summaryrefslogtreecommitdiff
path: root/src/regress (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Add regress coverage for BN_bn2mpi()/BN_mpi2bn().jsing2024-04-091-6/+123
|
* Make ASN1_TIME_set_string_X509 and ASN1_TIME_set_string match the man pagebeck2024-04-082-13/+46
| | | | | | | | | | | This makes it where people can't put dumb values in certs without trying harder, and changes the regress to test this. GENERALIZED times outside of the RFC5280 spec are required for OCSP but these should be constructed with the GENERALIZED time string setters. ok tb@
* Initialize quic_method in tlsexttesttb2024-03-301-3/+3
| | | | | | | This is only there to pretend a quic method was set on the SSL, but apparently some compilers warn about an uninitialized variable. from Christian Andersen
* Replace silly test1_exit() with exit()tb2024-03-301-21/+15
| | | | | | Appeases some compiler. from Christian Andersen
* Remove call to lh_FUNCTION_free()tb2024-03-301-3/+1
| | | | | | This is a wrapper around lh_free() which is already tested. From Christian Andersen
* Do multiple padding add/check iterations.jsing2024-03-301-24/+34
| | | | | This increases the chance of triggering bugs due to input and/or randomised padding.
* Add initial regress for RSA padding.jsing2024-03-302-2/+328
|
* Tidy indentation.jsing2024-03-302-8/+8
| | | | Requested by tb@
* Remove -app2_1 flags being passed to dsa and rsa regress.jsing2024-03-302-14/+2
| | | | Nothing does flag handling in these tests.
* Add table-driven Whirlpool testsjoshua2024-03-293-1/+251
| | | | ok tb
* Add regress coverage for EdDSA in CMStb2024-03-291-6/+42
|
* Remove CMS special now that we do not depend on pem.h being included first.jsing2024-03-291-2/+1
|
* Nuke more gostbeck2024-03-282-0/+0
|
* Nuke more leftover GOST tendrils.beck2024-03-283-1497/+1
| | | | ok tb@
* Fix coverity complaints.beck2024-03-281-4/+6
|
* fix leaks in the horrible ssl whackery necessary for this test.beck2024-03-271-4/+5
| | | | ok tb@
* Fix up server processing of key shares.beck2024-03-271-5/+96
| | | | | | | | | | | | | | | | | | | Ensure that the client can not provide a duplicate key share for any group, or send more key shares than groups they support. Ensure that the key shares must be provided in the same order as the client preference order specified in supported_groups. Ensure we only will choose to use a key share that is for the most preferred group by the client that we also support, to avoid the client being downgraded by sending a less preferred key share. If we do not end up with a key share for the most preferred mutually supported group, will then do a hello retry request selecting that group. Add regress for this to regress/tlsext/tlsexttest.c ok jsing@
* Fix expected client hello value to allow for supported_groups change.beck2024-03-261-4/+4
| | | | ok jsing@
* Disable client handshake test for now for pending changes.beck2024-03-261-2/+3
| | | | ok jsing@
* Codify more insane CRYPTO_EX_DATA API.jsing2024-03-251-9/+59
| | | | | | The current CRYPTO_EX_DATA implementation allows for data to be set without calling new, indexes can be used without allocation, new can be called without getting an index and dup can be called after new or without calling new.
* Revise for TLS extension parsing/processing changes.jsing2024-03-251-108/+42
|
* Revise TLS extension regress for parse/process changes.jsing2024-03-251-43/+108
|
* Add tests for EVP_get_cipherbyname(NULL) and EVP_get_digestbyname(NULL)jca2024-03-241-1/+25
| | | | Requested by and ok tb@
* Remove now unused certificates (which are also soon to expire).jsing2024-03-213-147/+0
|
* Use the new certificates/chains in regress.jsing2024-03-209-32/+33
| | | | | | | | | | The new certificates are more representative of the real world. The old certificates use weak algorithms and expire in the very near future. Most of our regress has already been switched over, this changes the remainder. Thanks to Bernhard M. Wiedemann for reminding us of the upcoming expiry. ok tb@
* Ugly workaround to let this compile again on non-clang platforms.miod2024-03-051-1/+9
|
* Reinstate a test that was accidentally removed in previoustb2024-03-031-1/+7
|
* Unhook some gost teststb2024-03-021-121/+1
|
* Remove the ciphers_by_values_test()tb2024-03-011-56/+0
|
* exporter: use the atrocious SSL_CIPHER_find() rather than get_by_id()tb2024-03-011-2/+5
|
* ssltest: drop another use of CRYPTO_mem_leaks()tb2024-03-011-2/+1
|
* Detect OPENSSL_NO_GOST correctlytb2024-02-291-1/+2
|
* CRYPTO_mem_leaks* will go away. Remove calls in legacy teststb2024-02-293-6/+3
|
* Link x509_algor test statically and switch to the internaltb2024-02-292-9/+18
| | | | X509_ALGOR_set0_evp_md()
* OBJ_NAME_TYPE_PKEY_METH is no longer supportedtb2024-02-291-5/+1
|
* Stop testing EVP_PKEY_GOST{IMIT,R01}tb2024-02-291-3/+1
|
* Prepare freenull test for GOST removaltb2024-02-291-1/+3
|
* asn1time: remove some debugging codetb2024-02-181-3/+1
|
* Tweak previoustb2024-02-181-7/+6
|
* Adjust regress test for memset() requested by jsing on reviewtb2024-02-181-4/+18
|
* Add regress coverage for the new APItb2024-02-182-2/+197
| | | | | This exercises the new API, in particular with respect to overflow behavior around the years 0/9999, which are special for GeneralizedTime/X.509.
* bio_dump: add a test that prints all values of a single bytetb2024-02-091-1/+59
|
* Cope with recent ctype.h prefix changes.anton2024-02-051-5/+5
|
* More missing voidtb2024-02-041-3/+3
| | | | From Christian Andersen
* Fix asn1_integer_null_data_test()tb2024-02-041-2/+2
| | | | | | | The failed variable was erroneously initialized to 0, making this test always pass. From Christian Andersen, thanks!
* Remove GOST and STREEBOG support from libssl.beck2024-02-034-189/+115
| | | | | | | | | | | | | | | | | | This version of GOST is old and not anywhere close to compliant with modern GOST standards. It is also very intrusive in libssl and makes a mess everywhere. Efforts to entice a suitably minded anyone to care about it have been unsuccessful. At this point it is probably best to remove this, and if someone ever showed up who truly needed a working version, it should be a clean implementation from scratch, and have it use something closer to the typical API in libcrypto so it would integrate less painfully here. This removes it from libssl in preparation for it's removal from libcrypto with a future major bump ok tb@
* bio_dump: fix indenttb2024-02-021-32/+32
|
* bio_dump: add one more testcasetb2024-02-021-2/+36
| | | | | This one covers the silly minuses between the hexdump and the ASCII dump when dumping eight bytes per line.
* Add regress coverage for BIO_dump()tb2024-02-022-1/+745
|
* Add a shutdown sequence regress test.jsing2024-01-301-3/+133
| | | | | | | | | | Some software relies on SSL_shutdown() returning 0 (indicating close-notify sent) before returning 1 on a subsequent call (indicating close-notify sent and received). It is worth noting that there is no guarantee that this will occur in normal operation, as the peer could send a close-notify prior to SSL_shutdown() being called. This is currently failing for TLSv1.3.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-13 21:51:09 +0000