summaryrefslogtreecommitdiff
path: root/src/regress/lib/libssl (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Wire up QUIC regress.jsing2022-08-271-1/+2
|
* Add regress for QUIC.jsing2022-08-272-0/+358
| | | | | This exercises the libssl QUIC implementation and completes a TLS handshake using the SSL_QUIC_METHOD interface.
* Revise regress now that SSL_QUIC_METHOD exists.jsing2022-08-211-4/+6
|
* fix error messagetb2022-08-051-2/+2
|
* Use the FAIL macro instead of fprintf(stderr, "FAIL: ...\n");tb2022-08-051-10/+10
|
* Make the bogokey[] global static const.tb2022-08-051-7/+8
|
* Move CBB_init() to a consistent place.tb2022-08-051-10/+10
|
* Consistently initialize failure to 1 at the top of the function andtb2022-08-051-76/+62
| | | | clear it right before the done label.
* Consistently check for CBB_init() failure.tb2022-08-051-45/+89
|
* Remove most of the indirection introduced in previous and instead fetchtb2022-08-051-400/+339
| | | | | | | the appropriate tls_extension_funcs pointers for client and server from libssl and reach into them directly. ok jsing
* Add some glue to fetch the tlsext functions from the tls_extensions[]tb2022-08-041-190/+440
| | | | table rather than calling the functions directly.
* Extend TLS buffer regress to cover read/write usage.jsing2022-07-221-13/+219
|
* Make test table based, extend it a littletb2022-07-211-69/+117
|
* link ssl_set_alpn_protos to regresstb2022-07-201-1/+2
|
* Add a quick and dirty regress for SSL{_CTX,}_set_alpn_protos()tb2022-07-201-0/+156
|
* zap trailing spacestb2022-07-191-2/+2
|
* Regenerate golden numbers due to RC4-MD5 now being disabled by default.tb2022-07-191-61/+58
|
* Revert accidental committb2022-07-181-2/+2
|
* Add comments to explain the magic numbers 57 and 58tb2022-07-182-3/+6
|
* Avoid sending the QUIC transport parameters extension now that wetb2022-07-181-4/+4
| | | | | | send an unsupported extension alert. Noted by anton
* Revise regress for QUIC transport parameters TLS extension.jsing2022-07-171-15/+32
|
* Use the security level knob in the test script.tb2022-07-071-2/+14
| | | | from beck
* Only run tests against ciphers supported by the method.tb2022-07-072-4/+28
|
* Add some minimal regress coverage for the security level.tb2022-07-071-1/+6
| | | | From beck
* Make the ssltest security level aware.tb2022-07-071-1/+9
| | | | From beck
* Switch ssltest to using the newly generated certs that use SHA-256 insteadtb2022-07-072-8/+6
| | | | | | of SHA-1. This helps the switch to security-level aware ssltest. From jsing
* Adjust to new tls1_ec_nid2group_id API.tb2022-07-021-7/+13
|
* Add support for sending QUIC transport parametersbeck2022-06-291-1/+257
| | | | | | | | | | This is the start of adding the boringssl API for QUIC support, and the TLS extensions necessary to send and receive QUIC transport data. Inspired by boringssl's https://boringssl-review.googlesource.com/24464 ok jsing@ tb@
* Use relative paths so beck can run regress in his git tree and havetb2022-06-294-8/+12
| | | | the correct ssl_local.h etc be picked up.
* More %i vs %d cleanuptb2022-06-107-20/+20
|
* Fix format strings: change %i, %li, %lli to %d, %ld, %lld and switch totb2022-06-071-18/+18
| | | | | %zu for master_key_length, session_id_length and sid_ctx_length, which are now size_t.
* Minor tweaks to psk modes regresstb2022-06-061-3/+3
|
* move the calls to psk kex modes tests down to match order in ssl_tlsext.ctb2022-06-051-4/+4
|
* Add regress coverage for PSK kex modes tlsext handlers.tb2022-06-051-2/+210
|
* Add the two length tests. Can't currently run them because we need antb2022-05-141-1/+6
| | | | echo server.
* If Ruby 3.1 isn't available, try to fall back to Ruby 3.0 so thattb2022-05-101-1/+5
| | | | | regress on bluhm's test machines have a chance to pass on slower architectures while package builds catch up.
* Default Ruby is now 3.1tb2022-05-081-2/+2
|
* Add missing self. From antontb2022-04-211-2/+2
|
* Some more c99 initializers for consistency and readabilitytb2022-03-081-23/+62
|
* Plug leaks reported by Ilya Shipitsintb2022-02-081-1/+5
|
* Plug a number of leaks reported by Ilya Shipitsintb2022-02-081-2/+9
|
* cope with recent S3I removal; ok tb@anton2022-02-061-2/+2
|
* Add a workaround due to OpenSSL's limitation of SSL_CTX_set_cipher_listtb2022-02-051-1/+5
| | | | | | | | | | | | | | | | SSL_CTX_set_cipher_list() in OpenSSL 1.1 does not accept TLSv1.3 ciphers. This wasn't a problem until now since the AEAD- ciphers were counted as distinct from TLS_ ciphers by the regress test, so they were never used in the {run,check}-cipher-${cipher}-client-${clib}-server-${slib} tests With the renaming, the TLSv1.3 ciphers are now considered as common ciphers, so they're tested. With openssl11 this results in 0:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl/ssl_lib.c:2573: The design of these tests doesn't allow easily adding a call to SSL_CTX_set_ciphersuites (since they also need to work with openssl 1.0.2) so skip the TLS_* ciphers for the time being.
* Mechanically adjust from AEAD- to TLS_ to adjust to the new cipher names.tb2022-02-051-10/+5
|
* Adjust the ssl_get_shared_ciphers to the new names.tb2022-02-051-23/+23
|
* Revise for S3I removal.jsing2022-02-051-81/+81
|
* Revise for peer_cert.jsing2022-01-111-6/+6
|
* Revise for changes to tls_key_share_peer_public()jsing2022-01-111-2/+4
|
* Let dtlstest peek into bio_local.htb2022-01-072-2/+4
|
* Revise for change to tls_key_share_peer_public()jsing2022-01-061-3/+2
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 06:51:03 +0000