summaryrefslogtreecommitdiff
path: root/src/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Add the two length tests. Can't currently run them because we need antb2022-05-141-1/+6
| | | | echo server.
* Add missing self. From antontb2022-04-211-2/+2
|
* Implement a -h option that allows specifying a target host thattb2021-09-031-9/+13
| | | | will be passed to the test scripts.
* Now that the issue is fixed, enable test-extensions.pytb2021-09-031-6/+2
|
* Add -f to usagetb2021-09-021-2/+2
|
* add new (unsupported) eddsa in certificate verify teststb2021-08-111-1/+3
|
* Enable test-renegotiation-changed-clienthello.py but skiptb2021-04-231-1/+7
| | | | | "drop extended_master_secret in renegotiation" since we don't support this extension.
* revert previous. some of the keyupdate tests still fail occasionallytb2021-04-141-2/+11
|
* Enable test-tls13-keyupdate.pytb2021-04-141-9/+2
|
* move test-record-size-limit.py to unsupportedtb2021-04-141-4/+3
|
* enable test-record-layer-fragmentation.pytb2021-04-141-7/+2
|
* factor argument to catch an alert mismatch into a helper functiontb2021-04-141-7/+8
|
* enable test-tlsfuzzer-invalid-compression-methods.pytb2021-04-131-5/+10
|
* enable test-large-hello.py as a slow testtb2021-04-131-3/+2
|
* with new defaults, test-fuzzed-plaintext.py is no longer slowtb2021-04-131-3/+2
|
* move a few tests to the unsupported group and fix two commentstb2021-04-131-15/+15
|
* annotate test-ecdhe-rsa-key-exchange-with-bad-messages.py with expectedtb2021-04-131-2/+3
| | | | alerts and where to add them.
* Enable test-cve-2016-6309.pytb2021-04-081-3/+2
|
* The failure mode of test-tls13-version-negotiation.py has changed.tb2021-03-281-4/+2
| | | | Update comment.
* Enable test-sig-algs-renegotiation-resumption.py.tb2021-03-271-5/+6
| | | | | | | This test covers various scenarios with renegotiation and session resumption. In particular it crashes the OpenSSL 1.1.1j server due to the sigalg NULL deref fixed this week. We need --sig-algs-drop-ok since we do not currently implement signature_algorithms_cert.
* Add test-sig-algs-renegotiation-resumption.pytb2021-03-261-1/+5
| | | | This test currently fails but may soon be fixed.
* typotb2021-03-201-2/+2
|
* Add new test-tls13-multiple-ccs-messages.pytb2021-03-201-1/+8
| | | | | | | | | | | This is a test that checks for NSS's CCS flood DoS CVE-2020-25648. The test script currently fails on LibreSSL and OpenSSL 1.1.1j because it sends invalid records with version 0x0300 instead of 0x0303. We have the ccs_seen logic corresponding to NSS's fix: https://hg.mozilla.org/projects/nss/rev/57bbefa793232586d27cee83e74411171e128361 but we do allow up to two CCS due to an interop issue with Fizz, so at least one of the tests will likey be broken once the record version is fixed.
* wrap an overlong linetb2021-01-271-2/+3
|
* add arguments to skip a bunch of x448 teststb2020-10-071-3/+18
|
* move test-tls13-finished.py from slow tests to normal tests.tb2020-09-251-27/+26
|
* test-tls13-finished.py has 70 failing tests that expect a "decode_error"tb2020-09-251-6/+94
| | | | | | instead of the "decrypt_error" sent by tls13_server_finished_recv(). Both alerts appear to be reasonable in this context, so enable the tests while working around this.
* delete a stale commenttb2020-09-251-5/+1
|
* Enable test-tls13-large-number-of-extensions.pytb2020-09-101-2/+7
| | | | | | Skip sending an empty ECPF extension for now: we don't accept it since according to RFC 4492 and 8422 it needs to advertise uncompressed point formats.
* Also print a list of missing scripts in summarytb2020-08-171-5/+10
|
* Avoid test failures due to outdated packagestb2020-08-171-1/+6
| | | | | Indicate missing test scripts prominently in the result but do not count them as an error.
* enable jsing's zero content type testtb2020-08-151-1/+2
|
* Session resumption is not currently supported for TLSv1.3.tb2020-08-081-4/+4
|
* Enable P-521 and run the tests that use it.tb2020-08-081-5/+3
|
* enable test-tls13-keyshare-omitted.pytb2020-06-241-5/+2
|
* Add test-ffdhe-expected-params.pytb2020-06-241-1/+2
|
* Enable lucky 13 test.tb2020-06-191-5/+2
|
* Add lucky13 and bleichenbacher-timing teststb2020-06-101-1/+7
|
* Implement a rolling hash of the ClientHello message, Enforce RFC 8446beck2020-06-061-2/+2
| | | | | | | | section 4.1.2 to ensure subsequent ClientHello messages after a HelloRetryRequest messages must be unchanged from the initial ClientHello. ok tb@ jsing@
* Enable the record layer limits test and mark two finished test cases astb2020-06-031-5/+8
| | | | | xfail for now. Arguably, the expected decode_error is more appropriate than the decrypt_error that we send at the moment.
* Enable the test-tls13-zero-length-data.py test, skipping thetb2020-06-011-8/+10
| | | | three tests that fail due to a BIO_gets() bug.
* Enable test-dhe-rsa-key-exchange-with-bad-messages.pytb2020-06-011-4/+2
|
* The version detection doesn't work on bluhm's test machine, causingtb2020-05-241-3/+3
| | | | | | | the test to fail. Neuter it for now and just assume we do TLSv1.3. I have been intending to purge this version detection hack once I'm sure we can leave the 1.3 server enabled but I'll leave it here for now.
* beck fixed most of the keyupdate tests. update annotationtb2020-05-211-3/+8
|
* Add a harness that runs tests from tlsfuzzertb2020-05-211-0/+736
This currently runs 54 tests from the tlsfuzzer suite against the TLSv1.3 server which exercise a large portion of the code. They already found a number of bugs and misbehaviors and also inspired a few diffs currently in the pipeline. This regress requires the py3-tlsfuzzer package to be installed, otherwise the tests are skipped. Many thanks to kmos for helping with the ports side and to beck for his positive feedback. ok beck
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 22:09:18 +0000