summaryrefslogtreecommitdiff
path: root/src/regress/lib/libssl (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* print errors to stderrtb2019-01-251-19/+21
|
* sort output suffixestb2019-01-251-2/+2
|
* Add code to visualize the state machine. Both the state machine and thetb2019-01-242-5/+79
| | | | | | | output will have to be tweaked, but this may as well happen in-tree. To try it, pkg_add graphviz and run 'make handshake.svg' in this directory. Committing early so Bob's followers can play.
* set the NEGOTIATED flag in the flags argument rather thantb2019-01-241-4/+4
| | | | squeezing it into the table.
* Add server side of versions, keyshare, and client and server of cookiebeck2019-01-241-6/+435
| | | | | | | | extensions for tls1.3. versions is currently defanged to ignore its result until tls13 server side wired in full, so that server side code still works today when we only support tls 1.2 ok bcook@ tb@ jsing@
* Remove SHA224 based sigalgs from use in TLS 1.2 as SHA224 is deprecated.beck2019-01-242-31/+21
| | | | | Remove GOST based sigalgs from TLS 1.2 since they don't work with TLS 1.2. ok jsing@
* make whitespace inside curlies consistent; sort function prototypes.tb2019-01-231-24/+24
|
* Rename NUM_HANDSHAKE to handshake_count and make it a variabletb2019-01-232-10/+44
| | | | | | | | | so it can be used from regress. Update regress accordingly. Make sure the print target generates the entire table as it currently is in tls13_handshake.c discussed with beck and jsing ok jsing
* Modify sigalgs extension processing to accomodate TLS 1.3.beck2019-01-232-25/+28
| | | | | | | | | | - Make a separate sigalgs list for TLS 1.3 including only modern algorithm choices which we use when the handshake will not negotiate TLS 1.2. - Modify the legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as mandated by RFC8446 when the handshake will permit negotiation of TLS 1.2 from a 1.3 handshake. ok jsing@ tb@
* revert previous, accidentally contained another diff in additionbeck2019-01-232-28/+25
| | | | to the one I intended to commit
* Modify sigalgs extension processing for TLS 1.3.beck2019-01-232-25/+28
| | | | | | | | | - Make a separate sigalgs list for TLS 1.3 including only modern algorithm choices which we use when the handshake will not negotiate TLS 1.2 - Modify the legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as mandated by RFC8446 when the handshake will permit negotiation of TLS 1.2 ok jsing@ tb@
* incorrrect spellingtb2019-01-231-2/+2
|
* do not print the command in the print: targettb2019-01-231-2/+2
|
* Add a regression test that builds up the handshake state tabletb2019-01-232-1/+399
| | | | | | | from graph information and cross-checks it against the state table in tls13_handshake.c. with help from jsing
* Update record regress to match functionality changes.jsing2019-01-201-6/+37
|
* hook handshake testtb2019-01-201-1/+2
|
* Add a simple test that verifies that every valid handshaketb2019-01-202-0/+76
| | | | sets action->handshake_complete.
* Hook record regress.jsing2019-01-191-1/+3
|
* Add regress for TLSv1.3 record handling.jsing2019-01-192-0/+533
|
* initialize offset value so this passesbeck2019-01-181-0/+1
| | | | ok jsing@
* Add client side of supported versions and keyshare extensions with basic regressbeck2019-01-181-1/+192
| | | | ok jsing@
* Removed unused struct members.jsing2019-01-181-2/+0
|
* Update regress following TLS extension renaming.jsing2019-01-182-379/+378
|
* Add regress for extensible buffer code.jsing2019-01-173-1/+169
|
* Just err if we can't create secretsbeck2018-11-131-2/+2
|
* Fix a race in libssl interop regress. The success messages frombluhm2018-11-113-6/+9
| | | | | the server child could be delayed. In this case wait a second and check again.
* Add automatic threading initialization for libcrypto.bcook2018-11-111-56/+0
| | | | | | | | | | | | | | This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks. This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed. ok beck@, tb@, looks sane guenther@
* Reorganize libssl interop tests. Move netcat tests into separatebluhm2018-11-119-148/+197
| | | | | directory. Keep all log files for easier debugging. Name regress target names consistently.
* Spelingbeck2018-11-101-2/+2
|
* Regress client and server can do session reuse now. Test this withbluhm2018-11-106-129/+220
| | | | | all combinations of LibreSSL, OpenSSL 1.0.2, and OpenSSL 1.1. It is currently disabled for TLS 1.3 as this needs more setup.
* Make sure the interop test happen last (since they take a long time)beck2018-11-102-8/+9
|
* fix a leak reported by Ben L (bobsayshilol () live ! co ! uk)tb2018-11-101-1/+3
|
* More regress all the way to exporter_masterbeck2018-11-101-4/+44
|
* Fix last of the empty hash nonsensebeck2018-11-101-6/+3
| | | | ok jsing@
* Update key schedule regress to match API changes.jsing2018-11-091-21/+12
|
* remove the not yet implemented "handshake" subdirectorytb2018-11-091-2/+1
|
* Add subdirectires with SUBDIR += instead of a single assignment withtb2018-11-091-13/+13
| | | | line continuations.
* The cert subdir is testing all combinations of certificate validation.bluhm2018-11-0911-48/+244
| | | | | | Having the three libraries, client and server certificates, missing or invalid CA or certificates, and enforcing peer certificate results in 1944 new test cases.
* Add in key_schedule regress tests to regress buildbeck2018-11-071-1/+2
|
* Add a self test for each SSL library by connecting client withbluhm2018-11-075-23/+88
| | | | | | server. Check that the highest available TLS version is selected. LibreSSL TLS 1.3 check is disabled until the feature becomes available.
* Add initial TLS 1.3 key schedule support with basic regress testsbeck2018-11-072-0/+249
| | | | ok jsing@ tb@
* Add interop test with OpenSSL 1.1. TLS 1.3 should be used automaticallybluhm2018-11-075-10/+55
| | | | | when it becomes available in LibreSSL. thanks to sthen@ for the new OpenSSL port
* Print SSLeay, OpenSSL, and LibreSSL version strings. Make clientbluhm2018-11-077-12/+71
| | | | | and server compile with OpenSSL 1.1. Check runtime version string of SSL library.
* +interopbluhm2018-11-071-1/+2
|
* Test TLS interoperability between LibreSSL and OpenSSL.bluhm2018-11-0710-0/+549
| | | | | | | | | | | | Implement simple SSL client and server in C. Create four binaries by linking them with LibreSSL or OpenSSL. This way API compatibility is tested. Connect and accept with netcat to test protocol compatibility with libtls. Currently OpenSSL 1.0.2p from ports is used. Plan is to move to OpenSSL 1.1 and and test TLS 1.3. idea from beck@; help from jsing@
* Add TLSv1.3 to version regress tests.jsing2018-11-061-4/+80
|
* Unbreak regress following Supported Elliptic Curve extension rename.jsing2018-11-061-49/+49
|
* Add regress coverage for CBB_add_u32().jsing2018-08-161-3/+4
|
* Update regress for DES cipher suite removal.jsing2018-06-022-49/+41
|
* Zero the client random so that it is easier to spot unintended differences.jsing2018-06-021-0/+1
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 12:25:59 +0000