summaryrefslogtreecommitdiff
path: root/src/regress/lib/libssl (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Enable large number of extension tests and stop skippking QUIC transporttb2024-09-181-8/+3
| | | | parameter extension which we now know about
* tlsfuzzer: add a start-server convenience target for interactive testingtb2024-09-171-2/+6
|
* tlsfuzzer: grammar fix missed in previoustb2024-09-141-2/+2
|
* typo: troups -> groupstb2024-09-131-2/+2
|
* parametes -> parameterstb2024-09-111-2/+2
|
* Futhermore -> Furthermoretb2024-09-071-2/+2
|
* Prepare for an upcoming tlsfuzzer test that expects decode_errortb2024-09-061-2/+5
| | | | when we send illegal_parameter. Shrug.
* Update for OPENSSL_cpu_caps() now being machine independent.jsing2024-08-313-17/+5
|
* Undo workaround for EVP_PKEY_*check() removaltb2024-08-311-3/+2
|
* Disable hmac and pkey_ec tests until after the bumptb2024-08-291-2/+3
|
* Remove unwanted trailing newlines from err/warn format strings.anton2024-08-231-2/+2
|
* Drop OpenSSL 3.0 interop testing infrastructuretb2024-08-188-75/+11
| | | | | The openssl 3.0 port was removed nearly a year ago shortly after the 7.4 release.
* Add support for openssl32 in interop testtb2024-08-187-9/+70
|
* Revise regress for ssl3_get_cipher() changes.jsing2024-07-231-8/+3
|
* Revise regress to match cipher suite values change.jsing2024-07-222-17/+13
|
* Fix golden numbers after beck broke it months agotb2024-07-202-23/+20
| | | | (why is it always me who gets to clean up this shit?)
* Add RCS idtb2024-07-171-0/+1
|
* Enable regress for SSL_CIPHER_get_handshake_digest()jsing2024-07-171-4/+0
| | | | Turns out this is already linked statically.
* Rework cipher find test to also provide coverage for SSL_CIPHER_*()jsing2024-07-171-8/+754
|
* Update regress for removal of SSL_HANDSHAKE_MAC_DEFAULT.jsing2024-07-161-25/+2
|
* Adjust regress to match changes in SSL_select_next_proto() argstb2024-07-111-123/+99
|
* Add more regress coverage for SSL_select_next_proto()tb2024-06-281-1/+291
|
* rust-openssl: switch from deprecated config to config.tomltb2024-06-232-2/+2
|
* openssl-ruby: prepare test for default ruby switchtb2024-06-151-1/+5
|
* make test struct consttb2024-06-051-3/+3
|
* symbols test: drop headers that don't define any symbolstb2024-05-081-4/+1
|
* Instead of unhooking libssl/client regress tests, flag them as expectedanton2024-04-222-4/+6
| | | | | | to fail. ok tb@
* SSL_version_str is no moretb2024-04-171-5/+1
|
* Initialize quic_method in tlsexttesttb2024-03-301-3/+3
| | | | | | | This is only there to pretend a quic method was set on the SSL, but apparently some compilers warn about an uninitialized variable. from Christian Andersen
* Fix coverity complaints.beck2024-03-281-4/+6
|
* fix leaks in the horrible ssl whackery necessary for this test.beck2024-03-271-4/+5
| | | | ok tb@
* Fix up server processing of key shares.beck2024-03-271-5/+96
| | | | | | | | | | | | | | | | | | | Ensure that the client can not provide a duplicate key share for any group, or send more key shares than groups they support. Ensure that the key shares must be provided in the same order as the client preference order specified in supported_groups. Ensure we only will choose to use a key share that is for the most preferred group by the client that we also support, to avoid the client being downgraded by sending a less preferred key share. If we do not end up with a key share for the most preferred mutually supported group, will then do a hello retry request selecting that group. Add regress for this to regress/tlsext/tlsexttest.c ok jsing@
* Fix expected client hello value to allow for supported_groups change.beck2024-03-261-4/+4
| | | | ok jsing@
* Disable client handshake test for now for pending changes.beck2024-03-261-2/+3
| | | | ok jsing@
* Revise for TLS extension parsing/processing changes.jsing2024-03-251-108/+42
|
* Revise TLS extension regress for parse/process changes.jsing2024-03-251-43/+108
|
* Remove now unused certificates (which are also soon to expire).jsing2024-03-213-147/+0
|
* Use the new certificates/chains in regress.jsing2024-03-206-22/+23
| | | | | | | | | | The new certificates are more representative of the real world. The old certificates use weak algorithms and expire in the very near future. Most of our regress has already been switched over, this changes the remainder. Thanks to Bernhard M. Wiedemann for reminding us of the upcoming expiry. ok tb@
* Remove the ciphers_by_values_test()tb2024-03-011-56/+0
|
* exporter: use the atrocious SSL_CIPHER_find() rather than get_by_id()tb2024-03-011-2/+5
|
* ssltest: drop another use of CRYPTO_mem_leaks()tb2024-03-011-2/+1
|
* Remove GOST and STREEBOG support from libssl.beck2024-02-034-189/+115
| | | | | | | | | | | | | | | | | | This version of GOST is old and not anywhere close to compliant with modern GOST standards. It is also very intrusive in libssl and makes a mess everywhere. Efforts to entice a suitably minded anyone to care about it have been unsuccessful. At this point it is probably best to remove this, and if someone ever showed up who truly needed a working version, it should be a clean implementation from scratch, and have it use something closer to the typical API in libcrypto so it would integrate less painfully here. This removes it from libssl in preparation for it's removal from libcrypto with a future major bump ok tb@
* Add a shutdown sequence regress test.jsing2024-01-301-3/+133
| | | | | | | | | | Some software relies on SSL_shutdown() returning 0 (indicating close-notify sent) before returning 1 on a subsequent call (indicating close-notify sent and received). It is worth noting that there is no guarantee that this will occur in normal operation, as the peer could send a close-notify prior to SSL_shutdown() being called. This is currently failing for TLSv1.3.
* Enable for TLSv1.3 now that shutdown behaviour matches the legacy stack.jsing2024-01-271-3/+1
|
* Enable shutdown regress test.jsing2024-01-191-1/+2
|
* Add regress test coverage for SSL_shutdown().jsing2024-01-192-0/+546
| | | | | | | This tests and codifies the behaviour of SSL_shutdown() with respect to SSL_quiet_shutdown() and SSL_set_shutdown(). For now, only the legacy stack (TLSv1.2) is tested, as there are currently some subtle differences with the TLSv1.3 stack.
* tlsexttest: \178 isn't a valid octal escape sequencetb2023-12-131-2/+2
|
* Remove last OPENSSL_NO_ENGINE from libssl regresstb2023-11-191-7/+1
|
* Add support for OpenSSL 3.1 interop teststb2023-10-308-11/+74
| | | | | | Until OpenSSL 3.1 has replaced OpenSSL 3.0 on most architectures, run both tests. Installed packages of OpenSSL 3.0 will update automatically to 3.1, so regress runners should not need to do anything.
* Make libssl interop server/client tests less flaky by ensuring theanton2023-10-181-1/+3
| | | | server has terminated before examining the outcome.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 06:51:00 +0000