Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h, openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3 |
|
#
39ed0745 |
| 24-May-2020 |
Bernd Edlinger |
Remove OPENSSL_ia32cap overrides in various test scripts The removed override was: OPENSSL_ia32cap=~0x200000200000000 which disables AESNI codepaths and PCLMULQDQ (useful for ghash).
Remove OPENSSL_ia32cap overrides in various test scripts The removed override was: OPENSSL_ia32cap=~0x200000200000000 which disables AESNI codepaths and PCLMULQDQ (useful for ghash). It is unclear why this was done, but it probably just hides bugs. [extended tests] Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16693)
show more ...
|
#
a28d06f3 |
| 18-Feb-2021 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14235)
|
#
a763ca11 |
| 14-Jan-2021 |
Matt Caswell |
Stop disabling TLSv1.3 if ec and dh are disabled Even if EC and DH are disabled then we may still be able to use TLSv1.3 if we have groups that have been plugged in by an external provid
Stop disabling TLSv1.3 if ec and dh are disabled Even if EC and DH are disabled then we may still be able to use TLSv1.3 if we have groups that have been plugged in by an external provider. Fixes #13767 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13916)
show more ...
|
Revision tags: openssl-3.0.0-alpha2, openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u, OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d, OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s, OpenSSL_1_0_2r, OpenSSL_1_1_1b |
|
#
909f1a2e |
| 06-Dec-2018 |
Richard Levitte |
Following the license change, modify the boilerplates in test/ Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7767)
|
Revision tags: OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a, OpenSSL_1_1_1, OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i, OpenSSL_1_1_1-pre8, OpenSSL_1_1_1-pre7, OpenSSL_1_1_1-pre6, OpenSSL_1_1_1-pre5, OpenSSL_1_1_1-pre4, OpenSSL_1_0_2o, OpenSSL_1_1_0h, OpenSSL_1_1_1-pre3, OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1 |
|
#
6738bf14 |
| 13-Feb-2018 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org>
|
#
c5856878 |
| 17-Jan-2018 |
Richard Levitte |
Enable TLSProxy tests on Windows Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5094)
|
Revision tags: OpenSSL_1_0_2n, OpenSSL_1_0_2m, OpenSSL_1_1_0g, OpenSSL_1_0_2l, OpenSSL_1_1_0f, OpenSSL-fips-2_0_16, OpenSSL_1_1_0e, OpenSSL_1_0_2k, OpenSSL_1_1_0d, OpenSSL-fips-2_0_15, OpenSSL-fips-2_0_14 |
|
#
94ed2c67 |
| 14-Nov-2016 |
Matt Caswell |
Fixed various style issues in the key_share code Numerous style issues as well as references to TLS1_3_VERSION instead of SSL_IS_TLS13(s) Reviewed-by: Rich Salz <rsalz@openssl.o
Fixed various style issues in the key_share code Numerous style issues as well as references to TLS1_3_VERSION instead of SSL_IS_TLS13(s) Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
Revision tags: OpenSSL_1_1_0c |
|
#
0f1e51ea |
| 02-Nov-2016 |
Matt Caswell |
Start using the key_share data to derive the PMS The previous commits put in place the logic to exchange key_share data. We now need to do something with that information. In <= TLSv1.2
