summaryrefslogtreecommitdiff
path: root/src/regress/lib (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Make regress work again post hackathon tls_handshake/tls_read/tls_writejsing2015-10-131-7/+42
| | | | changes.
* Add another invalid time, which is currently accepted.jsing2015-10-021-1/+4
|
* Fix a bug in the regress, and be much more pedantic about what is allowedbeck2015-09-301-22/+46
| | | | | | | per RFC 5380 in an X509. RFC 5280 states that all times before 2050 must be specified as a UTCtime, not a Generalized time, and all times after must be a UTC time. By extension this also means the smallest time allowed per RFC 5280 is 500101000000Z and the largest is 99991231235959Z..
* Add an rfc5280 test suite to test x509_cmp_time.beck2015-09-292-2/+362
| | | | | | Note some of these will yet fail with the current libcrypto as the current X509_cmp_time is not RFC5280 compliant ok jsing@
* Fix sha2 regression test for libcrypto.doug2015-09-291-2/+2
| | | | | | | | | By default, "openssl sha" used SHA-0. However, it was possible to use the form "openssl sha -sha256" to run SHA-256 instead. The regression test used this form. Since we removed SHA-0 support, the regress tests should now call "openssl <digest>". ok guenther@, bcook@
* check if openssl(1) actually works before proceedingbcook2015-09-271-0/+2
| | | | | It was possible for this test to pass even if the openssl command itself was missing.
* Add DER encoding/decoding coverage for ASN.1 GENERALIZEDTIME and UTCTIME.jsing2015-09-251-39/+158
|
* Add initial regress tests for ASN.1 times.jsing2015-09-253-1/+372
|
* Test the exported strsignal() API, not the (now hidden) internal APIguenther2015-09-141-8/+2
| | | | noted by daniel@
* Temporarily revive MD4 for MS CHAP support.doug2015-09-143-1/+136
|
* Remove MD4 support from LibreSSL.doug2015-09-133-136/+1
| | | | | | | | MD4 should have been removed a long time ago. Also, RFC 6150 moved it to historic in 2011. Rides the major crank from removing SHA-0. Discussed with many including beck@, millert@, djm@, sthen@ ok jsing@, input + ok bcook@
* Another style(9) grenade.jsing2015-09-131-550/+825
|
* Remove SHA-0 support.doug2015-09-134-176/+1
| | | | | | | SHA-0 was withdrawn shortly after publication 20 years ago and replaced with SHA-1. This will require a major crank. ok bcook@, jsing@
* Revise regression test so that it works correctly with AES taking priorityjsing2015-09-131-34/+191
| | | | if hardware acceleration is available.
* Remove explicit NULL checks before *_free() calls and tidy some code.jsing2015-09-131-28/+22
|
* Use ECDH_size() and do some other clean up.jsing2015-09-131-7/+6
|
* remove e_os2.h includesbcook2015-09-132-2/+0
| | | | ok jsing@
* Wrap long lines.jsing2015-09-131-16/+32
|
* style(9) grenade.jsing2015-09-131-153/+178
|
* Cleanup enginetest a bit.bcook2015-09-121-104/+84
| | | | | It was the only thing preventing -Werror from building on some systems due to the unchecked asprintf's.
* regress test that we do not allow a wildcard match for ".openbsd.org"beck2015-09-111-1/+6
| | | | against a wildcard of "*.openbsd.org"
* fix verify to allow for servername->namebeck2015-09-111-25/+25
| | | | ok jsing@
* Add an initial TLS client regress, which currently covers ClientHellojsing2015-09-013-1/+369
| | | | message generation.
* Remove SSLv3 support from LibreSSL regression tests.doug2015-08-273-56/+5
|
* ISO8859-1 support has been removedguenther2015-08-231-8/+1
| | | | ok semarie@
* Don't hardcode /usr/src, use BSDSRCDIRtobiasu2015-07-311-2/+2
|
* Add VIS_DQ to escape double quotes. OK deraadt@ semarie@ reyk@millert2015-07-201-1/+3
|
* simplify length checking in do_indefinite_convertbcook2015-07-181-11/+17
| | | | | Fixes Coverity 117506, 117507, 117508 ok doug@
* remove mysterious, decorative comment blockletsbcook2015-07-181-21/+21
|
* Explicitly mark ignored BN_* return vals in tests.bcook2015-07-181-6/+6
| | | | | The tests will fail all the same. Fixes Coverity 78811 21659 21658 21657. Discussed with beck@
* check sscanf conversion, fixes Coverity 21666bcook2015-07-181-2/+6
| | | | ok doug@, miod@, guenther@
* Unhook tls_ext_alpn test until the code passes it.doug2015-07-131-2/+5
|
* Add tests for parsing TLS extension ALPN (RFC 7301).doug2015-07-092-2/+446
| | | | The current libssl code does not pass these tests yet.
* add setlocale testsemarie2015-07-071-1/+3
|
* add regress test for setlocale(3) and some relatedsemarie2015-07-072-0/+140
| | | | | | functions (MB_CUR_MAX, isalpha() for ctype. some tips from stsp@
* specify the array initializer valuelibressl-v2.2.1bcook2015-07-011-2/+2
| | | | noted by kinichiro from github
* Convert ssl_bytes_to_cipher_list to CBS.doug2015-06-282-3/+19
| | | | | | | Link in the new 'unit' regress and expand the invalid tests to include some that would fail before the CBS conversion. input + ok miod@ jsing@
* Add unit tests for LibreSSL.doug2015-06-273-0/+256
| | | | | | cipher_list.c is based on code from jsing@. Discussed with jsing@
* Change CBS_dup() to also sync the offset.doug2015-06-231-1/+37
| | | | | | | Previously, CBS_dup() had its own offset. However, it is more consistent to copy everything. ok miod@ jsing@
* Convert bytestringtest to individual checks and don't short circuit.doug2015-06-231-321/+337
| | | | | | | | | The statements were chained together with OR which makes it more annoying to debug. Also, it was short circuiting all tests as soon as one function failed. Since the functions are independent, they should each run until error. Discussed with miod@ and jsing@
* Remove unnecessary regress target.doug2015-06-231-7/+2
|
* Remove obsolete MDC-2DES from libcrypto.doug2015-06-203-134/+1
| | | | ok deraadt@ jsing@ miod@
* Add tests for CBS_offset() and CBS_write_bytes().doug2015-06-171-2/+70
| | | | "no problem" miod@, tweak + ok jsing@
* Be more strict about BER and DER terminology.doug2015-06-161-15/+18
| | | | | | | | bs_ber.c does not convert BER to DER. It's a hack to convert a DER-like encoding with one violation (indefinite form) to strict DER. Rename the functions to reflect this. ok miod@ jsing@
* Need to operate of CXXFLAGS now.miod2015-05-291-3/+3
|
* Make this run on strict alignment architectures.miod2015-05-081-6/+9
|
* Check for invalid leading zeros in CBS_get_asn1_uint64.doug2015-04-251-2/+4
| | | | | | | | | | ASN.1 integers cannot have all zeros or all ones for the first 9 bits. This rule ensures the numbers are encoded with the smallest number of content octets (see ITU-T Rec X.690 section 8.3.2). Based on BoringSSL commit 5933723b7b592e9914f703d630b596e140c93e16 ok deraadt@ jsing@
* Now that tls_close() is more robust, consider a failure to be fatal.jsing2015-04-151-1/+1
|
* fix for regression test for strtol(). it failed (the wrong kind ofphessler2015-03-151-2/+2
| | | | | | | | fail), on 64-bit systems. tested on 64-bit (amd64) and 32-bit (sparc). OK claudio@ deraadt@
* Reject DH keys sent by a server if they are considered too small; inspiredmiod2015-03-081-38/+4
| | | | | by a similar BoringSSL change, but raising the limit to 1024 bits. ok jsing@ markus@ guenther@ deraadt@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-23 10:53:29 +0000