| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Enable large number of extension tests and stop skippking QUIC transport | tb | 2024-09-18 | 1 | -8/+3 |
| | | | | | parameter extension which we now know about | ||||
| * | tlsfuzzer: grammar fix missed in previous | tb | 2024-09-14 | 1 | -2/+2 |
| | | |||||
| * | typo: troups -> groups | tb | 2024-09-13 | 1 | -2/+2 |
| | | |||||
| * | Prepare for an upcoming tlsfuzzer test that expects decode_error | tb | 2024-09-06 | 1 | -2/+5 |
| | | | | | when we send illegal_parameter. Shrug. | ||||
| * | Prepare tlsfuzzer.py for ports update | tb | 2023-08-14 | 1 | -3/+13 |
| | | |||||
| * | Link new ccs test to build | tb | 2023-08-03 | 1 | -1/+7 |
| | | | | | | Exception needed since the test expects an unexpected_message alert, while we throw a decode_error. | ||||
| * | Disable TLS 1.0 and TLS 1.1 in libssl | beck | 2023-07-02 | 1 | -6/+37 |
| | | | | | | | | | | | | | Their time has long since past, and they should not be used. This change restricts ssl to versions 1.2 and 1.3, and changes the regression tests to understand we no longer speak the legacy protocols. For the moment the magical "golden" byte for byte comparison tests of raw handshake values are disabled util jsing fixes them. ok jsing@ tb@ | ||||
| * | File new test-bleichenbacher-timing-pregenerate.py under failing tests | tb | 2023-06-10 | 1 | -1/+3 |
| | | | | | until someone finds time and motivation to figure out how to use this. | ||||
| * | tlsfuzzer: hook up new connection abort tests while skipping the NST | tb | 2023-01-06 | 1 | -1/+5 |
| | | | | | tests for TLSv1.3 since that's not currently handled. | ||||
| * | Add comments to explain the magic numbers 57 and 58 | tb | 2022-07-18 | 1 | -1/+4 |
| | | |||||
| * | Avoid sending the QUIC transport parameters extension now that we | tb | 2022-07-18 | 1 | -4/+4 |
| | | | | | | | send an unsupported extension alert. Noted by anton | ||||
| * | Add the two length tests. Can't currently run them because we need an | tb | 2022-05-14 | 1 | -1/+6 |
| | | | | | echo server. | ||||
| * | Add missing self. From anton | tb | 2022-04-21 | 1 | -2/+2 |
| | | |||||
| * | Implement a -h option that allows specifying a target host that | tb | 2021-09-03 | 1 | -9/+13 |
| | | | | | will be passed to the test scripts. | ||||
| * | Now that the issue is fixed, enable test-extensions.py | tb | 2021-09-03 | 1 | -6/+2 |
| | | |||||
| * | Add -f to usage | tb | 2021-09-02 | 1 | -2/+2 |
| | | |||||
| * | add new (unsupported) eddsa in certificate verify tests | tb | 2021-08-11 | 1 | -1/+3 |
| | | |||||
| * | Enable test-renegotiation-changed-clienthello.py but skip | tb | 2021-04-23 | 1 | -1/+7 |
| | | | | | | "drop extended_master_secret in renegotiation" since we don't support this extension. | ||||
| * | revert previous. some of the keyupdate tests still fail occasionally | tb | 2021-04-14 | 1 | -2/+11 |
| | | |||||
| * | Enable test-tls13-keyupdate.py | tb | 2021-04-14 | 1 | -9/+2 |
| | | |||||
| * | move test-record-size-limit.py to unsupported | tb | 2021-04-14 | 1 | -4/+3 |
| | | |||||
| * | enable test-record-layer-fragmentation.py | tb | 2021-04-14 | 1 | -7/+2 |
| | | |||||
| * | factor argument to catch an alert mismatch into a helper function | tb | 2021-04-14 | 1 | -7/+8 |
| | | |||||
| * | enable test-tlsfuzzer-invalid-compression-methods.py | tb | 2021-04-13 | 1 | -5/+10 |
| | | |||||
| * | enable test-large-hello.py as a slow test | tb | 2021-04-13 | 1 | -3/+2 |
| | | |||||
| * | with new defaults, test-fuzzed-plaintext.py is no longer slow | tb | 2021-04-13 | 1 | -3/+2 |
| | | |||||
| * | move a few tests to the unsupported group and fix two comments | tb | 2021-04-13 | 1 | -15/+15 |
| | | |||||
