openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Age	Files	Lines
...
*	Actually disable cipher interop tests.	jsing	2020-01-25	1	-3/+3
\|
*	Disable the cipher interop tests.	jsing	2020-01-25	1	-3/+4
\| \| \| \| \| \| \| \| \| \|	These make far too many assumptions about cipher suites - TLSv1.3 cipher suites can only be used with TLSv1.3 and there is tests using TLSv1.3 cipher suites with TLSv1.2 will not work. Likewise, expecting TLSv1.2 cipher suites to work with TLSv1.3 is futile. Additionally, eopenssl11 lists TLSv1.3 cipher suites with different names to libressl. Futher work will be necessary before this can be re-enabled.
*	Accept both TLSv1.2 and TLSv1.3 protocols for netcat.	jsing	2020-01-25	1	-4/+3
\| \| \| \| \|	This can potentially be improved by adding knowledge about which libraries support which versions and handle differences between clients and servers.
*	Disable session regress for libressl client talking to openssl11 server.	jsing	2020-01-25	1	-1/+2
\| \| \| \|	This is now talking over TLSv1.3 and needs session support.
*	Disable the client hello message regress test for now.	jsing	2020-01-25	1	-2/+2
\| \| \| \| \| \| \|	The golden values have changed due to TLSv1.3 and will likely change more in the near future. This will be updated and re-enabled when things settle. Discussed with beck@
*	Ensure that TLSv1.0 and TLSv1.1 are enabled before running SSLv2 client	jsing	2020-01-25	1	-5/+10
\| \| \| \|	hello tests.
*	Nuke trailing whitespace that is annoying before changing things in here	beck	2019-11-26	1	-6/+6
\|
*	fix printing of client app secret	beck	2019-11-18	1	-2/+2
\|
*	Add regress for the updating of sever and client application secrets	beck	2019-11-18	1	-2/+47
\|
*	It has been called to my attention that the cookie monster ascii art	beck	2019-11-10	1	-17/+7
\| \| \| \| \| \| \| \| \|	in this test which I had obtained from a site purporting it to be free for use with artist attribtion might not be. After looking at at some other muppett ascii art for inspiration I am replacing this with my own ascii art muppet to replace the previously used cookie monster. The copyright for the art is the same as my code.
*	use curly braces for consistency	tb	2019-11-06	1	-2/+2
\|
*	Proper prototype for main(). Make sparc64 happier.	claudio	2019-05-09	1	-2/+4
\|
*	exitting -> exiting	tb	2019-04-07	1	-1/+1
\| \| \| \|	From Michael Scovetta, PR #108
*	whitespace consistency	tb	2019-04-05	1	-1/+2
\|
*	Add SERVER_HELLO_RETRY state	tb	2019-04-05	1	-1/+7
\|
*	I forgot to mark some targets as .PHONY	tb	2019-04-04	1	-1/+5
\|
*	Use correct define.	jsing	2019-04-04	1	-2/+2
\|
*	Enable GOST cipher selection test after libssl has been fixed.	bluhm	2019-03-28	1	-6/+1
\|
*	Update regress following sigalgs changes.	jsing	2019-03-25	1	-17/+1
\|
*	Fix typo in usage and comment.	bluhm	2019-03-21	3	-6/+6
\|
*	Test that all supported TLS ciphers actually work. Establish	bluhm	2019-02-21	8	-26/+308
\| \| \| \| \| \|	connections between client and server implemented with LibreSSL or OpenSSL with a fixed cipher on each side. Check the used cipher in the session print out.
*	one more error message that should go to stderr	tb	2019-02-13	1	-2/+3
\|
*	getopt(3) returns int, not char. Fix type of ch variable to prevent	bluhm	2019-02-11	2	-6/+6
\| \| \| \|	sign error during arm regress.
*	Use malloc() and memcpy() the test X25519 x25519_peer_public value.	jsing	2019-02-03	1	-3/+6
\| \| \| \| \| \| \|	Otherwise, if tlsext_keyshare_server_build() fails we call free with a pointer to static memory and bad things happen. Reported by bcook@
*	zap a commented out line. 0RTT will need more thought than	tb	2019-01-27	1	-2/+1
\| \| \| \|	just uncommenting this.
*	refactor and clean up the code generating dot output.	tb	2019-01-27	1	-53/+76
\|
*	print errors to stderr	tb	2019-01-25	1	-19/+21
\|
*	sort output suffixes	tb	2019-01-25	1	-2/+2
\|
*	Add code to visualize the state machine. Both the state machine and the	tb	2019-01-24	2	-5/+79
\| \| \| \| \| \| \|	output will have to be tweaked, but this may as well happen in-tree. To try it, pkg_add graphviz and run 'make handshake.svg' in this directory. Committing early so Bob's followers can play.
*	set the NEGOTIATED flag in the flags argument rather than	tb	2019-01-24	1	-4/+4
\| \| \| \|	squeezing it into the table.
*	Add server side of versions, keyshare, and client and server of cookie	beck	2019-01-24	1	-6/+435
\| \| \| \| \| \| \| \|	extensions for tls1.3. versions is currently defanged to ignore its result until tls13 server side wired in full, so that server side code still works today when we only support tls 1.2 ok bcook@ tb@ jsing@
*	Remove SHA224 based sigalgs from use in TLS 1.2 as SHA224 is deprecated.	beck	2019-01-24	2	-31/+21
\| \| \| \| \|	Remove GOST based sigalgs from TLS 1.2 since they don't work with TLS 1.2. ok jsing@
*	make whitespace inside curlies consistent; sort function prototypes.	tb	2019-01-23	1	-24/+24
\|
*	Rename NUM_HANDSHAKE to handshake_count and make it a variable	tb	2019-01-23	2	-10/+44
\| \| \| \| \| \| \| \| \|	so it can be used from regress. Update regress accordingly. Make sure the print target generates the entire table as it currently is in tls13_handshake.c discussed with beck and jsing ok jsing
*	Modify sigalgs extension processing to accomodate TLS 1.3.	beck	2019-01-23	2	-25/+28
\| \| \| \| \| \| \| \| \| \|	- Make a separate sigalgs list for TLS 1.3 including only modern algorithm choices which we use when the handshake will not negotiate TLS 1.2. - Modify the legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as mandated by RFC8446 when the handshake will permit negotiation of TLS 1.2 from a 1.3 handshake. ok jsing@ tb@
*	revert previous, accidentally contained another diff in addition	beck	2019-01-23	2	-28/+25
\| \| \| \|	to the one I intended to commit
*	Modify sigalgs extension processing for TLS 1.3.	beck	2019-01-23	2	-25/+28
\| \| \| \| \| \| \| \| \|	- Make a separate sigalgs list for TLS 1.3 including only modern algorithm choices which we use when the handshake will not negotiate TLS 1.2 - Modify the legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as mandated by RFC8446 when the handshake will permit negotiation of TLS 1.2 ok jsing@ tb@
*	incorrrect spelling	tb	2019-01-23	1	-2/+2
\|
*	do not print the command in the print: target	tb	2019-01-23	1	-2/+2
\|
*	Add a regression test that builds up the handshake state table	tb	2019-01-23	2	-1/+399
\| \| \| \| \| \| \|	from graph information and cross-checks it against the state table in tls13_handshake.c. with help from jsing
*	Update record regress to match functionality changes.	jsing	2019-01-20	1	-6/+37
\|
*	hook handshake test	tb	2019-01-20	1	-1/+2
\|
*	Add a simple test that verifies that every valid handshake	tb	2019-01-20	2	-0/+76
\| \| \| \|	sets action->handshake_complete.
*	Hook record regress.	jsing	2019-01-19	1	-1/+3
\|
*	Add regress for TLSv1.3 record handling.	jsing	2019-01-19	2	-0/+533
\|
*	initialize offset value so this passes	beck	2019-01-18	1	-0/+1
\| \| \| \|	ok jsing@
*	Add client side of supported versions and keyshare extensions with basic regress	beck	2019-01-18	1	-1/+192
\| \| \| \|	ok jsing@
*	Removed unused struct members.	jsing	2019-01-18	1	-2/+0
\|
*	Update regress following TLS extension renaming.	jsing	2019-01-18	2	-379/+378
\|
*	Add regress for extensible buffer code.	jsing	2019-01-17	3	-1/+169
\|