | ok beck jsing
* adjust tlsexttest to new argument ordertb2020-07-031-5/+5
|
* Previous commit caught a few errx() cases by accident. undo them.tb2020-05-241-25/+25
|
* include newlines in FAIL messagestb2020-05-241-108/+108
|
* address some nits from jsingtb2020-05-241-7/+11
|
* Enforce that SNI hostnames be correct as per rfc 6066 and 5980.beck2020-05-231-1/+79
| | | | | | | Correct SNI alerts to differentiate between illegal parameter and an unknown name. ok tb@`
* Revise regress for TLSv1.3 server being enabled.jsing2020-05-111-5/+8
|
* Update key share regress to match previous change.jsing2020-04-171-4/+4
|
* Reset the key share so that we do not have an existing peer public key.jsing2020-02-051-1/+7
|
* Tweak regress to match change made to tls13_key_share_peer_public().jsing2020-02-011-2/+1
|
* Revise for TLSv1.3 key share changes.jsing2020-01-301-8/+27
|
* server sigalgs test is now bogus, disable for nowbeck2020-01-261-2/+3
|
* It has been called to my attention that the cookie monster ascii artbeck2019-11-101-17/+7
| | | | | | | | | in this test which I had obtained from a site purporting it to be free for use with artist attribtion might not be. After looking at at some other muppett ascii art for inspiration I am replacing this with my own ascii art muppet to replace the previously used cookie monster. The copyright for the art is the same as my code.
* Update regress following sigalgs changes.jsing2019-03-251-17/+1
|
* Use malloc() and memcpy() the test X25519 x25519_peer_public value.jsing2019-02-031-3/+6
| | | | | | | Otherwise, if tlsext_keyshare_server_build() fails we call free with a pointer to static memory and bad things happen. Reported by bcook@
* Add server side of versions, keyshare, and client and server of cookiebeck2019-01-241-6/+435
| | | | | | | | extensions for tls1.3. versions is currently defanged to ignore its result until tls13 server side wired in full, so that server side code still works today when we only support tls 1.2 ok bcook@ tb@ jsing@
* Remove SHA224 based sigalgs from use in TLS 1.2 as SHA224 is deprecated.beck2019-01-241-18/+10
| | | | | Remove GOST based sigalgs from TLS 1.2 since they don't work with TLS 1.2. ok jsing@
* Modify sigalgs extension processing to accomodate TLS 1.3.beck2019-01-231-10/+12
| | | | | | | | | | - Make a separate sigalgs list for TLS 1.3 including only modern algorithm choices which we use when the handshake will not negotiate TLS 1.2. - Modify the legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as mandated by RFC8446 when the handshake will permit negotiation of TLS 1.2 from a 1.3 handshake. ok jsing@ tb@
* revert previous, accidentally contained another diff in additionbeck2019-01-231-12/+10
| | | | to the one I intended to commit
* Modify sigalgs extension processing for TLS 1.3.beck2019-01-231-10/+12
| | | | | | | | | - Make a separate sigalgs list for TLS 1.3 including only modern algorithm choices which we use when the handshake will not negotiate TLS 1.2 - Modify the legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as mandated by RFC8446 when the handshake will permit negotiation of TLS 1.2 ok jsing@ tb@
* Add client side of supported versions and keyshare extensions with basic regressbeck2019-01-181-1/+192
| | | | ok jsing@
* Update regress following TLS extension renaming.jsing2019-01-181-376/+375
|
* Make sure the interop test happen last (since they take a long time)beck2018-11-101-6/+6
|
* Unbreak regress following Supported Elliptic Curve extension rename.jsing2018-11-061-49/+49
|
* Initialise new_cipher in the serverhello TLS extensions test, to avoid ajsing2017-12-281-3/+14
| | | | | | | | | | NULL pointer dereference in ssl_using_ecc_cipher(). Some compilers avoid triggering this, likely due to the EC formats list also being NULL. While here, setup the EC formats list so that we actually include the EC points format extension in the server hello extensions. Found the hard way by bcook@
* Add regress test coverage for building clienthello and serverhellojsing2017-11-281-4/+201
| | | | | extensions, both with extensions being present and not present. The not present case currently fails.
* When parsing extensions by calling the parse functions directly, ensurejsing2017-08-291-2/+82
| | | | | that we have consumed all of the extension data. This catches the ALPN extension handling issue that was just fixed.
* Rewrite SRTP extension using CBB/CBS and the new extension framework.doug2017-08-271-1/+402
| | | | input + ok beck@, jsing@
* check return value from CBB_initbeck2017-08-271-2/+3
|
* Rewrite ALPN extension using CBB/CBS and the new extension framework.doug2017-08-261-1/+381
| | | | | ok bcook@ beck@ input + ok jsing@
* Rewrite the TLS status request extension to use the new TLS extension framework.beck2017-08-121-1/+128
| | | | ok jsing@
* Add regress coverage for the TLS signature algorithms extension.jsing2017-08-121-1/+163
|
* Rewrite session ticket TLS extension handling using CBB/CBS and the newdoug2017-08-121-1/+302
| | | | | | extension framework. ok jsing@ beck@
* errant whitespacebeck2017-08-121-3/+3
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-31 21:56:35 +0000