summaryrefslogtreecommitdiff
path: root/src/regress/lib/libssl (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Revert accidental committb2022-07-181-2/+2
|
* Add comments to explain the magic numbers 57 and 58tb2022-07-182-3/+6
|
* Avoid sending the QUIC transport parameters extension now that wetb2022-07-181-4/+4
| | | | | | send an unsupported extension alert. Noted by anton
* Revise regress for QUIC transport parameters TLS extension.jsing2022-07-171-15/+32
|
* Use the security level knob in the test script.tb2022-07-071-2/+14
| | | | from beck
* Only run tests against ciphers supported by the method.tb2022-07-072-4/+28
|
* Add some minimal regress coverage for the security level.tb2022-07-071-1/+6
| | | | From beck
* Make the ssltest security level aware.tb2022-07-071-1/+9
| | | | From beck
* Switch ssltest to using the newly generated certs that use SHA-256 insteadtb2022-07-072-8/+6
| | | | | | of SHA-1. This helps the switch to security-level aware ssltest. From jsing
* Adjust to new tls1_ec_nid2group_id API.tb2022-07-021-7/+13
|
* Add support for sending QUIC transport parametersbeck2022-06-291-1/+257
| | | | | | | | | | This is the start of adding the boringssl API for QUIC support, and the TLS extensions necessary to send and receive QUIC transport data. Inspired by boringssl's https://boringssl-review.googlesource.com/24464 ok jsing@ tb@
* Use relative paths so beck can run regress in his git tree and havetb2022-06-294-8/+12
| | | | the correct ssl_local.h etc be picked up.
* More %i vs %d cleanuptb2022-06-107-20/+20
|
* Fix format strings: change %i, %li, %lli to %d, %ld, %lld and switch totb2022-06-071-18/+18
| | | | | %zu for master_key_length, session_id_length and sid_ctx_length, which are now size_t.
* Minor tweaks to psk modes regresstb2022-06-061-3/+3
|
* move the calls to psk kex modes tests down to match order in ssl_tlsext.ctb2022-06-051-4/+4
|
* Add regress coverage for PSK kex modes tlsext handlers.tb2022-06-051-2/+210
|
* Add the two length tests. Can't currently run them because we need antb2022-05-141-1/+6
| | | | echo server.
* If Ruby 3.1 isn't available, try to fall back to Ruby 3.0 so thattb2022-05-101-1/+5
| | | | | regress on bluhm's test machines have a chance to pass on slower architectures while package builds catch up.
* Default Ruby is now 3.1tb2022-05-081-2/+2
|
* Add missing self. From antontb2022-04-211-2/+2
|
* Some more c99 initializers for consistency and readabilitytb2022-03-081-23/+62
|
* Plug leaks reported by Ilya Shipitsintb2022-02-081-1/+5
|
* Plug a number of leaks reported by Ilya Shipitsintb2022-02-081-2/+9
|
* cope with recent S3I removal; ok tb@anton2022-02-061-2/+2
|
* Add a workaround due to OpenSSL's limitation of SSL_CTX_set_cipher_listtb2022-02-051-1/+5
| | | | | | | | | | | | | | | | SSL_CTX_set_cipher_list() in OpenSSL 1.1 does not accept TLSv1.3 ciphers. This wasn't a problem until now since the AEAD- ciphers were counted as distinct from TLS_ ciphers by the regress test, so they were never used in the {run,check}-cipher-${cipher}-client-${clib}-server-${slib} tests With the renaming, the TLSv1.3 ciphers are now considered as common ciphers, so they're tested. With openssl11 this results in 0:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl/ssl_lib.c:2573: The design of these tests doesn't allow easily adding a call to SSL_CTX_set_ciphersuites (since they also need to work with openssl 1.0.2) so skip the TLS_* ciphers for the time being.
* Mechanically adjust from AEAD- to TLS_ to adjust to the new cipher names.tb2022-02-051-10/+5
|
* Adjust the ssl_get_shared_ciphers to the new names.tb2022-02-051-23/+23
|
* Revise for S3I removal.jsing2022-02-051-81/+81
|
* Revise for peer_cert.jsing2022-01-111-6/+6
|
* Revise for changes to tls_key_share_peer_public()jsing2022-01-111-2/+4
|
* Let dtlstest peek into bio_local.htb2022-01-072-2/+4
|
* Revise for change to tls_key_share_peer_public()jsing2022-01-061-3/+2
|
* Test CBB_add_u64()jsing2022-01-061-2/+6
|
* With openssl-ruby-tests 20220105, test_post_connection_check_wildcard_santb2022-01-061-2/+2
| | | | is now an unexpected pass, so remove it from the expected failures.
* Revise for tls13_key_share rename.jsing2022-01-051-11/+11
|
* Provide regress for SSL public APIs.jsing2022-01-053-1/+387
| | | | | | This will largely test curly and inconsistent APIs that are not covered by other regress tests. Currently, this tests the wonder that is SSL_get_peer_cert_chain().
* Plug memleakstb2021-12-291-3/+11
| | | | CID 345150
* One more leak of the same kindtb2021-12-291-2/+2
|
* Plug memleaktb2021-12-291-3/+3
| | | | CID 345160
* Provide a set of RSA and ECDSA test certificates/keys.jsing2021-12-2730-0/+919
| | | | These are generated using the make-certs.sh script.
* Provide a script to generate test certificates/keys.jsing2021-12-271-0/+263
| | | | | | | This will allow us to generate a variety of client and server certificates, including expired and revoked certificates, using both RSA and ECDSA. Discussed with tb@
* Add coverage for CBS additions.jsing2021-12-151-2/+50
|
* Tell testers which packages to install right away (and why)kn2021-12-023-3/+7
| | | | | | | Other regress tests do it differently; just fix/thouch those that did not mention any package name at all. This helps grepping logs for SKIPPED to find instructions for the next run.
* Prepare ssltest for opaque DHtb2021-11-211-18/+39
|
* Switch to BIO_up_ref() instead of adjusting references manually.tb2021-11-202-16/+6
|
* Use BIO_up_ref() instead of adjusting refcounts manuallytb2021-11-201-9/+3
|
* Fix ssltest to work with opaque EVP_PKEY.tb2021-11-181-22/+33
|
* Add regress that calls SSL_set_tlsext_host_name() with a NULL host name.jsing2021-11-021-1/+15
|
* Rework SNI hostname regress to be table driven.jsing2021-11-011-62/+147
| | | | | | | Also adjust for the changes to tlsext_sni_is_valid_hostname() and include tests for IPv4 and IPv6 literals. ok beck@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-18 20:08:46 +0000