| * | annotate test-ecdhe-rsa-key-exchange-with-bad-messages.py with expected | tb | 2021-04-13 | 1 | -2/+3 |
| | | | | | alerts and where to add them. | ||||
| * | Enable test-cve-2016-6309.py | tb | 2021-04-08 | 1 | -3/+2 |
| | | |||||
| * | The failure mode of test-tls13-version-negotiation.py has changed. | tb | 2021-03-28 | 1 | -4/+2 |
| | | | | | Update comment. | ||||
| * | Enable test-sig-algs-renegotiation-resumption.py. | tb | 2021-03-27 | 1 | -5/+6 |
| | | | | | | | | This test covers various scenarios with renegotiation and session resumption. In particular it crashes the OpenSSL 1.1.1j server due to the sigalg NULL deref fixed this week. We need --sig-algs-drop-ok since we do not currently implement signature_algorithms_cert. | ||||
| * | Add test-sig-algs-renegotiation-resumption.py | tb | 2021-03-26 | 1 | -1/+5 |
| | | | | | This test currently fails but may soon be fixed. | ||||
| * | typo | tb | 2021-03-20 | 1 | -2/+2 |
| | | |||||
| * | Add new test-tls13-multiple-ccs-messages.py | tb | 2021-03-20 | 1 | -1/+8 |
| | | | | | | | | | | | | This is a test that checks for NSS's CCS flood DoS CVE-2020-25648. The test script currently fails on LibreSSL and OpenSSL 1.1.1j because it sends invalid records with version 0x0300 instead of 0x0303. We have the ccs_seen logic corresponding to NSS's fix: https://hg.mozilla.org/projects/nss/rev/57bbefa793232586d27cee83e74411171e128361 but we do allow up to two CCS due to an interop issue with Fizz, so at least one of the tests will likey be broken once the record version is fixed. | ||||
| * | wrap an overlong line | tb | 2021-01-27 | 1 | -2/+3 |
| | | |||||
| * | add arguments to skip a bunch of x448 tests | tb | 2020-10-07 | 1 | -3/+18 |
| | | |||||
| * | move test-tls13-finished.py from slow tests to normal tests. | tb | 2020-09-25 | 1 | -27/+26 |
| | | |||||
| * | test-tls13-finished.py has 70 failing tests that expect a "decode_error" | tb | 2020-09-25 | 1 | -6/+94 |
| | | | | | | | instead of the "decrypt_error" sent by tls13_server_finished_recv(). Both alerts appear to be reasonable in this context, so enable the tests while working around this. | ||||
| * | delete a stale comment | tb | 2020-09-25 | 1 | -5/+1 |
| | | |||||
| * | Enable test-tls13-large-number-of-extensions.py | tb | 2020-09-10 | 1 | -2/+7 |
| | | | | | | | Skip sending an empty ECPF extension for now: we don't accept it since according to RFC 4492 and 8422 it needs to advertise uncompressed point formats. | ||||
| * | Also print a list of missing scripts in summary | tb | 2020-08-17 | 1 | -5/+10 |
| | | |||||
| * | Avoid test failures due to outdated packages | tb | 2020-08-17 | 1 | -1/+6 |
| | | | | | | Indicate missing test scripts prominently in the result but do not count them as an error. | ||||
| * | enable jsing's zero content type test | tb | 2020-08-15 | 1 | -1/+2 |
| | | |||||
| * | Session resumption is not currently supported for TLSv1.3. | tb | 2020-08-08 | 1 | -4/+4 |
| | | |||||
| * | Enable P-521 and run the tests that use it. | tb | 2020-08-08 | 1 | -5/+3 |
| | | |||||
| * | enable test-tls13-keyshare-omitted.py | tb | 2020-06-24 | 1 | -5/+2 |
| | | |||||
| * | Add test-ffdhe-expected-params.py | tb | 2020-06-24 | 1 | -1/+2 |
| | | |||||
| * | Enable lucky 13 test. | tb | 2020-06-19 | 1 | -5/+2 |
| | | |||||
| * | Add lucky13 and bleichenbacher-timing tests | tb | 2020-06-10 | 1 | -1/+7 |
| | | |||||
| * | Implement a rolling hash of the ClientHello message, Enforce RFC 8446 | beck | 2020-06-06 | 1 | -2/+2 |
| | | | | | | | | | section 4.1.2 to ensure subsequent ClientHello messages after a HelloRetryRequest messages must be unchanged from the initial ClientHello. ok tb@ jsing@ | ||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |