|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h, openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3 |
|
| #
39ed0745 |
| 24-May-2020 |
Bernd Edlinger |
Remove OPENSSL_ia32cap overrides in various test scripts
The removed override was: OPENSSL_ia32cap=~0x200000200000000
which disables AESNI codepaths and PCLMULQDQ (useful for ghash).
Remove OPENSSL_ia32cap overrides in various test scripts
The removed override was: OPENSSL_ia32cap=~0x200000200000000
which disables AESNI codepaths and PCLMULQDQ (useful for ghash).
It is unclear why this was done, but it probably just hides bugs.
[extended tests]
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16693)
show more ...
|
| #
54b40531 |
| 29-Jul-2021 |
Matt Caswell |
Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16176)
|
| #
a0430488 |
| 18-Jun-2021 |
Pauli |
test: replace tabs with spaces in test recipes
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/
test: replace tabs with spaces in test recipes
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15824)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha2, openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u, OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d, OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s, OpenSSL_1_0_2r, OpenSSL_1_1_1b |
|
| #
909f1a2e |
| 06-Dec-2018 |
Richard Levitte |
Following the license change, modify the boilerplates in test/
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7767)
|
|
Revision tags: OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a, OpenSSL_1_1_1, OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i, OpenSSL_1_1_1-pre8, OpenSSL_1_1_1-pre7, OpenSSL_1_1_1-pre6, OpenSSL_1_1_1-pre5, OpenSSL_1_1_1-pre4, OpenSSL_1_0_2o, OpenSSL_1_1_0h, OpenSSL_1_1_1-pre3, OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1 |
|
| #
6738bf14 |
| 13-Feb-2018 |
Matt Caswell |
Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| #
c5856878 |
| 17-Jan-2018 |
Richard Levitte |
Enable TLSProxy tests on Windows
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5094)
|
|
Revision tags: OpenSSL_1_0_2n, OpenSSL_1_0_2m, OpenSSL_1_1_0g, OpenSSL_1_0_2l, OpenSSL_1_1_0f, OpenSSL-fips-2_0_16 |
|
| #
d7345822 |
| 03-Mar-2017 |
Bernd Edlinger |
Reset executable bits on files where not needed.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/opens
Reset executable bits on files where not needed.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2835)
show more ...
|
|
Revision tags: OpenSSL_1_1_0e, OpenSSL_1_0_2k, OpenSSL_1_1_0d, OpenSSL-fips-2_0_15, OpenSSL-fips-2_0_14, OpenSSL_1_1_0c |
|
| #
9362c93e |
| 08-Nov-2016 |
Matt Caswell |
Remove old style NewSessionTicket from TLSv1.3
TLSv1.3 has a NewSessionTicket message, but it is *completely* different to
the TLSv1.2 one and may as well have been called something else
Remove old style NewSessionTicket from TLSv1.3
TLSv1.3 has a NewSessionTicket message, but it is *completely* different to
the TLSv1.2 one and may as well have been called something else. This commit
removes the old style NewSessionTicket from TLSv1.3. We will have to add the
new style one back in later.
Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
| #
0f1e51ea |
| 02-Nov-2016 |
Matt Caswell |
Start using the key_share data to derive the PMS
The previous commits put in place the logic to exchange key_share data. We
now need to do something with that information. In <= TLSv1.2
Start using the key_share data to derive the PMS
The previous commits put in place the logic to exchange key_share data. We
now need to do something with that information. In <= TLSv1.2 the equivalent
of the key_share extension is the ServerKeyExchange and ClientKeyExchange
messages. With key_share those two messages are no longer necessary.
The commit removes the SKE and CKE messages from the TLSv1.3 state machine.
TLSv1.3 is completely different to TLSv1.2 in the messages that it sends
and the transitions that are allowed. Therefore, rather than extend the
existing <=TLS1.2 state transition functions, we create a whole new set for
TLSv1.3. Intially these are still based on the TLSv1.2 ones, but over time
they will be amended.
The new TLSv1.3 transitions remove SKE and CKE completely. There's also some
cleanup for some stuff which is not relevant to TLSv1.3 and is easy to
remove, e.g. the DTLS support (we're not doing DTLSv1.3 yet) and NPN.
I also disable EXTMS for TLSv1.3. Using it was causing some added
complexity, so rather than fix it I removed it, since eventually it will not
be needed anyway.
Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
|
Revision tags: OpenSSL_1_0_2j, OpenSSL_1_1_0b, OpenSSL_1_0_1u, OpenSSL_1_0_2i, OpenSSL_1_1_0a, OpenSSL_1_1_0, OpenSSL_1_1_0-pre6, OpenSSL-fips-2_0_13 |
|
| #
b02b5743 |
| 14-Jun-2016 |
Matt Caswell |
Skip the TLSProxy tests if environmental problems are an issue
On some platforms we can't startup the TLSProxy due to environmental
problems (e.g. network set up on the build machine). T
Skip the TLSProxy tests if environmental problems are an issue
On some platforms we can't startup the TLSProxy due to environmental
problems (e.g. network set up on the build machine). These aren't OpenSSL
problems so we shouldn't treat them as test failures. Just visibly
indicate that we are skipping the test.
We only skip the first time we attempt to start up the proxy. If that works
then everything else should do...if not we should probably investigate and
so report as a failure.
This also removes test_networking...there is a danger that this turns into
a test of user's environmental set up rather than OpenSSL.
Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
| #
b38c43f7 |
| 03-Jun-2016 |
Richard Levitte |
tests: clean up temporary SSL session files.
RT#4557
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| #
5f726759 |
| 11-May-2016 |
Matt Caswell |
Add some additional NewSessionTicket tests
If the server does not send a session ticket extension, it should not then
send the NewSessionTicket message.
If the server sends the
Add some additional NewSessionTicket tests
If the server does not send a session ticket extension, it should not then
send the NewSessionTicket message.
If the server sends the session ticket extension, it MUST then send the
NewSessionTicket message.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
show more ...
|
| #
b273fcc5 |
| 04-May-2016 |
Matt Caswell |
Fix the no-tls option
The TLSProxy based tests don't work when TLS is disabled so we shouldn't
run them.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Revision tags: OpenSSL_1_0_1t, OpenSSL_1_0_2h |
|
| #
596d6b7e |
| 22-Apr-2016 |
Rich Salz |
Unified copyright for test recipes
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Revision tags: OpenSSL_1_1_0-pre5 |
|
| #
25c78440 |
| 01-Apr-2016 |
Richard Levitte |
Adapt some test recipes to the newer cmdstr()
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
| #
f9e55034 |
| 21-Mar-2016 |
Matt Caswell |
Fix no-sock
Misc fixes for no-sock
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Revision tags: OpenSSL_1_1_0-pre4 |
|
| #
a717738b |
| 05-Mar-2016 |
Richard Levitte |
Don't define OPENSSL_ENGINES in test recipes, do it in Makefiles instead
In most builds, we can assume that engines live in the build tree
subdirectory "engines". This was hard coded in
Don't define OPENSSL_ENGINES in test recipes, do it in Makefiles instead
In most builds, we can assume that engines live in the build tree
subdirectory "engines". This was hard coded into the tests that use
the engine ossltest.
However, that hard coding is tedious, it would need to be done in
every test recipe, and it's an incorrect assumption in some cases.
This change has us play it safe and let the build files tell the
testing framework where the engines are.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
show more ...
|
| #
5427976d |
| 15-Mar-2016 |
Matt Caswell |
Fix a TLSProxy race condition
TLSProxy starts s_server and specifies the number of client connects
it should expect. After that s_server is supposed to close down
automatically. Howe
Fix a TLSProxy race condition
TLSProxy starts s_server and specifies the number of client connects
it should expect. After that s_server is supposed to close down
automatically. However, if another test is then run then TLSProxy
will start a new instance of s_server. If the previous instance
hasn't closed down yet then the new instance can fail to bind to
the socket.
Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
| #
2d32d3be |
| 05-Mar-2016 |
Richard Levitte |
Don't run the TLSProxy based tests in native Windows
There are issues binding listening ports. This may be analyzed more
thoroughly later on.
Reviewed-by: Rich Salz <rsalz@open
Don't run the TLSProxy based tests in native Windows
There are issues binding listening ports. This may be analyzed more
thoroughly later on.
Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
|
Revision tags: OpenSSL_1_0_1s, OpenSSL_1_0_2g |
|
| #
19ab5790 |
| 22-Feb-2016 |
Richard Levitte |
Use $disabled{"dynamic-engine"} internally
We were kinda sorta using a mix of $disabled{"static-engine" and
$disabled{"dynamic-engine"} in Configure. Let's avoid confusion,
choose o
Use $disabled{"dynamic-engine"} internally
We were kinda sorta using a mix of $disabled{"static-engine" and
$disabled{"dynamic-engine"} in Configure. Let's avoid confusion,
choose one of them and stick to it.
Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
| #
2dd400bd |
| 19-Feb-2016 |
Richard Levitte |
Run the TLSProxy based tests as long as dynamic engines are built.
They depend on this feature because they use the engine ossltest,
which is only available as a dynamic engine.
Run the TLSProxy based tests as long as dynamic engines are built.
They depend on this feature because they use the engine ossltest,
which is only available as a dynamic engine.
Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
| #
aa474d1f |
| 19-Feb-2016 |
Emilia Kasper |
TLS: reject duplicate extensions
Adapted from BoringSSL. Added a test.
The extension parsing code is already attempting to already handle this for
some individual extensions, bu
TLS: reject duplicate extensions
Adapted from BoringSSL. Added a test.
The extension parsing code is already attempting to already handle this for
some individual extensions, but it is doing so inconsistently. Duplicate
efforts in individual extension parsing will be cleaned up in a follow-up.
Reviewed-by: Stephen Henson <steve@openssl.org>
show more ...
|
|
Revision tags: OpenSSL_1_1_0-pre3, OpenSSL-fips-2_0_12 |
|
| #
b44b935e |
| 12-Feb-2016 |
Richard Levitte |
Let all TLSProxy based tests display debug text conditionally
If the environment variable HARNESS_ACTIVE isn't defined or
HARNESS_VERBOSE is defined, it's probable that lots of output is
Let all TLSProxy based tests display debug text conditionally
If the environment variable HARNESS_ACTIVE isn't defined or
HARNESS_VERBOSE is defined, it's probable that lots of output is
desired.
Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
| #
42e0ccdf |
| 30-Jan-2016 |
Richard Levitte |
unified build scheme: adjust test framework for out of source build tree
To be able to run tests when we've built in a directory other than
the source tree, the testing framework needs a
unified build scheme: adjust test framework for out of source build tree
To be able to run tests when we've built in a directory other than
the source tree, the testing framework needs a few adjustments.
test/testlib/OpenSSL/Test.pm needs to know where it can find
shlib_wrap.sh, and a number of other tests need to be told a different
place to find engines than what they may be able to figure out on
their own. Relying to $TOP is not enough, $SRCTOP and $BLDTOP can be
used as an alternative.
As part of this change, top_file and top_dir are removed and
srctop_file, bldtop_file, srctop_dir and bldtop_dir take their place.
Reviewed-by: Ben Laurie <ben@openssl.org>
show more ...
|
|
Revision tags: OpenSSL_1_0_1r, OpenSSL_1_0_2f |
|
| #
90d48e5e |
| 26-Jan-2016 |
Richard Levitte |
Use the new OpenSSL::Test::Utils routines.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
|
