| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Test SSL_OP_NO_RENEGOTIATION and SSL_OP_ALLOW_CLIENT_RENEGOTIATION. | jsing | 4 days | 1 | -1/+56 |
| | | | | | | Extend renegotiation tests to cover SSL_OP_NO_RENEGOTIATION and SSL_OP_ALLOW_CLIENT_RENEGOTIATION. | ||||
| * | Improve detection and handling of alerts in renegotiation regress. | jsing | 2025-02-01 | 1 | -23/+76 |
| | | |||||
| * | Hook renegotiation regress. | jsing | 2025-02-01 | 1 | -1/+2 |
| | | |||||
| * | Fix certificate paths. | jsing | 2025-02-01 | 1 | -4/+4 |
| | | |||||
| * | Add regress coverage for TLS renegotiation. | jsing | 2025-02-01 | 2 | -0/+560 |
| | | |||||
| * | Interop tests for openssl 3.3 and 3.4, retire 3.2, 1.1 (and 3.1 remnants) | tb | 2025-01-15 | 12 | -191/+130 |
| | | | | | | | OpenSSL 1.1 and 3.2 will be removed from the ports tree, so test the two remaining versions. Unfortunately, this requires a lot more manual massaging than there should be. | ||||
| * | Suppress warning noise from deprecated OpenSSL API | tb | 2024-10-22 | 1 | -1/+2 |
| | | |||||
| * | rust-openssl: set resolver="2" for workspace | tb | 2024-10-15 | 1 | -0/+1 |
| | | | | | silences an annoying warning | ||||
| * | Enable large number of extension tests and stop skippking QUIC transport | tb | 2024-09-18 | 1 | -8/+3 |
| | | | | | parameter extension which we now know about | ||||
| * | tlsfuzzer: add a start-server convenience target for interactive testing | tb | 2024-09-17 | 1 | -2/+6 |
| | | |||||
| * | tlsfuzzer: grammar fix missed in previous | tb | 2024-09-14 | 1 | -2/+2 |
| | | |||||
| * | typo: troups -> groups | tb | 2024-09-13 | 1 | -2/+2 |
| | | |||||
| * | parametes -> parameters | tb | 2024-09-11 | 1 | -2/+2 |
| | | |||||
| * | Futhermore -> Furthermore | tb | 2024-09-07 | 1 | -2/+2 |
| | | |||||
| * | Prepare for an upcoming tlsfuzzer test that expects decode_error | tb | 2024-09-06 | 1 | -2/+5 |
| | | | | | when we send illegal_parameter. Shrug. | ||||
| * | Update for OPENSSL_cpu_caps() now being machine independent. | jsing | 2024-08-31 | 3 | -17/+5 |
| | | |||||
| * | Undo workaround for EVP_PKEY_*check() removal | tb | 2024-08-31 | 1 | -3/+2 |
| | | |||||
| * | Disable hmac and pkey_ec tests until after the bump | tb | 2024-08-29 | 1 | -2/+3 |
| | | |||||
| * | Remove unwanted trailing newlines from err/warn format strings. | anton | 2024-08-23 | 1 | -2/+2 |
| | | |||||
| * | Drop OpenSSL 3.0 interop testing infrastructure | tb | 2024-08-18 | 8 | -75/+11 |
| | | | | | | The openssl 3.0 port was removed nearly a year ago shortly after the 7.4 release. | ||||
| * | Add support for openssl32 in interop test | tb | 2024-08-18 | 7 | -9/+70 |
| | | |||||
| * | Revise regress for ssl3_get_cipher() changes. | jsing | 2024-07-23 | 1 | -8/+3 |
| | | |||||
| * | Revise regress to match cipher suite values change. | jsing | 2024-07-22 | 2 | -17/+13 |
| | | |||||
| * | Fix golden numbers after beck broke it months ago | tb | 2024-07-20 | 2 | -23/+20 |
| | | | | | (why is it always me who gets to clean up this shit?) | ||||
| * | Add RCS id | tb | 2024-07-17 | 1 | -0/+1 |
| | | |||||
| * | Enable regress for SSL_CIPHER_get_handshake_digest() | jsing | 2024-07-17 | 1 | -4/+0 |
| | | | | | Turns out this is already linked statically. | ||||
| * | Rework cipher find test to also provide coverage for SSL_CIPHER_*() | jsing | 2024-07-17 | 1 | -8/+754 |
| | | |||||
| * | Update regress for removal of SSL_HANDSHAKE_MAC_DEFAULT. | jsing | 2024-07-16 | 1 | -25/+2 |
| | | |||||
| * | Adjust regress to match changes in SSL_select_next_proto() args | tb | 2024-07-11 | 1 | -123/+99 |
| | | |||||
| * | Add more regress coverage for SSL_select_next_proto() | tb | 2024-06-28 | 1 | -1/+291 |
| | | |||||
| * | rust-openssl: switch from deprecated config to config.toml | tb | 2024-06-23 | 2 | -2/+2 |
| | | |||||
| * | openssl-ruby: prepare test for default ruby switch | tb | 2024-06-15 | 1 | -1/+5 |
| | | |||||
| * | make test struct const | tb | 2024-06-05 | 1 | -3/+3 |
| | | |||||
| * | symbols test: drop headers that don't define any symbols | tb | 2024-05-08 | 1 | -4/+1 |
| | | |||||
| * | Instead of unhooking libssl/client regress tests, flag them as expected | anton | 2024-04-22 | 2 | -4/+6 |
| | | | | | | | to fail. ok tb@ | ||||
| * | SSL_version_str is no more | tb | 2024-04-17 | 1 | -5/+1 |
| | | |||||
| * | Initialize quic_method in tlsexttest | tb | 2024-03-30 | 1 | -3/+3 |
| | | | | | | | | This is only there to pretend a quic method was set on the SSL, but apparently some compilers warn about an uninitialized variable. from Christian Andersen | ||||
| * | Fix coverity complaints. | beck | 2024-03-28 | 1 | -4/+6 |
| | | |||||
| * | fix leaks in the horrible ssl whackery necessary for this test. | beck | 2024-03-27 | 1 | -4/+5 |
| | | | | | ok tb@ | ||||
| * | Fix up server processing of key shares. | beck | 2024-03-27 | 1 | -5/+96 |
| | | | | | | | | | | | | | | | | | | | | Ensure that the client can not provide a duplicate key share for any group, or send more key shares than groups they support. Ensure that the key shares must be provided in the same order as the client preference order specified in supported_groups. Ensure we only will choose to use a key share that is for the most preferred group by the client that we also support, to avoid the client being downgraded by sending a less preferred key share. If we do not end up with a key share for the most preferred mutually supported group, will then do a hello retry request selecting that group. Add regress for this to regress/tlsext/tlsexttest.c ok jsing@ | ||||
| * | Fix expected client hello value to allow for supported_groups change. | beck | 2024-03-26 | 1 | -4/+4 |
| | | | | | ok jsing@ | ||||
| * | Disable client handshake test for now for pending changes. | beck | 2024-03-26 | 1 | -2/+3 |
| | | | | | ok jsing@ | ||||
| * | Revise for TLS extension parsing/processing changes. | jsing | 2024-03-25 | 1 | -108/+42 |
| | | |||||
| * | Revise TLS extension regress for parse/process changes. | jsing | 2024-03-25 | 1 | -43/+108 |
| | | |||||
| * | Remove now unused certificates (which are also soon to expire). | jsing | 2024-03-21 | 3 | -147/+0 |
| | | |||||
| * | Use the new certificates/chains in regress. | jsing | 2024-03-20 | 6 | -22/+23 |
| | | | | | | | | | | | The new certificates are more representative of the real world. The old certificates use weak algorithms and expire in the very near future. Most of our regress has already been switched over, this changes the remainder. Thanks to Bernhard M. Wiedemann for reminding us of the upcoming expiry. ok tb@ | ||||
| * | Remove the ciphers_by_values_test() | tb | 2024-03-01 | 1 | -56/+0 |
| | | |||||
| * | exporter: use the atrocious SSL_CIPHER_find() rather than get_by_id() | tb | 2024-03-01 | 1 | -2/+5 |
| | | |||||
| * | ssltest: drop another use of CRYPTO_mem_leaks() | tb | 2024-03-01 | 1 | -2/+1 |
| | | |||||
| * | Remove GOST and STREEBOG support from libssl. | beck | 2024-02-03 | 4 | -189/+115 |
| | | | | | | | | | | | | | | | | | | | This version of GOST is old and not anywhere close to compliant with modern GOST standards. It is also very intrusive in libssl and makes a mess everywhere. Efforts to entice a suitably minded anyone to care about it have been unsuccessful. At this point it is probably best to remove this, and if someone ever showed up who truly needed a working version, it should be a clean implementation from scratch, and have it use something closer to the typical API in libcrypto so it would integrate less painfully here. This removes it from libssl in preparation for it's removal from libcrypto with a future major bump ok tb@ | ||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |