summaryrefslogtreecommitdiff
path: root/src/regress/lib/libssl (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Enable auto DHE and disable session tickets for some tests.jsing2021-02-071-12/+13
| | | | This allows us to drop the server messages that we intend on dropping.
* Only hexdump packets/messages on higher debug levels.jsing2021-02-061-3/+4
|
* Test reads and writes between the client and server.jsing2021-02-061-3/+49
|
* wrap an overlong linetb2021-01-271-2/+3
|
* Avoid NULL deref on BIO_new{_mem_buf,}() failure.tb2021-01-222-7/+11
|
* don't set AUTO_RETRY. it's a remnant of an experiment.tb2021-01-211-3/+1
|
* A few minor tweaks to make my OCD happy.tb2021-01-121-12/+9
| | | | | Sort headers, unwrap a line, fix grammar in spelling and simplify the check for test failure.
* Print error if SSL_{connect,accept,shutdown}(3) don't run to completion.tb2021-01-111-3/+13
|
* Shut down the TLS connections properly.tb2021-01-111-3/+28
|
* Include headers used instead of relying on ssl.h pulling in the world.tb2021-01-111-1/+7
|
* Merge handshake_loop() into handshake(). There's no benefit in havingtb2021-01-101-18/+7
| | | | this factored into a separate function.
* tweak a commenttb2021-01-101-2/+2
|
* Link shared ciphers test to buildtb2021-01-101-1/+3
|
* Add a regress for SSL_get_shared_ciphers() for the change of returnedtb2021-01-101-0/+457
| | | | | | ciphers in ssl_lib.c r1.240 and TLSv1.3 support in tls13_server.c r1.69. requested by jsing
* whitespacetb2021-01-092-7/+7
|
* Add to *FLAGS and *ADD rather than overwriting themtb2020-12-251-6/+6
| | | | | This makes CFLAGS pick up -O2, which shaves a few seconds runtime off these very slow tests.
* Remove echo headlines.bluhm2020-12-1711-35/+11
|
* Extend the methods test to cover dtls methods as welltb2020-12-011-1/+57
|
* Enable ssl_methods unit test.tb2020-12-011-1/+2
|
* Add an ssl_methods() unit test that currently only covers thetb2020-12-011-0/+192
| | | | | behavior of SSL_is_server(). This would have caught the regression introduced in the method unification.
* $OpenBSD$tb2020-11-191-0/+1
|
* botan2 uses C++11, so use ports-gcc on gcc-archstb2020-10-301-1/+12
| | | | This makes this interop test pass on sparc64.
* Do not fail with obscure error messages on 'make'tb2020-10-293-6/+12
| | | | | | | | | | | Fix some tests that fail with obscure error messages on 'make' if the required package (either version of OpenSSL or Botan 2) isn't installed. This can be avoided by doing 'make regress' instead. I'll try to adjust my finger memory for the many tests outside the LibreSSL tree that have the same "problem". The fix here is unintrusive and I've been wasting enough time with this to want to change it. ok bluhm
* make this test compile and pass on sparc64tb2020-10-161-2/+2
| | | | | Two functions missed (void) in their declaration which made gcc whine "warning: function declaration isn't a prototype".
* Add an explicit cast to make this test compile and pass with gcc.tb2020-10-161-2/+2
| | | | | gcc emits a signed vs unsigned comparison warning which breaks the build due to -Werror.
* Test DTLS timeouts and retransmissions by dropping specific messages.jsing2020-10-151-5/+299
| | | | | | | | | Provide a BIO that can drop specific messages in order to trigger and test DTLS timeouts and retransmissions. Note that the SSL buffering BIO (bbio) has to be removed to ensure that handshake messages are sent individually. This would have detected the recent DTLS breakage with retransmissions for a flight that includes a CCS.
* Improve poll and event handling.jsing2020-10-151-8/+27
| | | | | In particular, ensure we clear events when the client or server side has completed and fix timeouts to ensure we use a non-zero timeout if present.
* Hook up dtls regress.jsing2020-10-141-1/+2
|
* Add regress tests for DTLS.jsing2020-10-142-0/+411
| | | | | | | | Test the operation of a DTLS client and server, with and without cookies, using the default MTU and a specifically lowered MTU. Further regress tests will be built on this to exercise other parts of the DTLS code base (such as retransmission, fragmentation and reassembly).
* No longer need to cast away const in srtp_find_profile_by_name()tb2020-10-111-2/+2
|
* Update regress for method changes.jsing2020-10-111-4/+4
|
* Unbreak regress following SRTP_PROTECTION_PROFILE const change.jsing2020-10-111-2/+2
|
* zap trailing whitespacetb2020-10-071-21/+21
|
* add arguments to skip a bunch of x448 teststb2020-10-071-3/+18
|
* Hook up tlslegacy regress.jsing2020-10-071-1/+2
|
* Add regress tests for switching from the new TLS stack to the legacy stack.jsing2020-10-072-0/+642
| | | | | | This includes a test where the server response includes multiple handhshake messages in the single TLS plaintext record (which would have caught the bug just fixed in tls13_legacy.c).
* move test-tls13-finished.py from slow tests to normal tests.tb2020-09-251-27/+26
|
* test-tls13-finished.py has 70 failing tests that expect a "decode_error"tb2020-09-251-6/+94
| | | | | | instead of the "decrypt_error" sent by tls13_server_finished_recv(). Both alerts appear to be reasonable in this context, so enable the tests while working around this.
* delete a stale commenttb2020-09-251-5/+1
|
* 1) Move the interop tests to the end so we see tlsfuzzer firstbeck2020-09-215-9/+35
| | | | | | | | | | 2) Reorder the interop tests so the really slow "cert" test is at the end 3) Change the cert tests to use REGRESS_SLOW_TARGETS when testing combination of client and server that does not involve libressl. This way we can skip testing openssl to openssl11 when running these manually by setting REGRESS_SKIP_SLOW to "yet" in mk.conf ok jsing@
* Add cipher set tests with empty SSL_set_ciphersuites().jsing2020-09-161-0/+22
|
* Correct cipher_set_test() when run on a machine without AES acceleration.jsing2020-09-161-1/+19
| | | | Noted by bcook@ and inoguchi@ while working on portable.
* Make cipher_set_test() log failures and continue, rather than aborting.jsing2020-09-161-11/+3
|
* Test botan TLS client with libressl, openssl, openssl11 server.bluhm2020-09-154-6/+305
|
* Connect a client to a server. Both can be current libressl, orbluhm2020-09-145-10/+193
| | | | | | | openssl 1.0.2, or openssl 1.1. Pin client or server to a fixed TLS version number. Incompatible versions must fail. Check that client and server have used correct version by grepping in their session print out.
* Add regress for SSL_{CTX_,}set_ciphersuites().jsing2020-09-132-7/+318
|
* If CPU does not support AES-NI, LibreSSL TLS 1.3 client prefersbluhm2020-09-121-9/+18
| | | | chacha-poly over aes-gcm. Expect both fallbacks for non 1.3 ciphers.
* Enable cert and cipher interop tests. cert just works. cipher hasbluhm2020-09-113-55/+35
| | | | | | | | been fixed to work with libressl TLS 1.3. Both libressl and openssl11 replace obsolete TLS 1.2 ciphers with AEAD-AES256-GCM-SHA384 or TLS_AES_256_GCM_SHA384 in TLS 1.3 respectively. The test expects that now. Currently GOST does not work with libressl and TLS 1.3 and is disabled.
* Enable test-tls13-large-number-of-extensions.pytb2020-09-101-2/+7
| | | | | | Skip sending an empty ECPF extension for now: we don't accept it since according to RFC 4492 and 8422 it needs to advertise uncompressed point formats.
* Also print a list of missing scripts in summarytb2020-08-171-5/+10
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 18:26:23 +0000