| Commit message (Collapse) | Author | Age | Files | Lines | ||
|---|---|---|---|---|---|---|
| ... | ||||||
| * | Make the ssltest security level aware. | tb | 2022-07-07 | 1 | -1/+9 | |
| | | | | | From beck | |||||
| * | Switch ssltest to using the newly generated certs that use SHA-256 instead | tb | 2022-07-07 | 2 | -8/+6 | |
| | | | | | | | of SHA-1. This helps the switch to security-level aware ssltest. From jsing | |||||
| * | Adjust to new tls1_ec_nid2group_id API. | tb | 2022-07-02 | 1 | -7/+13 | |
| | | ||||||
| * | Add support for sending QUIC transport parameters | beck | 2022-06-29 | 1 | -1/+257 | |
| | | | | | | | | | | | This is the start of adding the boringssl API for QUIC support, and the TLS extensions necessary to send and receive QUIC transport data. Inspired by boringssl's https://boringssl-review.googlesource.com/24464 ok jsing@ tb@ | |||||
| * | Use relative paths so beck can run regress in his git tree and have | tb | 2022-06-29 | 4 | -8/+12 | |
| | | | | | the correct ssl_local.h etc be picked up. | |||||
| * | More %i vs %d cleanup | tb | 2022-06-10 | 7 | -20/+20 | |
| | | ||||||
| * | Fix format strings: change %i, %li, %lli to %d, %ld, %lld and switch to | tb | 2022-06-07 | 1 | -18/+18 | |
| | | | | | | %zu for master_key_length, session_id_length and sid_ctx_length, which are now size_t. | |||||
| * | Minor tweaks to psk modes regress | tb | 2022-06-06 | 1 | -3/+3 | |
| | | ||||||
| * | move the calls to psk kex modes tests down to match order in ssl_tlsext.c | tb | 2022-06-05 | 1 | -4/+4 | |
| | | ||||||
| * | Add regress coverage for PSK kex modes tlsext handlers. | tb | 2022-06-05 | 1 | -2/+210 | |
| | | ||||||
| * | Add the two length tests. Can't currently run them because we need an | tb | 2022-05-14 | 1 | -1/+6 | |
| | | | | | echo server. | |||||
| * | If Ruby 3.1 isn't available, try to fall back to Ruby 3.0 so that | tb | 2022-05-10 | 1 | -1/+5 | |
| | | | | | | regress on bluhm's test machines have a chance to pass on slower architectures while package builds catch up. | |||||
| * | Default Ruby is now 3.1 | tb | 2022-05-08 | 1 | -2/+2 | |
| | | ||||||
| * | Add missing self. From anton | tb | 2022-04-21 | 1 | -2/+2 | |
| | | ||||||
| * | Some more c99 initializers for consistency and readability | tb | 2022-03-08 | 1 | -23/+62 | |
| | | ||||||
| * | Plug leaks reported by Ilya Shipitsin | tb | 2022-02-08 | 1 | -1/+5 | |
| | | ||||||
| * | Plug a number of leaks reported by Ilya Shipitsin | tb | 2022-02-08 | 1 | -2/+9 | |
| | | ||||||
| * | cope with recent S3I removal; ok tb@ | anton | 2022-02-06 | 1 | -2/+2 | |
| | | ||||||
| * | Add a workaround due to OpenSSL's limitation of SSL_CTX_set_cipher_list | tb | 2022-02-05 | 1 | -1/+5 | |
| | | | | | | | | | | | | | | | | | SSL_CTX_set_cipher_list() in OpenSSL 1.1 does not accept TLSv1.3 ciphers. This wasn't a problem until now since the AEAD- ciphers were counted as distinct from TLS_ ciphers by the regress test, so they were never used in the {run,check}-cipher-${cipher}-client-${clib}-server-${slib} tests With the renaming, the TLSv1.3 ciphers are now considered as common ciphers, so they're tested. With openssl11 this results in 0:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl/ssl_lib.c:2573: The design of these tests doesn't allow easily adding a call to SSL_CTX_set_ciphersuites (since they also need to work with openssl 1.0.2) so skip the TLS_* ciphers for the time being. | |||||
| * | Mechanically adjust from AEAD- to TLS_ to adjust to the new cipher names. | tb | 2022-02-05 | 1 | -10/+5 | |
| | | ||||||
| * | Adjust the ssl_get_shared_ciphers to the new names. | tb | 2022-02-05 | 1 | -23/+23 | |
| | | ||||||
| * | Revise for S3I removal. | jsing | 2022-02-05 | 1 | -81/+81 | |
| | | ||||||
| * | Revise for peer_cert. | jsing | 2022-01-11 | 1 | -6/+6 | |
| | | ||||||
| * | Revise for changes to tls_key_share_peer_public() | jsing | 2022-01-11 | 1 | -2/+4 | |
| | | ||||||
| * | Let dtlstest peek into bio_local.h | tb | 2022-01-07 | 2 | -2/+4 | |