Start using the key_share data to derive the PMS The previous commits put in place the logic to exchange key_share data. We now need to do something with that information. In <= TLSv1.2 the equivalent of the key_share extension is the ServerKeyExchange and ClientKeyExchange messages. With key_share those two messages are no longer necessary. The commit removes the SKE and CKE messages from the TLSv1.3 state machine. TLSv1.3 is completely different to TLSv1.2 in the messages that it sends and the transitions that are allowed. Therefore, rather than extend the existing <=TLS1.2 state transition functions, we create a whole new set for TLSv1.3. Intially these are still based on the TLSv1.2 ones, but over time they will be amended. The new TLSv1.3 transitions remove SKE and CKE completely. There's also some cleanup for some stuff which is not relevant to TLSv1.3 and is easy to remove, e.g. the DTLS support (we're not doing DTLSv1.3 yet) and NPN. I also disable EXTMS for TLSv1.3. Using it was causing some added complexity, so rather than fix it I removed it, since eventually it will not be needed anyway. Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
Revision tags: OpenSSL_1_0_2j, OpenSSL_1_1_0b, OpenSSL_1_0_1u, OpenSSL_1_0_2i, OpenSSL_1_1_0a, OpenSSL_1_1_0, OpenSSL_1_1_0-pre6, OpenSSL-fips-2_0_13 |
|
#
b02b5743 |
| 14-Jun-2016 |
Matt Caswell |
Skip the TLSProxy tests if environmental problems are an issue On some platforms we can't startup the TLSProxy due to environmental problems (e.g. network set up on the build machine). T
Skip the TLSProxy tests if environmental problems are an issue On some platforms we can't startup the TLSProxy due to environmental problems (e.g. network set up on the build machine). These aren't OpenSSL problems so we shouldn't treat them as test failures. Just visibly indicate that we are skipping the test. We only skip the first time we attempt to start up the proxy. If that works then everything else should do...if not we should probably investigate and so report as a failure. This also removes test_networking...there is a danger that this turns into a test of user's environmental set up rather than OpenSSL. Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
#
b38c43f7 |
| 03-Jun-2016 |
Richard Levitte |
tests: clean up temporary SSL session files. RT#4557 Reviewed-by: Rich Salz <rsalz@openssl.org>
|
#
b273fcc5 |
| 04-May-2016 |
Matt Caswell |
Fix the no-tls option The TLSProxy based tests don't work when TLS is disabled so we shouldn't run them. Reviewed-by: Richard Levitte <levitte@openssl.org>
|
Revision tags: OpenSSL_1_0_1t, OpenSSL_1_0_2h |
|
#
596d6b7e |
| 22-Apr-2016 |
Rich Salz |
Unified copyright for test recipes Reviewed-by: Richard Levitte <levitte@openssl.org>
|
Revision tags: OpenSSL_1_1_0-pre5 |
|
#
25c78440 |
| 01-Apr-2016 |
Richard Levitte |
Adapt some test recipes to the newer cmdstr() Reviewed-by: Rich Salz <rsalz@openssl.org>
|
#
f9e55034 |
| 21-Mar-2016 |
Matt Caswell |
Fix no-sock Misc fixes for no-sock Reviewed-by: Richard Levitte <levitte@openssl.org>
|
Revision tags: OpenSSL_1_1_0-pre4 |
|
#
a717738b |
| 05-Mar-2016 |
Richard Levitte |
Don't define OPENSSL_ENGINES in test recipes, do it in Makefiles instead In most builds, we can assume that engines live in the build tree subdirectory "engines". This was hard coded in
Don't define OPENSSL_ENGINES in test recipes, do it in Makefiles instead In most builds, we can assume that engines live in the build tree subdirectory "engines". This was hard coded into the tests that use the engine ossltest. However, that hard coding is tedious, it would need to be done in every test recipe, and it's an incorrect assumption in some cases. This change has us play it safe and let the build files tell the testing framework where the engines are. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
show more ...
|
#
5427976d |
| 15-Mar-2016 |
Matt Caswell |
Fix a TLSProxy race condition TLSProxy starts s_server and specifies the number of client connects it should expect. After that s_server is supposed to close down automatically. Howe
Fix a TLSProxy race condition TLSProxy starts s_server and specifies the number of client connects it should expect. After that s_server is supposed to close down automatically. However, if another test is then run then TLSProxy will start a new instance of s_server. If the previous instance hasn't closed down yet then the new instance can fail to bind to the socket. Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
#
2d32d3be |
| 05-Mar-2016 |
Richard Levitte |
Don't run the TLSProxy based tests in native Windows There are issues binding listening ports. This may be analyzed more thoroughly later on. Reviewed-by: Rich Salz <rsalz@open
Don't run the TLSProxy based tests in native Windows There are issues binding listening ports. This may be analyzed more thoroughly later on. Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
Revision tags: OpenSSL_1_0_1s, OpenSSL_1_0_2g |
|
#
b6453a68 |
| 26-Feb-2016 |
FdaSilvaYY |
GH753: More spelling fix Signed-off-by: Rich Salz <rsalz@akamai.com> Reviewed-by: Kurt Roeckx <kurt@openssl.org>
|
#
19ab5790 |
| 22-Feb-2016 |
Richard Levitte |
Use $disabled{"dynamic-engine"} internally We were kinda sorta using a mix of $disabled{"static-engine" and $disabled{"dynamic-engine"} in Configure. Let's avoid confusion, choose o
Use $disabled{"dynamic-engine"} internally We were kinda sorta using a mix of $disabled{"static-engine" and $disabled{"dynamic-engine"} in Configure. Let's avoid confusion, choose one of them and stick to it. Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
#
2dd400bd |
| 19-Feb-2016 |
Richard Levitte |
Run the TLSProxy based tests as long as dynamic engines are built. They depend on this feature because they use the engine ossltest, which is only available as a dynamic engine.
Run the TLSProxy based tests as long as dynamic engines are built. They depend on this feature because they use the engine ossltest, which is only available as a dynamic engine. Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
#
aa474d1f |
| 19-Feb-2016 |
Emilia Kasper |
TLS: reject duplicate extensions Adapted from BoringSSL. Added a test. The extension parsing code is already attempting to already handle this for some individual extensions, bu
TLS: reject duplicate extensions Adapted from BoringSSL. Added a test. The extension parsing code is already attempting to already handle this for some individual extensions, but it is doing so inconsistently. Duplicate efforts in individual extension parsing will be cleaned up in a follow-up. Reviewed-by: Stephen Henson <steve@openssl.org>
show more ...
|
Revision tags: OpenSSL_1_1_0-pre3, OpenSSL-fips-2_0_12 |
|
#
b44b935e |
| 12-Feb-2016 |
Richard Levitte |
Let all TLSProxy based tests display debug text conditionally If the environment variable HARNESS_ACTIVE isn't defined or HARNESS_VERBOSE is defined, it's probable that lots of output is
Let all TLSProxy based tests display debug text conditionally If the environment variable HARNESS_ACTIVE isn't defined or HARNESS_VERBOSE is defined, it's probable that lots of output is desired. Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
#
42e0ccdf |
| 30-Jan-2016 |
Richard Levitte |
unified build scheme: adjust test framework for out of source build tree To be able to run tests when we've built in a directory other than the source tree, the testing framework needs a
unified build scheme: adjust test framework for out of source build tree To be able to run tests when we've built in a directory other than the source tree, the testing framework needs a few adjustments. test/testlib/OpenSSL/Test.pm needs to know where it can find shlib_wrap.sh, and a number of other tests need to be told a different place to find engines than what they may be able to figure out on their own. Relying to $TOP is not enough, $SRCTOP and $BLDTOP can be used as an alternative. As part of this change, top_file and top_dir are removed and srctop_file, bldtop_file, srctop_dir and bldtop_dir take their place. Reviewed-by: Ben Laurie <ben@openssl.org>
show more ...
|
Revision tags: OpenSSL_1_0_1r, OpenSSL_1_0_2f |
|
#
90d48e5e |
| 26-Jan-2016 |
Richard Levitte |
Use the new OpenSSL::Test::Utils routines. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
|
#
83365051 |
| 25-Jan-2016 |
Richard Levitte |
Make tests use configdata.pm rather than parsing Makefile Reviewed-by: Rich Salz <rsalz@openssl.org>
|