summaryrefslogtreecommitdiff
path: root/src/regress/lib (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Nuke more leftover GOST tendrils.beck2024-03-283-1497/+1
| | | | ok tb@
* Fix coverity complaints.beck2024-03-281-4/+6
|
* fix leaks in the horrible ssl whackery necessary for this test.beck2024-03-271-4/+5
| | | | ok tb@
* Fix up server processing of key shares.beck2024-03-271-5/+96
| | | | | | | | | | | | | | | | | | | Ensure that the client can not provide a duplicate key share for any group, or send more key shares than groups they support. Ensure that the key shares must be provided in the same order as the client preference order specified in supported_groups. Ensure we only will choose to use a key share that is for the most preferred group by the client that we also support, to avoid the client being downgraded by sending a less preferred key share. If we do not end up with a key share for the most preferred mutually supported group, will then do a hello retry request selecting that group. Add regress for this to regress/tlsext/tlsexttest.c ok jsing@
* Fix expected client hello value to allow for supported_groups change.beck2024-03-261-4/+4
| | | | ok jsing@
* Disable client handshake test for now for pending changes.beck2024-03-261-2/+3
| | | | ok jsing@
* Codify more insane CRYPTO_EX_DATA API.jsing2024-03-251-9/+59
| | | | | | The current CRYPTO_EX_DATA implementation allows for data to be set without calling new, indexes can be used without allocation, new can be called without getting an index and dup can be called after new or without calling new.
* Revise for TLS extension parsing/processing changes.jsing2024-03-251-108/+42
|
* Revise TLS extension regress for parse/process changes.jsing2024-03-251-43/+108
|
* Add tests for EVP_get_cipherbyname(NULL) and EVP_get_digestbyname(NULL)jca2024-03-241-1/+25
| | | | Requested by and ok tb@
* Remove now unused certificates (which are also soon to expire).jsing2024-03-213-147/+0
|
* Use the new certificates/chains in regress.jsing2024-03-209-32/+33
| | | | | | | | | | The new certificates are more representative of the real world. The old certificates use weak algorithms and expire in the very near future. Most of our regress has already been switched over, this changes the remainder. Thanks to Bernhard M. Wiedemann for reminding us of the upcoming expiry. ok tb@
* Ugly workaround to let this compile again on non-clang platforms.miod2024-03-051-1/+9
|
* Remove the ciphers_by_values_test()tb2024-03-011-56/+0
|
* exporter: use the atrocious SSL_CIPHER_find() rather than get_by_id()tb2024-03-011-2/+5
|
* ssltest: drop another use of CRYPTO_mem_leaks()tb2024-03-011-2/+1
|
* Detect OPENSSL_NO_GOST correctlytb2024-02-291-1/+2
|
* CRYPTO_mem_leaks* will go away. Remove calls in legacy teststb2024-02-293-6/+3
|
* Link x509_algor test statically and switch to the internaltb2024-02-292-9/+18
| | | | X509_ALGOR_set0_evp_md()
* OBJ_NAME_TYPE_PKEY_METH is no longer supportedtb2024-02-291-5/+1
|
* Stop testing EVP_PKEY_GOST{IMIT,R01}tb2024-02-291-3/+1
|
* Prepare freenull test for GOST removaltb2024-02-291-1/+3
|
* asn1time: remove some debugging codetb2024-02-181-3/+1
|
* Tweak previoustb2024-02-181-7/+6
|
* Adjust regress test for memset() requested by jsing on reviewtb2024-02-181-4/+18
|
* Add regress coverage for the new APItb2024-02-182-2/+197
| | | | | This exercises the new API, in particular with respect to overflow behavior around the years 0/9999, which are special for GeneralizedTime/X.509.
* bio_dump: add a test that prints all values of a single bytetb2024-02-091-1/+59
|
* Cope with recent ctype.h prefix changes.anton2024-02-051-5/+5
|
* More missing voidtb2024-02-041-3/+3
| | | | From Christian Andersen
* Fix asn1_integer_null_data_test()tb2024-02-041-2/+2
| | | | | | | The failed variable was erroneously initialized to 0, making this test always pass. From Christian Andersen, thanks!
* Remove GOST and STREEBOG support from libssl.beck2024-02-034-189/+115
| | | | | | | | | | | | | | | | | | This version of GOST is old and not anywhere close to compliant with modern GOST standards. It is also very intrusive in libssl and makes a mess everywhere. Efforts to entice a suitably minded anyone to care about it have been unsuccessful. At this point it is probably best to remove this, and if someone ever showed up who truly needed a working version, it should be a clean implementation from scratch, and have it use something closer to the typical API in libcrypto so it would integrate less painfully here. This removes it from libssl in preparation for it's removal from libcrypto with a future major bump ok tb@
* bio_dump: fix indenttb2024-02-021-32/+32
|
* bio_dump: add one more testcasetb2024-02-021-2/+36
| | | | | This one covers the silly minuses between the hexdump and the ASCII dump when dumping eight bytes per line.
* Add regress coverage for BIO_dump()tb2024-02-022-1/+745
|
* Add a shutdown sequence regress test.jsing2024-01-301-3/+133
| | | | | | | | | | Some software relies on SSL_shutdown() returning 0 (indicating close-notify sent) before returning 1 on a subsequent call (indicating close-notify sent and received). It is worth noting that there is no guarantee that this will occur in normal operation, as the peer could send a close-notify prior to SSL_shutdown() being called. This is currently failing for TLSv1.3.
* Enable for TLSv1.3 now that shutdown behaviour matches the legacy stack.jsing2024-01-271-3/+1
|
* Replace more occurrences of OBJ_NAME_do_all_sorted() withtb2024-01-211-7/+4
| | | | OBJ_NAME_do_all()
* Enable shutdown regress test.jsing2024-01-191-1/+2
|
* Add regress test coverage for SSL_shutdown().jsing2024-01-192-0/+546
| | | | | | | This tests and codifies the behaviour of SSL_shutdown() with respect to SSL_quiet_shutdown() and SSL_set_shutdown(). For now, only the legacy stack (TLSv1.2) is tested, as there are currently some subtle differences with the TLSv1.3 stack.
* ec_point_conversion: zap an empty linetb2024-01-181-2/+1
|
* Run the pkey cleanup test also for {Ed,X}25519tb2024-01-151-1/+3
|
* Switch to EVP_CIPHER_do_all() now that snaps are available on most archestb2024-01-151-5/+3
|
* Remove the evp_pkey_method() testtb2024-01-111-38/+1
| | | | | This is a minimal test for an API that will be removed in a subsequent commit.
* Sprinkle a handfull of missing continuetb2023-12-311-1/+10
|
* Add extended regress coverage for ASN.1 methodstb2023-12-301-1/+147
| | | | | | | | Validate that every alias resolves to a non-alias in one step and that non-aliases have pkey_id == pkey_base_id, an info string and a pem_str. They can be looked up by their pkey_id or pem_str. Conversely, all these are false for aliases.
* Add initial regress for CRYPTO_EX_DATA.jsing2023-12-273-1/+237
|
* Remove engine regress.jsing2023-12-273-264/+1
| | | | | | Engines are no longer a thing. Discussed with tb@
* c2sp: replace openssl 3.0 with 3.2 supporttb2023-12-171-2/+2
|
* Remove the string_table testtb2023-12-152-130/+1
| | | | | | | | If it wasn't for security/xca, all of the ASN1_STRING_TABLE API would hit the attic before long. API design by a trained professional... The table can at least be made immutable, which in turn makes this test entirely pointless.
* rfc3779: remove redundant const.tb2023-12-131-5/+5
| | | | | This is already included in the typedef (yuck) and makes some Windows compilers unhappy.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-21 19:41:31 +0000