| | | ||||||
| * | Revise for change to tls_key_share_peer_public() | jsing | 2022-01-06 | 1 | -3/+2 | |
| | | ||||||
| * | Test CBB_add_u64() | jsing | 2022-01-06 | 1 | -2/+6 | |
| | | ||||||
| * | With openssl-ruby-tests 20220105, test_post_connection_check_wildcard_san | tb | 2022-01-06 | 1 | -2/+2 | |
| | | | | | is now an unexpected pass, so remove it from the expected failures. | |||||
| * | Revise for tls13_key_share rename. | jsing | 2022-01-05 | 1 | -11/+11 | |
| | | ||||||
| * | Provide regress for SSL public APIs. | jsing | 2022-01-05 | 3 | -1/+387 | |
| | | | | | | | This will largely test curly and inconsistent APIs that are not covered by other regress tests. Currently, this tests the wonder that is SSL_get_peer_cert_chain(). | |||||
| * | Plug memleaks | tb | 2021-12-29 | 1 | -3/+11 | |
| | | | | | CID 345150 | |||||
| * | One more leak of the same kind | tb | 2021-12-29 | 1 | -2/+2 | |
| | | ||||||
| * | Plug memleak | tb | 2021-12-29 | 1 | -3/+3 | |
| | | | | | CID 345160 | |||||
| * | Provide a set of RSA and ECDSA test certificates/keys. | jsing | 2021-12-27 | 30 | -0/+919 | |
| | | | | | These are generated using the make-certs.sh script. | |||||
| * | Provide a script to generate test certificates/keys. | jsing | 2021-12-27 | 1 | -0/+263 | |
| | | | | | | | | This will allow us to generate a variety of client and server certificates, including expired and revoked certificates, using both RSA and ECDSA. Discussed with tb@ | |||||
| * | Add coverage for CBS additions. | jsing | 2021-12-15 | 1 | -2/+50 | |
| | | ||||||
| * | Tell testers which packages to install right away (and why) | kn | 2021-12-02 | 3 | -3/+7 | |
| | | | | | | | | Other regress tests do it differently; just fix/thouch those that did not mention any package name at all. This helps grepping logs for SKIPPED to find instructions for the next run. | |||||
| * | Prepare ssltest for opaque DH | tb | 2021-11-21 | 1 | -18/+39 | |
| | | ||||||
| * | Switch to BIO_up_ref() instead of adjusting references manually. | tb | 2021-11-20 | 2 | -16/+6 | |
| | | ||||||
| * | Use BIO_up_ref() instead of adjusting refcounts manually | tb | 2021-11-20 | 1 | -9/+3 | |
| | | ||||||
| * | Fix ssltest to work with opaque EVP_PKEY. | tb | 2021-11-18 | 1 | -22/+33 | |
| | | ||||||
| * | Add regress that calls SSL_set_tlsext_host_name() with a NULL host name. | jsing | 2021-11-02 | 1 | -1/+15 | |
| | | ||||||
| * | Rework SNI hostname regress to be table driven. | jsing | 2021-11-01 | 1 | -62/+147 | |
| | | | | | | | | Also adjust for the changes to tlsext_sni_is_valid_hostname() and include tests for IPv4 and IPv6 literals. ok beck@ | |||||
| * | Make this test compile again after the damage done in libcrypto | tb | 2021-10-31 | 1 | -19/+20 | |
| | | ||||||
| * | openssl-ruby tests: rework for x509_alt.c r1.3 and r1.5. | tb | 2021-10-28 | 1 | -6/+9 | |
| | | | | | | | | ruby can no longer generate certs with bogus wildcards in it to check that they will fail to verify when creating TLS connections. It will throw an error. This change needs openssl-ruby-tests-20211024p0 or later to work. | |||||
| * | Free memory on text exit to make asan quieter | beck | 2021-10-26 | 1 | -53/+83 | |
| | | | | | ok tb@ | |||||
| * | Revise regress for removal of SSL_SESSION_INTERNAL. | jsing | 2021-10-26 | 1 | -27/+27 | |
| | | ||||||
| * | Add a regress test for TLS client/server. | jsing | 2021-10-23 | 3 | -1/+496 | |
| | | | | | | | | | | This currently exercises various combinations of TLS versions and their associated key exchange mechanisms. Note that this currently fails for TLSv1.0/TLSv1.1 with RSA KEX (to be fixed shortly). Over time all of the ssl regress should be moved into the dtls and tls regress tests. | |||||
| * | Revise regress test for tls13_buffer rename. | jsing | 2021-10-23 | 1 | -14/+16 | |
| | | ||||||
| * | Revise regress for tlsext_tick_lifetime_hint changing type. | jsing | 2021-10-23 | 1 | -2/+2 | |
| | | ||||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |