summaryrefslogtreecommitdiff
path: root/src/regress/lib/libssl (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Increment a few more sequence numbers where the carry is close totb2020-03-131-1/+41
| | | | crossing a byte boundary.
* Add regress for TLSv1.3 sequence number handling.jsing2020-03-133-1/+135
|
* Add missing $OpenBSD$ tag.jsing2020-03-131-0/+1
|
* Add regress for CBB_add_space().jsing2020-03-131-1/+41
|
* Update to follow handshake enum removal.jsing2020-03-101-7/+1
|
* Reset the key share so that we do not have an existing peer public key.jsing2020-02-051-1/+7
|
* Tweak regress to match change made to tls13_key_share_peer_public().jsing2020-02-011-2/+1
|
* Revise for TLSv1.3 key share changes.jsing2020-01-301-8/+27
|
* server sigalgs test is now bogus, disable for nowbeck2020-01-261-2/+3
|
* Disable cert interop tests for now.jsing2020-01-251-2/+2
| | | | | | | | The libressl TLSv1.3 client and server currently lack client certificate authentication support and this test expects all clients can auth with all servers. We can likely turn this back on in the near future.
* Actually disable cipher interop tests.jsing2020-01-251-3/+3
|
* Disable the cipher interop tests.jsing2020-01-251-3/+4
| | | | | | | | | | These make far too many assumptions about cipher suites - TLSv1.3 cipher suites can only be used with TLSv1.3 and there is tests using TLSv1.3 cipher suites with TLSv1.2 will not work. Likewise, expecting TLSv1.2 cipher suites to work with TLSv1.3 is futile. Additionally, eopenssl11 lists TLSv1.3 cipher suites with different names to libressl. Futher work will be necessary before this can be re-enabled.
* Accept both TLSv1.2 and TLSv1.3 protocols for netcat.jsing2020-01-251-4/+3
| | | | | This can potentially be improved by adding knowledge about which libraries support which versions and handle differences between clients and servers.
* Disable session regress for libressl client talking to openssl11 server.jsing2020-01-251-1/+2
| | | | This is now talking over TLSv1.3 and needs session support.
* Disable the client hello message regress test for now.jsing2020-01-251-2/+2
| | | | | | | The golden values have changed due to TLSv1.3 and will likely change more in the near future. This will be updated and re-enabled when things settle. Discussed with beck@
* Ensure that TLSv1.0 and TLSv1.1 are enabled before running SSLv2 clientjsing2020-01-251-5/+10
| | | | hello tests.
* Nuke trailing whitespace that is annoying before changing things in herebeck2019-11-261-6/+6
|
* fix printing of client app secretbeck2019-11-181-2/+2
|
* Add regress for the updating of sever and client application secretsbeck2019-11-181-2/+47
|
* It has been called to my attention that the cookie monster ascii artbeck2019-11-101-17/+7
| | | | | | | | | in this test which I had obtained from a site purporting it to be free for use with artist attribtion might not be. After looking at at some other muppett ascii art for inspiration I am replacing this with my own ascii art muppet to replace the previously used cookie monster. The copyright for the art is the same as my code.
* use curly braces for consistencytb2019-11-061-2/+2
|
* Proper prototype for main(). Make sparc64 happier.claudio2019-05-091-2/+4
|
* exitting -> exitingtb2019-04-071-1/+1
| | | | From Michael Scovetta, PR #108
* whitespace consistencytb2019-04-051-1/+2
|
* Add SERVER_HELLO_RETRY statetb2019-04-051-1/+7
|
* I forgot to mark some targets as .PHONYtb2019-04-041-1/+5
|
* Use correct define.jsing2019-04-041-2/+2
|
* Enable GOST cipher selection test after libssl has been fixed.bluhm2019-03-281-6/+1
|
* Update regress following sigalgs changes.jsing2019-03-251-17/+1
|
* Fix typo in usage and comment.bluhm2019-03-213-6/+6
|
* Test that all supported TLS ciphers actually work. Establishbluhm2019-02-218-26/+308
| | | | | | connections between client and server implemented with LibreSSL or OpenSSL with a fixed cipher on each side. Check the used cipher in the session print out.
* one more error message that should go to stderrtb2019-02-131-2/+3
|
* getopt(3) returns int, not char. Fix type of ch variable to preventbluhm2019-02-112-6/+6
| | | | sign error during arm regress.
* Use malloc() and memcpy() the test X25519 x25519_peer_public value.jsing2019-02-031-3/+6
| | | | | | | Otherwise, if tlsext_keyshare_server_build() fails we call free with a pointer to static memory and bad things happen. Reported by bcook@
* zap a commented out line. 0RTT will need more thought thantb2019-01-271-2/+1
| | | | just uncommenting this.
* refactor and clean up the code generating dot output.tb2019-01-271-53/+76
|
* print errors to stderrtb2019-01-251-19/+21
|
* sort output suffixestb2019-01-251-2/+2
|
* Add code to visualize the state machine. Both the state machine and thetb2019-01-242-5/+79
| | | | | | | output will have to be tweaked, but this may as well happen in-tree. To try it, pkg_add graphviz and run 'make handshake.svg' in this directory. Committing early so Bob's followers can play.
* set the NEGOTIATED flag in the flags argument rather thantb2019-01-241-4/+4
| | | | squeezing it into the table.
* Add server side of versions, keyshare, and client and server of cookiebeck2019-01-241-6/+435
| | | | | | | | extensions for tls1.3. versions is currently defanged to ignore its result until tls13 server side wired in full, so that server side code still works today when we only support tls 1.2 ok bcook@ tb@ jsing@
* Remove SHA224 based sigalgs from use in TLS 1.2 as SHA224 is deprecated.beck2019-01-242-31/+21
| | | | | Remove GOST based sigalgs from TLS 1.2 since they don't work with TLS 1.2. ok jsing@
* make whitespace inside curlies consistent; sort function prototypes.tb2019-01-231-24/+24
|
* Rename NUM_HANDSHAKE to handshake_count and make it a variabletb2019-01-232-10/+44
| | | | | | | | | so it can be used from regress. Update regress accordingly. Make sure the print target generates the entire table as it currently is in tls13_handshake.c discussed with beck and jsing ok jsing
* Modify sigalgs extension processing to accomodate TLS 1.3.beck2019-01-232-25/+28
| | | | | | | | | | - Make a separate sigalgs list for TLS 1.3 including only modern algorithm choices which we use when the handshake will not negotiate TLS 1.2. - Modify the legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as mandated by RFC8446 when the handshake will permit negotiation of TLS 1.2 from a 1.3 handshake. ok jsing@ tb@
* revert previous, accidentally contained another diff in additionbeck2019-01-232-28/+25
| | | | to the one I intended to commit
* Modify sigalgs extension processing for TLS 1.3.beck2019-01-232-25/+28
| | | | | | | | | - Make a separate sigalgs list for TLS 1.3 including only modern algorithm choices which we use when the handshake will not negotiate TLS 1.2 - Modify the legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as mandated by RFC8446 when the handshake will permit negotiation of TLS 1.2 ok jsing@ tb@
* incorrrect spellingtb2019-01-231-2/+2
|
* do not print the command in the print: targettb2019-01-231-2/+2
|
* Add a regression test that builds up the handshake state tabletb2019-01-232-1/+399
| | | | | | | from graph information and cross-checks it against the state table in tls13_handshake.c. with help from jsing
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-26 02:16:32 +0000