History log of /openbsd-src/regress/lib/libssl/ssl/ssltest.c (Results 1 – 25 of 45)
Revision Date Author Comments
# 319de9d2 01-Mar-2024 tb <tb@openbsd.org>

ssltest: drop another use of CRYPTO_mem_leaks()


# 85a409ce 19-Nov-2023 tb <tb@openbsd.org>

Remove last OPENSSL_NO_ENGINE from libssl regress


# 3220613c 15-Aug-2023 tb <tb@openbsd.org>

Avoid memcmp() with NULL pointer and 0 length


# 2287d13a 27-Jul-2023 tb <tb@openbsd.org>

Prepare the ssltest for the upcoming bump

This is a hack. The test is in rather poor shape and it is hard to tell
whether it still does what it is supposed to be doing. Hopefully somemone
will rewri

Prepare the ssltest for the upcoming bump

This is a hack. The test is in rather poor shape and it is hard to tell
whether it still does what it is supposed to be doing. Hopefully somemone
will rewrite this in a style that doesn't make me squeal on opening this
file...

show more ...


# df6ddd9b 04-Jul-2023 tb <tb@openbsd.org>

Plug leak in the ssltest

Removing -tls1 moved some tests from the legacy stack to the TLSv1.3 stack.
On a HRR, the alpn callback would be called twice and allocate the global
twice, thereby leaking.

Plug leak in the ssltest

Removing -tls1 moved some tests from the legacy stack to the TLSv1.3 stack.
On a HRR, the alpn callback would be called twice and allocate the global
twice, thereby leaking. So free it up front.

Joint suffering with bcook and beck

show more ...


# 521ba2f2 02-Jul-2023 beck <beck@openbsd.org>

Disable TLS 1.0 and TLS 1.1 in libssl

Their time has long since past, and they should not be used.
This change restricts ssl to versions 1.2 and 1.3, and changes
the regression tests to understand w

Disable TLS 1.0 and TLS 1.1 in libssl

Their time has long since past, and they should not be used.
This change restricts ssl to versions 1.2 and 1.3, and changes
the regression tests to understand we no longer speak the legacy
protocols.

For the moment the magical "golden" byte for byte comparison
tests of raw handshake values are disabled util jsing fixes them.

ok jsing@ tb@

show more ...


# 664ea9f8 15-Apr-2023 tb <tb@openbsd.org>

ssltest: Drop more policy go from this test.

Hopefully that is all. What an absolutely horrid mess.


# 278a7f17 15-Apr-2023 tb <tb@openbsd.org>

ssltest: initial pass of dropping proxy cert goo


# 039f14fd 02-Feb-2023 anton <anton@openbsd.org>

Sync function prototypes and declarations to satisfy clang 15.

ok jsing@


# c9675a23 26-Nov-2022 tb <tb@openbsd.org>

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_l

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

show more ...


# 517f1d0f 07-Jul-2022 tb <tb@openbsd.org>

Make the ssltest security level aware.

From beck


# 57499507 07-Jul-2022 tb <tb@openbsd.org>

Switch ssltest to using the newly generated certs that use SHA-256 instead
of SHA-1. This helps the switch to security-level aware ssltest.

From jsing


# dd8e321a 21-Nov-2021 tb <tb@openbsd.org>

Prepare ssltest for opaque DH


# 78191710 18-Nov-2021 tb <tb@openbsd.org>

Fix ssltest to work with opaque EVP_PKEY.


# f70a35c1 31-Oct-2021 tb <tb@openbsd.org>

Make this test compile again after the damage done in libcrypto


# b3b86eec 15-Oct-2021 jsing <jsing@openbsd.org>

Pull in ssl_locl.h so that we can keep reaching into libssl internals.


# 09a3e376 13-Oct-2021 tb <tb@openbsd.org>

ssltest.c does not need param.h

From Jonas Termansen


# 5155b370 03-Jul-2021 jsing <jsing@openbsd.org>

Garbage collect do_test_cipherlist().

This code no longer compiles and the equivalent test coverage has been
added to regress/lib/libssl/ciphers (and is actually run).


# bb4517ae 30-Jun-2021 jsing <jsing@openbsd.org>

Disable some code that reaches into libssl internals.

This should be moved to a dedicated regress test.


# 17e2d200 14-Jul-2020 jsing <jsing@openbsd.org>

Add a -tls1_2 option so we can force TLSv1.2 for testing.


# 50ae7695 07-Jul-2020 jsing <jsing@openbsd.org>

Remove temporary RSA keys/callbacks code.

This was removed from libssl a very long time ago...


# e4c7564c 07-Apr-2019 tb <tb@openbsd.org>

exitting -> exiting

From Michael Scovetta, PR #108


# 3938ed1e 11-Nov-2018 bcook <bcook@openbsd.org>

Add automatic threading initialization for libcrypto.

This implements automatic thread support initialization in libcrypto.
This does not remove any functions from the ABI, but does turn them into
n

Add automatic threading initialization for libcrypto.

This implements automatic thread support initialization in libcrypto.
This does not remove any functions from the ABI, but does turn them into
no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are
provided for ramdisks.

This does not implement the new OpenSSL 1.1 thread API internally,
keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library
locking. For -portable, crypto_lock.c can be reimplemented with
OS-specific primitives as needed.

ok beck@, tb@, looks sane guenther@

show more ...


# 06acd9fc 12-Aug-2017 jsing <jsing@openbsd.org>

Remove NPN test coverage.


# b963adf1 04-Mar-2017 jsing <jsing@openbsd.org>

Treat "ERROR in STARTUP" as an actual error, rather than failing without
exiting non-zero (which has been masking a DTLS related issue). Also make
the message consistent with other errors.

Spotted b

Treat "ERROR in STARTUP" as an actual error, rather than failing without
exiting non-zero (which has been masking a DTLS related issue). Also make
the message consistent with other errors.

Spotted by inogochi@

show more ...


12