summaryrefslogtreecommitdiff
path: root/src/regress (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Rename variables for key, csr, pass, certinoguchi2020-05-181-85/+85
|
* Add GOST certificate test in appstest.shinoguchi2020-05-171-26/+107
| | | | Enabled by -g option, and default to disabled (RSA certificate is used)
* Suppress display output and reduce s_time to 1 sec in appstest.shinoguchi2020-05-171-28/+38
|
* Fix server client test with TLSv1.3 in appstest.shinoguchi2020-05-171-20/+27
|
* Factor out session reuse test and verification testinoguchi2020-05-151-56/+74
|
* Factor out the test for all available ciphers and add TLSv1.3 caseinoguchi2020-05-151-46/+61
|
* Add ECDSA certificate test in appstest.shinoguchi2020-05-151-8/+71
| | | | Enabled by -e option, and default to disabled (RSA certificate is used)
* go fmt whitespace nittb2020-05-141-3/+3
|
* reinstate an error check that was commented out while waiting for armtb2020-05-141-5/+4
| | | | packages to appear
* move a #define after the last #include linetb2020-05-141-3/+3
|
* Skip protocol version message check in appstest.shinoguchi2020-05-141-10/+15
| | | | | - OpenSSL1.1.1 with TLSv1.3 does not call SSL_SESSION_print() until NewSessionTicket arrival - Shorten function name
* Factor out the protocol version test in appstest.shinoguchi2020-05-141-49/+26
| | | | OTHER_OPENSSL default to eopenssl11
* Add TLS versioning tests.jsing2020-05-131-2/+96
| | | | | This ensures that a TLSv1.0, TLSv1.1, TLSv1.2 or TLSv1.3 client can talk with an appropriately configured server and vice versa.
* Revise regress for TLSv1.3 server being enabled.jsing2020-05-114-14/+17
|
* Use tls_legacy_server_method() for SSLv2 record tests.jsing2020-05-112-5/+7
|
* Revise regress now that record overflows are propagated.jsing2020-05-111-2/+2
|
* Use a larger (2048 bit) RSA test key.jsing2020-05-041-1/+63
| | | | Otherwise we fail to do PSS signatures since the key size is too small.
* Fix out-of-bounds access in tables[][] that was exposed in bluhm'stb2020-05-041-6/+8
| | | | | | regress on i386 after inoguchi moved some symbols to const. ok inoguchi jsing deraadt
* Fix two bugs in the AES-CBC-PKCS5 tests that didn't hide failing tests:tb2020-04-271-3/+3
| | | | | 1. Use the correct slice for comparing the cipher output 2. Fix logic error similar to the one in AES-GCM in the previous commit
* Fix a logic error that hid the failing ZeroLengthIv tests.tb2020-04-271-3/+3
| | | | This issue was fixed in lib/libcrypto/evp/e_aes.c r1.40.
* Revise regress to match state transition changes.jsing2020-04-221-11/+13
|
* Update key share regress to match previous change.jsing2020-04-171-4/+4
|
* Revise test to handle the fact that TLSv1.3 cipher suites are now beingjsing2020-04-091-2/+4
| | | | included in the output from `openssl ciphers`.
* Test both SSLv3 (aka pre-TLSv1.2) and TLSv1.2 cipher suites with TLS.jsing2020-04-091-1/+1
|
* Re-enable the client test now that it passes again.jsing2020-04-061-2/+2
|
* Minor code improvements.jsing2020-04-061-3/+3
|
* Add tests that cover TLSv1.2 and disable those that trigger TLSv1.3.jsing2020-04-061-3/+32
| | | | This allows the test to pass again.
* Zero the client random field in the TLSv1.2 golden value.jsing2020-04-061-5/+5
|
* Improve comparision with test data.jsing2020-04-061-7/+9
| | | | | | First check the client random against the zeroed value, then zero the client random in the client hello, before comparing with the golden value. This makes failures more obvious and the test code more readable.
* Dump the test data when the lengths differ in order to aid debugging.jsing2020-04-061-0/+3
|
* Use errx() if we fail to build the client hello.jsing2020-04-061-1/+1
|
* Add a test program for getopt(3) that is adequate for manual testingschwarze2020-03-234-2/+174
| | | | | | | | and a compact test suite for getopt(3) intended automated regression testing, both written from scratch. The suite is intended to provide full coverage, except that it doesn't test manual changes of optind and optreset and except that it so far avoids the situation where we have a known bug.
* Adapt to tls13_record_layer.c r1.30 (the sequence number shouldn't wrap).tb2020-03-161-2/+2
|
* Increment a few more sequence numbers where the carry is close totb2020-03-131-1/+41
| | | | crossing a byte boundary.
* Add regress for TLSv1.3 sequence number handling.jsing2020-03-133-1/+135
|
* Add missing $OpenBSD$ tag.jsing2020-03-131-0/+1
|
* Add regress for CBB_add_space().jsing2020-03-131-1/+41
|
* Update to follow handshake enum removal.jsing2020-03-101-7/+1
|
* Import openssl-1.1.1d test data to base64test.cinoguchi2020-03-101-1/+97
| | | | ok bcook@ tb@
* Modify regress base64test.cinoguchi2020-03-101-11/+14
| | | | | | | | | | | | | | | | | | | | | | | - Don't remove multi line CR/LF from bt->out when NL mode base64_encoding_test removes CR/LF from bt->out to compare with the encoding result. This is fine with NO NL mode, but it goes wrong with NL mode if encoding result is larger than 64 and multi line, like below. "eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4\neHh4eHh4eHh4eHh4\n" - Use memcpy instead of asprintf to avoid lost '\0' at the end of data This test data loses trailing '\0' if using asprintf. "\x61\x47\x56\x73\x62\x47\x38\x3d\x0a\x00" - Print original data if decoding result comparison fails This change is not for importing test data, but I just notice. It prints bt->out if fail to memcmp bt->in with decoding result. ok bcook@ tb@
* cstyle in illumos noticed some weird syntax, which this fixes.dlg2020-03-091-4/+4
| | | | | | | | | | | | | | | | | | | some errx lines in if statements were terminated with commas, which caused the following statement to be considered part of the error handling. while it is bad style, ingo points out it was also a bug which which caused some tests in the code to be skipped. this reminds me of a haiku that Chris Pascoe (cpascoe@) had behind his desk: Also, that comma Should be a semi-colon. Cherry blossoms fall. this was found by Robert Mustacchi when porting the tests to illumos. ok schwarze@ stsp@ thank you robert.
* Update protocol version test to include TLSv1.3.jsing2020-02-162-0/+3
|
* no need to declare "extern optarg" and "extern optind"schwarze2020-02-143-9/+3
| | | | | | when <unistd.h> is included; patch from Jan Stary <hans at stare dot cz>; OK millert
* Reset the key share so that we do not have an existing peer public key.jsing2020-02-051-1/+7
|
* Add missing new line to printf. Make clean should not require SUDO.bluhm2020-02-022-7/+5
|
* Tweak regress to match change made to tls13_key_share_peer_public().jsing2020-02-011-2/+1
|
* Revise for TLSv1.3 key share changes.jsing2020-01-301-8/+27
|
* Enable t_ptrace with an errno change compared to NetBSD.mpi2020-01-304-19/+31
| | | | | | | | Note that the last test triggers a kernel bug related to waitpid(9) and ptraced processes. This is now visible thanks to recent make(1) changes. guenther@ suggests to look at the logic behind `p_orphan' in FreeBSD to fix this bug.
* Some of the test vectors that were added in the upstream committb2020-01-271-7/+9
| | | | | 4672ff74d68766e7785c2cac4c597effccef2c5c have a zero byte prepended. Run the secp224k1 ECDH tests and adjust this if needed.
* Restrict to use up to TLSv1.2 for test_server_client in appstest.shinoguchi2020-01-261-7/+7
| | | | Currently, only s_client has TLSv1.3 and s_server does not.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 02:50:53 +0000