| Commit message (Collapse) | Author | Age | Files | Lines | ||
|---|---|---|---|---|---|---|
| ... | ||||||
| * | Use correct type for tmp in test_write_bytes() | tb | 2021-04-04 | 1 | -2/+2 | |
| | | ||||||
| * | Add regress coverage for TLSv1.2 record number increment. | jsing | 2021-03-29 | 1 | -8/+151 | |
| | | ||||||
| * | The failure mode of test-tls13-version-negotiation.py has changed. | tb | 2021-03-28 | 1 | -4/+2 | |
| | | | | | Update comment. | |||||
| * | Enable test-sig-algs-renegotiation-resumption.py. | tb | 2021-03-27 | 1 | -5/+6 | |
| | | | | | | | | This test covers various scenarios with renegotiation and session resumption. In particular it crashes the OpenSSL 1.1.1j server due to the sigalg NULL deref fixed this week. We need --sig-algs-drop-ok since we do not currently implement signature_algorithms_cert. | |||||
| * | Add test-sig-algs-renegotiation-resumption.py | tb | 2021-03-26 | 1 | -1/+5 | |
| | | | | | This test currently fails but may soon be fixed. | |||||
| * | The server only sends a cookie during a HRR, not a SH | tb | 2021-03-24 | 1 | -4/+4 | |
| | | ||||||
| * | Update regress for new_cipher rename. | jsing | 2021-03-24 | 2 | -6/+6 | |
| | | ||||||
| * | Plug a few memory leaks reported by Ilya Shipitsin | tb | 2021-03-22 | 1 | -9/+7 | |
| | | ||||||
| * | Revise regress to match handshake struct changes. | jsing | 2021-03-21 | 1 | -18/+18 | |
| | | ||||||
| * | typo | tb | 2021-03-20 | 1 | -2/+2 | |
| | | ||||||
| * | Add new test-tls13-multiple-ccs-messages.py | tb | 2021-03-20 | 1 | -1/+8 | |
| | | | | | | | | | | | | This is a test that checks for NSS's CCS flood DoS CVE-2020-25648. The test script currently fails on LibreSSL and OpenSSL 1.1.1j because it sends invalid records with version 0x0300 instead of 0x0303. We have the ccs_seen logic corresponding to NSS's fix: https://hg.mozilla.org/projects/nss/rev/57bbefa793232586d27cee83e74411171e128361 but we do allow up to two CCS due to an interop issue with Fizz, so at least one of the tests will likey be broken once the record version is fixed. | |||||
| * | Update for DTLSv1.2 being enabled. | jsing | 2021-03-17 | 1 | -4/+4 | |
| | | ||||||
| * | Update for DTLSv1.2 version handling. | jsing | 2021-03-17 | 1 | -6/+90 | |
| | | ||||||
| * | Revise TLS extension regress to match version handling changes. | jsing | 2021-03-10 | 1 | -57/+25 | |
| | | ||||||
| * | Update regress to match TLS versions change. | jsing | 2021-02-25 | 1 | -6/+6 | |
| | | ||||||
| * | Revise regress to match change in SSL{_CTX,}_get_{min,max}_proto_version(). | jsing | 2021-02-20 | 1 | -34/+45 | |
| | | ||||||
| * | Update DTLS client hello due to ECC changes. | jsing | 2021-02-08 | 1 | -5/+8 | |
| | | ||||||
| * | Enable auto DHE and disable session tickets for some tests. | jsing | 2021-02-07 | 1 | -12/+13 | |
| | | | | | This allows us to drop the server messages that we intend on dropping. | |||||
| * | Only hexdump packets/messages on higher debug levels. | jsing | 2021-02-06 | 1 | -3/+4 | |
| | | ||||||
| * | Test reads and writes between the client and server. | jsing | 2021-02-06 | 1 | -3/+49 | |
| | | ||||||
| * | wrap an overlong line | tb | 2021-01-27 | 1 | -2/+3 | |
| | | ||||||
| * | Avoid NULL deref on BIO_new{_mem_buf,}() failure. | tb | 2021-01-22 | 2 | -7/+11 | |
| | | ||||||
| * | don't set AUTO_RETRY. it's a remnant of an experiment. | tb | 2021-01-21 | 1 | -3/+1 | |
| | | ||||||
| * | A few minor tweaks to make my OCD happy. | tb | 2021-01-12 | 1 | -12/+9 | |
| | | | | | | Sort headers, unwrap a line, fix grammar in spelling and simplify the check for test failure. | |||||
| * | Print error if SSL_{connect,accept,shutdown}(3) don't run to completion. | tb | 2021-01-11 | 1 | -3/+13 | |
| | | ||||||
| * | Shut down the TLS connections properly. | tb | 2021-01-11 | 1 | -3/+28 | |
| | | ||||||
| * | Include headers used instead of relying on ssl.h pulling in the world. | tb | 2021-01-11 | 1 | -1/+7 | |
| | | ||||||
| * | Merge handshake_loop() into handshake(). There's no benefit in having | tb | 2021-01-10 | 1 | -18/+7 | |
| | | | | | this factored into a separate function. | |||||
| * | tweak a comment | tb | 2021-01-10 | 1 | -2/+2 | |
| | | ||||||
| * | Link shared ciphers test to build | tb | 2021-01-10 | 1 | -1/+3 | |
| | | ||||||
| * | Add a regress for SSL_get_shared_ciphers() for the change of returned | tb | 2021-01-10 | 1 | -0/+457 | |
| | | | | | | | ciphers in ssl_lib.c r1.240 and TLSv1.3 support in tls13_server.c r1.69. requested by jsing | |||||
| * | whitespace | tb | 2021-01-09 | 2 | -7/+7 | |
| | | ||||||
| * | Add to *FLAGS and *ADD rather than overwriting them | tb | 2020-12-25 | 1 | -6/+6 | |
| | | | | | | This makes CFLAGS pick up -O2, which shaves a few seconds runtime off these very slow tests. | |||||
| * | Remove echo headlines. | bluhm | 2020-12-17 | 11 | -35/+11 | |
| | | ||||||
| * | Extend the methods test to cover dtls methods as well | tb | 2020-12-01 | 1 | -1/+57 | |
| | | ||||||
| * | Enable ssl_methods unit test. | tb | 2020-12-01 | 1 | -1/+2 | |
| | | ||||||
| * | Add an ssl_methods() unit test that currently only covers the | tb | 2020-12-01 | 1 | -0/+192 | |
| | | | | | | behavior of SSL_is_server(). This would have caught the regression introduced in the method unification. | |||||
| * | $OpenBSD$ | tb | 2020-11-19 | 1 | -0/+1 | |
| | | ||||||
| * | botan2 uses C++11, so use ports-gcc on gcc-archs | tb | 2020-10-30 | 1 | -1/+12 | |
| | | | | | This makes this interop test pass on sparc64. | |||||
| * | Do not fail with obscure error messages on 'make' | tb | 2020-10-29 | 3 | -6/+12 | |
| | | | | | | | | | | | | Fix some tests that fail with obscure error messages on 'make' if the required package (either version of OpenSSL or Botan 2) isn't installed. This can be avoided by doing 'make regress' instead. I'll try to adjust my finger memory for the many tests outside the LibreSSL tree that have the same "problem". The fix here is unintrusive and I've been wasting enough time with this to want to change it. ok bluhm | |||||
| * | make this test compile and pass on sparc64 | tb | 2020-10-16 | 1 | -2/+2 | |
| | | | | | | Two functions missed (void) in their declaration which made gcc whine "warning: function declaration isn't a prototype". | |||||
| * | Add an explicit cast to make this test compile and pass with gcc. | tb | 2020-10-16 | 1 | -2/+2 | |
| | | | | | | gcc emits a signed vs unsigned comparison warning which breaks the build due to -Werror. | |||||
| * | Test DTLS timeouts and retransmissions by dropping specific messages. | jsing | 2020-10-15 | 1 | -5/+299 | |
| | | | | | | | | | | Provide a BIO that can drop specific messages in order to trigger and test DTLS timeouts and retransmissions. Note that the SSL buffering BIO (bbio) has to be removed to ensure that handshake messages are sent individually. This would have detected the recent DTLS breakage with retransmissions for a flight that includes a CCS. | |||||
| * | Improve poll and event handling. | jsing | 2020-10-15 | 1 | -8/+27 | |
| | | | | | | In particular, ensure we clear events when the client or server side has completed and fix timeouts to ensure we use a non-zero timeout if present. | |||||
| * | Hook up dtls regress. | jsing | 2020-10-14 | 1 | -1/+2 | |
| | | ||||||
| * | Add regress tests for DTLS. | jsing | 2020-10-14 | 2 | -0/+411 | |
| | | | | | | | | | Test the operation of a DTLS client and server, with and without cookies, using the default MTU and a specifically lowered MTU. Further regress tests will be built on this to exercise other parts of the DTLS code base (such as retransmission, fragmentation and reassembly). | |||||
| * | No longer need to cast away const in srtp_find_profile_by_name() | tb | 2020-10-11 | 1 | -2/+2 | |
| | | ||||||
| * | Update regress for method changes. | jsing | 2020-10-11 | 1 | -4/+4 | |
| | | ||||||
| * | Unbreak regress following SRTP_PROTECTION_PROFILE const change. | jsing | 2020-10-11 | 1 | -2/+2 | |
| | | ||||||
| * | zap trailing whitespace | tb | 2020-10-07 | 1 | -21/+21 | |
| | | ||||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |