#
1.45 |
|
01-Mar-2024 |
tb |
ssltest: drop another use of CRYPTO_mem_leaks()
|
#
1.44 |
|
19-Nov-2023 |
tb |
Remove last OPENSSL_NO_ENGINE from libssl regress
|
Revision tags: OPENBSD_7_4_BASE
|
#
1.43 |
|
15-Aug-2023 |
tb |
Avoid memcmp() with NULL pointer and 0 length
|
#
1.42 |
|
27-Jul-2023 |
tb |
Prepare the ssltest for the upcoming bump
This is a hack. The test is in rather poor shape and it is hard to tell whether it still does what it is supposed to be doing. Hopefully somemone will rewrite this in a style that doesn't make me squeal on opening this file...
|
#
1.41 |
|
04-Jul-2023 |
tb |
Plug leak in the ssltest
Removing -tls1 moved some tests from the legacy stack to the TLSv1.3 stack. On a HRR, the alpn callback would be called twice and allocate the global twice, thereby leaking. So free it up front.
Joint suffering with bcook and beck
|
#
1.40 |
|
02-Jul-2023 |
beck |
Disable TLS 1.0 and TLS 1.1 in libssl
Their time has long since past, and they should not be used. This change restricts ssl to versions 1.2 and 1.3, and changes the regression tests to understand we no longer speak the legacy protocols.
For the moment the magical "golden" byte for byte comparison tests of raw handshake values are disabled util jsing fixes them.
ok jsing@ tb@
|
#
1.39 |
|
15-Apr-2023 |
tb |
ssltest: Drop more policy go from this test.
Hopefully that is all. What an absolutely horrid mess.
|
#
1.38 |
|
15-Apr-2023 |
tb |
ssltest: initial pass of dropping proxy cert goo
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.37 |
|
02-Feb-2023 |
anton |
Sync function prototypes and declarations to satisfy clang 15.
ok jsing@
|
#
1.36 |
|
26-Nov-2022 |
tb |
Make internal header file names consistent
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually.
discussed with jsing, no objection bcook
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.35 |
|
07-Jul-2022 |
tb |
Make the ssltest security level aware.
From beck
|
#
1.34 |
|
07-Jul-2022 |
tb |
Switch ssltest to using the newly generated certs that use SHA-256 instead of SHA-1. This helps the switch to security-level aware ssltest.
From jsing
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.33 |
|
21-Nov-2021 |
tb |
Prepare ssltest for opaque DH
|
#
1.32 |
|
18-Nov-2021 |
tb |
Fix ssltest to work with opaque EVP_PKEY.
|
#
1.31 |
|
31-Oct-2021 |
tb |
Make this test compile again after the damage done in libcrypto
|
#
1.30 |
|
15-Oct-2021 |
jsing |
Pull in ssl_locl.h so that we can keep reaching into libssl internals.
|
#
1.29 |
|
13-Oct-2021 |
tb |
ssltest.c does not need param.h
From Jonas Termansen
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.28 |
|
03-Jul-2021 |
jsing |
Garbage collect do_test_cipherlist().
This code no longer compiles and the equivalent test coverage has been added to regress/lib/libssl/ciphers (and is actually run).
|
#
1.27 |
|
30-Jun-2021 |
jsing |
Disable some code that reaches into libssl internals.
This should be moved to a dedicated regress test.
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.26 |
|
14-Jul-2020 |
jsing |
Add a -tls1_2 option so we can force TLSv1.2 for testing.
|
#
1.25 |
|
07-Jul-2020 |
jsing |
Remove temporary RSA keys/callbacks code.
This was removed from libssl a very long time ago...
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.24 |
|
07-Apr-2019 |
tb |
exitting -> exiting
From Michael Scovetta, PR #108
|
#
1.23 |
|
11-Nov-2018 |
bcook |
Add automatic threading initialization for libcrypto.
This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks.
This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed.
ok beck@, tb@, looks sane guenther@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.22 |
|
12-Aug-2017 |
jsing |
Remove NPN test coverage.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.21 |
|
04-Mar-2017 |
jsing |
Treat "ERROR in STARTUP" as an actual error, rather than failing without exiting non-zero (which has been masking a DTLS related issue). Also make the message consistent with other errors.
Spotted by inogochi@
|
#
1.20 |
|
04-Mar-2017 |
jsing |
Remove commented out code and fix indentation of surrounding statements.
|
#
1.19 |
|
04-Mar-2017 |
jsing |
Remove handling for SSLv2.
|
#
1.18 |
|
24-Jan-2017 |
jsing |
Use prime256v1 for tests unless otherwise specified.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
13-Sep-2015 |
bcook |
remove e_os2.h includes ok jsing@
|
#
1.16 |
|
27-Aug-2015 |
doug |
Remove SSLv3 support from LibreSSL regression tests.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.15 |
|
08-Mar-2015 |
miod |
Reject DH keys sent by a server if they are considered too small; inspired by a similar BoringSSL change, but raising the limit to 1024 bits. ok jsing@ markus@ guenther@ deraadt@
|
#
1.14 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.13 |
|
10-Dec-2014 |
jsing |
Add regress for ALPN.
Based on OpenSSL.
|
#
1.12 |
|
06-Dec-2014 |
jsing |
The -ssl2 flag does nothing - remove the flag and any tests that were using it.
|
#
1.11 |
|
13-Oct-2014 |
jsing |
Remove _XOPEN_SOURCE_EXTENDED since we're not too concerned about gethostname being declared properly on Compaq platforms that use DEC C...
|
#
1.10 |
|
13-Oct-2014 |
jsing |
BIO_free() and SSL_CTX_free() have explicit NULL checks, so there is no need to have additional checks here.
|
#
1.9 |
|
13-Oct-2014 |
jsing |
Add NPN regress tests from OpenSSL. However, unlike OpenSSL, actually exit with a failure if the NPN verification fails.
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.8 |
|
12-Jul-2014 |
jsing |
More KNF.
|
#
1.7 |
|
12-Jul-2014 |
jsing |
Remove #ifndefs for OPENSSL_NO_DH, OPENSSL_NO_ECDH and OPENSSL_NO_X509_VERIFY. We're not going to build with these and the same removal has already been done for libssl.
|
#
1.6 |
|
11-Jul-2014 |
jsing |
Remove PSK from the ssl regress.
|
#
1.5 |
|
10-Jul-2014 |
jsing |
Uncompress ssltest.
|
#
1.4 |
|
21-Jun-2014 |
jsing |
Add DTLS support to ssltest and wire up some regress tests.
ok miod@
|
#
1.3 |
|
13-Jun-2014 |
miod |
Remove support for the `opaque PRF input' extension, which draft has expired 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major.
With help and enlightenment from Brendan MacDonell.
|
#
1.2 |
|
01-Jun-2014 |
miod |
Build with WARNINGS=Yes and Werror.
|
#
1.1 |
|
24-May-2014 |
jsing |
Move ssltest.c to a regress test.
|
#
1.44 |
|
19-Nov-2023 |
tb |
Remove last OPENSSL_NO_ENGINE from libssl regress
|
Revision tags: OPENBSD_7_4_BASE
|
#
1.43 |
|
15-Aug-2023 |
tb |
Avoid memcmp() with NULL pointer and 0 length
|
#
1.42 |
|
27-Jul-2023 |
tb |
Prepare the ssltest for the upcoming bump
This is a hack. The test is in rather poor shape and it is hard to tell whether it still does what it is supposed to be doing. Hopefully somemone will rewrite this in a style that doesn't make me squeal on opening this file...
|
#
1.41 |
|
04-Jul-2023 |
tb |
Plug leak in the ssltest
Removing -tls1 moved some tests from the legacy stack to the TLSv1.3 stack. On a HRR, the alpn callback would be called twice and allocate the global twice, thereby leaking. So free it up front.
Joint suffering with bcook and beck
|
#
1.40 |
|
02-Jul-2023 |
beck |
Disable TLS 1.0 and TLS 1.1 in libssl
Their time has long since past, and they should not be used. This change restricts ssl to versions 1.2 and 1.3, and changes the regression tests to understand we no longer speak the legacy protocols.
For the moment the magical "golden" byte for byte comparison tests of raw handshake values are disabled util jsing fixes them.
ok jsing@ tb@
|
#
1.39 |
|
15-Apr-2023 |
tb |
ssltest: Drop more policy go from this test.
Hopefully that is all. What an absolutely horrid mess.
|
#
1.38 |
|
15-Apr-2023 |
tb |
ssltest: initial pass of dropping proxy cert goo
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.37 |
|
02-Feb-2023 |
anton |
Sync function prototypes and declarations to satisfy clang 15.
ok jsing@
|
#
1.36 |
|
26-Nov-2022 |
tb |
Make internal header file names consistent
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually.
discussed with jsing, no objection bcook
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.35 |
|
07-Jul-2022 |
tb |
Make the ssltest security level aware.
From beck
|
#
1.34 |
|
07-Jul-2022 |
tb |
Switch ssltest to using the newly generated certs that use SHA-256 instead of SHA-1. This helps the switch to security-level aware ssltest.
From jsing
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.33 |
|
21-Nov-2021 |
tb |
Prepare ssltest for opaque DH
|
#
1.32 |
|
18-Nov-2021 |
tb |
Fix ssltest to work with opaque EVP_PKEY.
|
#
1.31 |
|
31-Oct-2021 |
tb |
Make this test compile again after the damage done in libcrypto
|
#
1.30 |
|
15-Oct-2021 |
jsing |
Pull in ssl_locl.h so that we can keep reaching into libssl internals.
|
#
1.29 |
|
13-Oct-2021 |
tb |
ssltest.c does not need param.h
From Jonas Termansen
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.28 |
|
03-Jul-2021 |
jsing |
Garbage collect do_test_cipherlist().
This code no longer compiles and the equivalent test coverage has been added to regress/lib/libssl/ciphers (and is actually run).
|
#
1.27 |
|
30-Jun-2021 |
jsing |
Disable some code that reaches into libssl internals.
This should be moved to a dedicated regress test.
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.26 |
|
14-Jul-2020 |
jsing |
Add a -tls1_2 option so we can force TLSv1.2 for testing.
|
#
1.25 |
|
07-Jul-2020 |
jsing |
Remove temporary RSA keys/callbacks code.
This was removed from libssl a very long time ago...
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.24 |
|
07-Apr-2019 |
tb |
exitting -> exiting
From Michael Scovetta, PR #108
|
#
1.23 |
|
11-Nov-2018 |
bcook |
Add automatic threading initialization for libcrypto.
This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks.
This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed.
ok beck@, tb@, looks sane guenther@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.22 |
|
12-Aug-2017 |
jsing |
Remove NPN test coverage.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.21 |
|
04-Mar-2017 |
jsing |
Treat "ERROR in STARTUP" as an actual error, rather than failing without exiting non-zero (which has been masking a DTLS related issue). Also make the message consistent with other errors.
Spotted by inogochi@
|
#
1.20 |
|
04-Mar-2017 |
jsing |
Remove commented out code and fix indentation of surrounding statements.
|
#
1.19 |
|
04-Mar-2017 |
jsing |
Remove handling for SSLv2.
|
#
1.18 |
|
24-Jan-2017 |
jsing |
Use prime256v1 for tests unless otherwise specified.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
13-Sep-2015 |
bcook |
remove e_os2.h includes ok jsing@
|
#
1.16 |
|
27-Aug-2015 |
doug |
Remove SSLv3 support from LibreSSL regression tests.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.15 |
|
08-Mar-2015 |
miod |
Reject DH keys sent by a server if they are considered too small; inspired by a similar BoringSSL change, but raising the limit to 1024 bits. ok jsing@ markus@ guenther@ deraadt@
|
#
1.14 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.13 |
|
10-Dec-2014 |
jsing |
Add regress for ALPN.
Based on OpenSSL.
|
#
1.12 |
|
06-Dec-2014 |
jsing |
The -ssl2 flag does nothing - remove the flag and any tests that were using it.
|
#
1.11 |
|
13-Oct-2014 |
jsing |
Remove _XOPEN_SOURCE_EXTENDED since we're not too concerned about gethostname being declared properly on Compaq platforms that use DEC C...
|
#
1.10 |
|
13-Oct-2014 |
jsing |
BIO_free() and SSL_CTX_free() have explicit NULL checks, so there is no need to have additional checks here.
|
#
1.9 |
|
13-Oct-2014 |
jsing |
Add NPN regress tests from OpenSSL. However, unlike OpenSSL, actually exit with a failure if the NPN verification fails.
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.8 |
|
12-Jul-2014 |
jsing |
More KNF.
|
#
1.7 |
|
12-Jul-2014 |
jsing |
Remove #ifndefs for OPENSSL_NO_DH, OPENSSL_NO_ECDH and OPENSSL_NO_X509_VERIFY. We're not going to build with these and the same removal has already been done for libssl.
|
#
1.6 |
|
11-Jul-2014 |
jsing |
Remove PSK from the ssl regress.
|
#
1.5 |
|
10-Jul-2014 |
jsing |
Uncompress ssltest.
|
#
1.4 |
|
21-Jun-2014 |
jsing |
Add DTLS support to ssltest and wire up some regress tests.
ok miod@
|
#
1.3 |
|
13-Jun-2014 |
miod |
Remove support for the `opaque PRF input' extension, which draft has expired 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major.
With help and enlightenment from Brendan MacDonell.
|
#
1.2 |
|
01-Jun-2014 |
miod |
Build with WARNINGS=Yes and Werror.
|
#
1.1 |
|
24-May-2014 |
jsing |
Move ssltest.c to a regress test.
|
#
1.43 |
|
15-Aug-2023 |
tb |
Avoid memcmp() with NULL pointer and 0 length
|
#
1.42 |
|
27-Jul-2023 |
tb |
Prepare the ssltest for the upcoming bump
This is a hack. The test is in rather poor shape and it is hard to tell whether it still does what it is supposed to be doing. Hopefully somemone will rewrite this in a style that doesn't make me squeal on opening this file...
|
#
1.41 |
|
04-Jul-2023 |
tb |
Plug leak in the ssltest
Removing -tls1 moved some tests from the legacy stack to the TLSv1.3 stack. On a HRR, the alpn callback would be called twice and allocate the global twice, thereby leaking. So free it up front.
Joint suffering with bcook and beck
|
#
1.40 |
|
02-Jul-2023 |
beck |
Disable TLS 1.0 and TLS 1.1 in libssl
Their time has long since past, and they should not be used. This change restricts ssl to versions 1.2 and 1.3, and changes the regression tests to understand we no longer speak the legacy protocols.
For the moment the magical "golden" byte for byte comparison tests of raw handshake values are disabled util jsing fixes them.
ok jsing@ tb@
|
#
1.39 |
|
15-Apr-2023 |
tb |
ssltest: Drop more policy go from this test.
Hopefully that is all. What an absolutely horrid mess.
|
#
1.38 |
|
15-Apr-2023 |
tb |
ssltest: initial pass of dropping proxy cert goo
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.37 |
|
02-Feb-2023 |
anton |
Sync function prototypes and declarations to satisfy clang 15.
ok jsing@
|
#
1.36 |
|
26-Nov-2022 |
tb |
Make internal header file names consistent
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually.
discussed with jsing, no objection bcook
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.35 |
|
07-Jul-2022 |
tb |
Make the ssltest security level aware.
From beck
|
#
1.34 |
|
07-Jul-2022 |
tb |
Switch ssltest to using the newly generated certs that use SHA-256 instead of SHA-1. This helps the switch to security-level aware ssltest.
From jsing
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.33 |
|
21-Nov-2021 |
tb |
Prepare ssltest for opaque DH
|
#
1.32 |
|
18-Nov-2021 |
tb |
Fix ssltest to work with opaque EVP_PKEY.
|
#
1.31 |
|
31-Oct-2021 |
tb |
Make this test compile again after the damage done in libcrypto
|
#
1.30 |
|
15-Oct-2021 |
jsing |
Pull in ssl_locl.h so that we can keep reaching into libssl internals.
|
#
1.29 |
|
13-Oct-2021 |
tb |
ssltest.c does not need param.h
From Jonas Termansen
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.28 |
|
03-Jul-2021 |
jsing |
Garbage collect do_test_cipherlist().
This code no longer compiles and the equivalent test coverage has been added to regress/lib/libssl/ciphers (and is actually run).
|
#
1.27 |
|
30-Jun-2021 |
jsing |
Disable some code that reaches into libssl internals.
This should be moved to a dedicated regress test.
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.26 |
|
14-Jul-2020 |
jsing |
Add a -tls1_2 option so we can force TLSv1.2 for testing.
|
#
1.25 |
|
07-Jul-2020 |
jsing |
Remove temporary RSA keys/callbacks code.
This was removed from libssl a very long time ago...
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.24 |
|
07-Apr-2019 |
tb |
exitting -> exiting
From Michael Scovetta, PR #108
|
#
1.23 |
|
11-Nov-2018 |
bcook |
Add automatic threading initialization for libcrypto.
This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks.
This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed.
ok beck@, tb@, looks sane guenther@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.22 |
|
12-Aug-2017 |
jsing |
Remove NPN test coverage.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.21 |
|
04-Mar-2017 |
jsing |
Treat "ERROR in STARTUP" as an actual error, rather than failing without exiting non-zero (which has been masking a DTLS related issue). Also make the message consistent with other errors.
Spotted by inogochi@
|
#
1.20 |
|
04-Mar-2017 |
jsing |
Remove commented out code and fix indentation of surrounding statements.
|
#
1.19 |
|
04-Mar-2017 |
jsing |
Remove handling for SSLv2.
|
#
1.18 |
|
24-Jan-2017 |
jsing |
Use prime256v1 for tests unless otherwise specified.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
13-Sep-2015 |
bcook |
remove e_os2.h includes ok jsing@
|
#
1.16 |
|
27-Aug-2015 |
doug |
Remove SSLv3 support from LibreSSL regression tests.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.15 |
|
08-Mar-2015 |
miod |
Reject DH keys sent by a server if they are considered too small; inspired by a similar BoringSSL change, but raising the limit to 1024 bits. ok jsing@ markus@ guenther@ deraadt@
|
#
1.14 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.13 |
|
10-Dec-2014 |
jsing |
Add regress for ALPN.
Based on OpenSSL.
|
#
1.12 |
|
06-Dec-2014 |
jsing |
The -ssl2 flag does nothing - remove the flag and any tests that were using it.
|
#
1.11 |
|
13-Oct-2014 |
jsing |
Remove _XOPEN_SOURCE_EXTENDED since we're not too concerned about gethostname being declared properly on Compaq platforms that use DEC C...
|
#
1.10 |
|
13-Oct-2014 |
jsing |
BIO_free() and SSL_CTX_free() have explicit NULL checks, so there is no need to have additional checks here.
|
#
1.9 |
|
13-Oct-2014 |
jsing |
Add NPN regress tests from OpenSSL. However, unlike OpenSSL, actually exit with a failure if the NPN verification fails.
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.8 |
|
12-Jul-2014 |
jsing |
More KNF.
|
#
1.7 |
|
12-Jul-2014 |
jsing |
Remove #ifndefs for OPENSSL_NO_DH, OPENSSL_NO_ECDH and OPENSSL_NO_X509_VERIFY. We're not going to build with these and the same removal has already been done for libssl.
|
#
1.6 |
|
11-Jul-2014 |
jsing |
Remove PSK from the ssl regress.
|
#
1.5 |
|
10-Jul-2014 |
jsing |
Uncompress ssltest.
|
#
1.4 |
|
21-Jun-2014 |
jsing |
Add DTLS support to ssltest and wire up some regress tests.
ok miod@
|
#
1.3 |
|
13-Jun-2014 |
miod |
Remove support for the `opaque PRF input' extension, which draft has expired 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major.
With help and enlightenment from Brendan MacDonell.
|
#
1.2 |
|
01-Jun-2014 |
miod |
Build with WARNINGS=Yes and Werror.
|
#
1.1 |
|
24-May-2014 |
jsing |
Move ssltest.c to a regress test.
|
#
1.42 |
|
27-Jul-2023 |
tb |
Prepare the ssltest for the upcoming bump
This is a hack. The test is in rather poor shape and it is hard to tell whether it still does what it is supposed to be doing. Hopefully somemone will rewrite this in a style that doesn't make me squeal on opening this file...
|
#
1.41 |
|
04-Jul-2023 |
tb |
Plug leak in the ssltest
Removing -tls1 moved some tests from the legacy stack to the TLSv1.3 stack. On a HRR, the alpn callback would be called twice and allocate the global twice, thereby leaking. So free it up front.
Joint suffering with bcook and beck
|
#
1.40 |
|
02-Jul-2023 |
beck |
Disable TLS 1.0 and TLS 1.1 in libssl
Their time has long since past, and they should not be used. This change restricts ssl to versions 1.2 and 1.3, and changes the regression tests to understand we no longer speak the legacy protocols.
For the moment the magical "golden" byte for byte comparison tests of raw handshake values are disabled util jsing fixes them.
ok jsing@ tb@
|
#
1.39 |
|
15-Apr-2023 |
tb |
ssltest: Drop more policy go from this test.
Hopefully that is all. What an absolutely horrid mess.
|
#
1.38 |
|
15-Apr-2023 |
tb |
ssltest: initial pass of dropping proxy cert goo
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.37 |
|
02-Feb-2023 |
anton |
Sync function prototypes and declarations to satisfy clang 15.
ok jsing@
|
#
1.36 |
|
26-Nov-2022 |
tb |
Make internal header file names consistent
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually.
discussed with jsing, no objection bcook
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.35 |
|
07-Jul-2022 |
tb |
Make the ssltest security level aware.
From beck
|
#
1.34 |
|
07-Jul-2022 |
tb |
Switch ssltest to using the newly generated certs that use SHA-256 instead of SHA-1. This helps the switch to security-level aware ssltest.
From jsing
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.33 |
|
21-Nov-2021 |
tb |
Prepare ssltest for opaque DH
|
#
1.32 |
|
18-Nov-2021 |
tb |
Fix ssltest to work with opaque EVP_PKEY.
|
#
1.31 |
|
31-Oct-2021 |
tb |
Make this test compile again after the damage done in libcrypto
|
#
1.30 |
|
15-Oct-2021 |
jsing |
Pull in ssl_locl.h so that we can keep reaching into libssl internals.
|
#
1.29 |
|
13-Oct-2021 |
tb |
ssltest.c does not need param.h
From Jonas Termansen
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.28 |
|
03-Jul-2021 |
jsing |
Garbage collect do_test_cipherlist().
This code no longer compiles and the equivalent test coverage has been added to regress/lib/libssl/ciphers (and is actually run).
|
#
1.27 |
|
30-Jun-2021 |
jsing |
Disable some code that reaches into libssl internals.
This should be moved to a dedicated regress test.
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.26 |
|
14-Jul-2020 |
jsing |
Add a -tls1_2 option so we can force TLSv1.2 for testing.
|
#
1.25 |
|
07-Jul-2020 |
jsing |
Remove temporary RSA keys/callbacks code.
This was removed from libssl a very long time ago...
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.24 |
|
07-Apr-2019 |
tb |
exitting -> exiting
From Michael Scovetta, PR #108
|
#
1.23 |
|
11-Nov-2018 |
bcook |
Add automatic threading initialization for libcrypto.
This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks.
This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed.
ok beck@, tb@, looks sane guenther@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.22 |
|
12-Aug-2017 |
jsing |
Remove NPN test coverage.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.21 |
|
04-Mar-2017 |
jsing |
Treat "ERROR in STARTUP" as an actual error, rather than failing without exiting non-zero (which has been masking a DTLS related issue). Also make the message consistent with other errors.
Spotted by inogochi@
|
#
1.20 |
|
04-Mar-2017 |
jsing |
Remove commented out code and fix indentation of surrounding statements.
|
#
1.19 |
|
04-Mar-2017 |
jsing |
Remove handling for SSLv2.
|
#
1.18 |
|
24-Jan-2017 |
jsing |
Use prime256v1 for tests unless otherwise specified.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
13-Sep-2015 |
bcook |
remove e_os2.h includes ok jsing@
|
#
1.16 |
|
27-Aug-2015 |
doug |
Remove SSLv3 support from LibreSSL regression tests.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.15 |
|
08-Mar-2015 |
miod |
Reject DH keys sent by a server if they are considered too small; inspired by a similar BoringSSL change, but raising the limit to 1024 bits. ok jsing@ markus@ guenther@ deraadt@
|
#
1.14 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.13 |
|
10-Dec-2014 |
jsing |
Add regress for ALPN.
Based on OpenSSL.
|
#
1.12 |
|
06-Dec-2014 |
jsing |
The -ssl2 flag does nothing - remove the flag and any tests that were using it.
|
#
1.11 |
|
13-Oct-2014 |
jsing |
Remove _XOPEN_SOURCE_EXTENDED since we're not too concerned about gethostname being declared properly on Compaq platforms that use DEC C...
|
#
1.10 |
|
13-Oct-2014 |
jsing |
BIO_free() and SSL_CTX_free() have explicit NULL checks, so there is no need to have additional checks here.
|
#
1.9 |
|
13-Oct-2014 |
jsing |
Add NPN regress tests from OpenSSL. However, unlike OpenSSL, actually exit with a failure if the NPN verification fails.
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.8 |
|
12-Jul-2014 |
jsing |
More KNF.
|
#
1.7 |
|
12-Jul-2014 |
jsing |
Remove #ifndefs for OPENSSL_NO_DH, OPENSSL_NO_ECDH and OPENSSL_NO_X509_VERIFY. We're not going to build with these and the same removal has already been done for libssl.
|
#
1.6 |
|
11-Jul-2014 |
jsing |
Remove PSK from the ssl regress.
|
#
1.5 |
|
10-Jul-2014 |
jsing |
Uncompress ssltest.
|
#
1.4 |
|
21-Jun-2014 |
jsing |
Add DTLS support to ssltest and wire up some regress tests.
ok miod@
|
#
1.3 |
|
13-Jun-2014 |
miod |
Remove support for the `opaque PRF input' extension, which draft has expired 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major.
With help and enlightenment from Brendan MacDonell.
|
#
1.2 |
|
01-Jun-2014 |
miod |
Build with WARNINGS=Yes and Werror.
|
#
1.1 |
|
24-May-2014 |
jsing |
Move ssltest.c to a regress test.
|
#
1.41 |
|
04-Jul-2023 |
tb |
Plug leak in the ssltest
Removing -tls1 moved some tests from the legacy stack to the TLSv1.3 stack. On a HRR, the alpn callback would be called twice and allocate the global twice, thereby leaking. So free it up front.
Joint suffering with bcook and beck
|
#
1.40 |
|
02-Jul-2023 |
beck |
Disable TLS 1.0 and TLS 1.1 in libssl
Their time has long since past, and they should not be used. This change restricts ssl to versions 1.2 and 1.3, and changes the regression tests to understand we no longer speak the legacy protocols.
For the moment the magical "golden" byte for byte comparison tests of raw handshake values are disabled util jsing fixes them.
ok jsing@ tb@
|
#
1.39 |
|
15-Apr-2023 |
tb |
ssltest: Drop more policy go from this test.
Hopefully that is all. What an absolutely horrid mess.
|
#
1.38 |
|
15-Apr-2023 |
tb |
ssltest: initial pass of dropping proxy cert goo
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.37 |
|
02-Feb-2023 |
anton |
Sync function prototypes and declarations to satisfy clang 15.
ok jsing@
|
#
1.36 |
|
26-Nov-2022 |
tb |
Make internal header file names consistent
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually.
discussed with jsing, no objection bcook
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.35 |
|
07-Jul-2022 |
tb |
Make the ssltest security level aware.
From beck
|
#
1.34 |
|
07-Jul-2022 |
tb |
Switch ssltest to using the newly generated certs that use SHA-256 instead of SHA-1. This helps the switch to security-level aware ssltest.
From jsing
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.33 |
|
21-Nov-2021 |
tb |
Prepare ssltest for opaque DH
|
#
1.32 |
|
18-Nov-2021 |
tb |
Fix ssltest to work with opaque EVP_PKEY.
|
#
1.31 |
|
31-Oct-2021 |
tb |
Make this test compile again after the damage done in libcrypto
|
#
1.30 |
|
15-Oct-2021 |
jsing |
Pull in ssl_locl.h so that we can keep reaching into libssl internals.
|
#
1.29 |
|
13-Oct-2021 |
tb |
ssltest.c does not need param.h
From Jonas Termansen
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.28 |
|
03-Jul-2021 |
jsing |
Garbage collect do_test_cipherlist().
This code no longer compiles and the equivalent test coverage has been added to regress/lib/libssl/ciphers (and is actually run).
|
#
1.27 |
|
30-Jun-2021 |
jsing |
Disable some code that reaches into libssl internals.
This should be moved to a dedicated regress test.
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.26 |
|
14-Jul-2020 |
jsing |
Add a -tls1_2 option so we can force TLSv1.2 for testing.
|
#
1.25 |
|
07-Jul-2020 |
jsing |
Remove temporary RSA keys/callbacks code.
This was removed from libssl a very long time ago...
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.24 |
|
07-Apr-2019 |
tb |
exitting -> exiting
From Michael Scovetta, PR #108
|
#
1.23 |
|
11-Nov-2018 |
bcook |
Add automatic threading initialization for libcrypto.
This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks.
This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed.
ok beck@, tb@, looks sane guenther@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.22 |
|
12-Aug-2017 |
jsing |
Remove NPN test coverage.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.21 |
|
04-Mar-2017 |
jsing |
Treat "ERROR in STARTUP" as an actual error, rather than failing without exiting non-zero (which has been masking a DTLS related issue). Also make the message consistent with other errors.
Spotted by inogochi@
|
#
1.20 |
|
04-Mar-2017 |
jsing |
Remove commented out code and fix indentation of surrounding statements.
|
#
1.19 |
|
04-Mar-2017 |
jsing |
Remove handling for SSLv2.
|
#
1.18 |
|
24-Jan-2017 |
jsing |
Use prime256v1 for tests unless otherwise specified.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
13-Sep-2015 |
bcook |
remove e_os2.h includes ok jsing@
|
#
1.16 |
|
27-Aug-2015 |
doug |
Remove SSLv3 support from LibreSSL regression tests.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.15 |
|
08-Mar-2015 |
miod |
Reject DH keys sent by a server if they are considered too small; inspired by a similar BoringSSL change, but raising the limit to 1024 bits. ok jsing@ markus@ guenther@ deraadt@
|
#
1.14 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.13 |
|
10-Dec-2014 |
jsing |
Add regress for ALPN.
Based on OpenSSL.
|
#
1.12 |
|
06-Dec-2014 |
jsing |
The -ssl2 flag does nothing - remove the flag and any tests that were using it.
|
#
1.11 |
|
13-Oct-2014 |
jsing |
Remove _XOPEN_SOURCE_EXTENDED since we're not too concerned about gethostname being declared properly on Compaq platforms that use DEC C...
|
#
1.10 |
|
13-Oct-2014 |
jsing |
BIO_free() and SSL_CTX_free() have explicit NULL checks, so there is no need to have additional checks here.
|
#
1.9 |
|
13-Oct-2014 |
jsing |
Add NPN regress tests from OpenSSL. However, unlike OpenSSL, actually exit with a failure if the NPN verification fails.
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.8 |
|
12-Jul-2014 |
jsing |
More KNF.
|
#
1.7 |
|
12-Jul-2014 |
jsing |
Remove #ifndefs for OPENSSL_NO_DH, OPENSSL_NO_ECDH and OPENSSL_NO_X509_VERIFY. We're not going to build with these and the same removal has already been done for libssl.
|
#
1.6 |
|
11-Jul-2014 |
jsing |
Remove PSK from the ssl regress.
|
#
1.5 |
|
10-Jul-2014 |
jsing |
Uncompress ssltest.
|
#
1.4 |
|
21-Jun-2014 |
jsing |
Add DTLS support to ssltest and wire up some regress tests.
ok miod@
|
#
1.3 |
|
13-Jun-2014 |
miod |
Remove support for the `opaque PRF input' extension, which draft has expired 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major.
With help and enlightenment from Brendan MacDonell.
|
#
1.2 |
|
01-Jun-2014 |
miod |
Build with WARNINGS=Yes and Werror.
|
#
1.1 |
|
24-May-2014 |
jsing |
Move ssltest.c to a regress test.
|
#
1.39 |
|
15-Apr-2023 |
tb |
ssltest: Drop more policy go from this test.
Hopefully that is all. What an absolutely horrid mess.
|
#
1.38 |
|
15-Apr-2023 |
tb |
ssltest: initial pass of dropping proxy cert goo
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.37 |
|
02-Feb-2023 |
anton |
Sync function prototypes and declarations to satisfy clang 15.
ok jsing@
|
#
1.36 |
|
26-Nov-2022 |
tb |
Make internal header file names consistent
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually.
discussed with jsing, no objection bcook
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.35 |
|
07-Jul-2022 |
tb |
Make the ssltest security level aware.
From beck
|
#
1.34 |
|
07-Jul-2022 |
tb |
Switch ssltest to using the newly generated certs that use SHA-256 instead of SHA-1. This helps the switch to security-level aware ssltest.
From jsing
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.33 |
|
21-Nov-2021 |
tb |
Prepare ssltest for opaque DH
|
#
1.32 |
|
18-Nov-2021 |
tb |
Fix ssltest to work with opaque EVP_PKEY.
|
#
1.31 |
|
31-Oct-2021 |
tb |
Make this test compile again after the damage done in libcrypto
|
#
1.30 |
|
15-Oct-2021 |
jsing |
Pull in ssl_locl.h so that we can keep reaching into libssl internals.
|
#
1.29 |
|
13-Oct-2021 |
tb |
ssltest.c does not need param.h
From Jonas Termansen
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.28 |
|
03-Jul-2021 |
jsing |
Garbage collect do_test_cipherlist().
This code no longer compiles and the equivalent test coverage has been added to regress/lib/libssl/ciphers (and is actually run).
|
#
1.27 |
|
30-Jun-2021 |
jsing |
Disable some code that reaches into libssl internals.
This should be moved to a dedicated regress test.
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.26 |
|
14-Jul-2020 |
jsing |
Add a -tls1_2 option so we can force TLSv1.2 for testing.
|
#
1.25 |
|
07-Jul-2020 |
jsing |
Remove temporary RSA keys/callbacks code.
This was removed from libssl a very long time ago...
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.24 |
|
07-Apr-2019 |
tb |
exitting -> exiting
From Michael Scovetta, PR #108
|
#
1.23 |
|
11-Nov-2018 |
bcook |
Add automatic threading initialization for libcrypto.
This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks.
This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed.
ok beck@, tb@, looks sane guenther@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.22 |
|
12-Aug-2017 |
jsing |
Remove NPN test coverage.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.21 |
|
04-Mar-2017 |
jsing |
Treat "ERROR in STARTUP" as an actual error, rather than failing without exiting non-zero (which has been masking a DTLS related issue). Also make the message consistent with other errors.
Spotted by inogochi@
|
#
1.20 |
|
04-Mar-2017 |
jsing |
Remove commented out code and fix indentation of surrounding statements.
|
#
1.19 |
|
04-Mar-2017 |
jsing |
Remove handling for SSLv2.
|
#
1.18 |
|
24-Jan-2017 |
jsing |
Use prime256v1 for tests unless otherwise specified.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
13-Sep-2015 |
bcook |
remove e_os2.h includes ok jsing@
|
#
1.16 |
|
27-Aug-2015 |
doug |
Remove SSLv3 support from LibreSSL regression tests.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.15 |
|
08-Mar-2015 |
miod |
Reject DH keys sent by a server if they are considered too small; inspired by a similar BoringSSL change, but raising the limit to 1024 bits. ok jsing@ markus@ guenther@ deraadt@
|
#
1.14 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.13 |
|
10-Dec-2014 |
jsing |
Add regress for ALPN.
Based on OpenSSL.
|
#
1.12 |
|
06-Dec-2014 |
jsing |
The -ssl2 flag does nothing - remove the flag and any tests that were using it.
|
#
1.11 |
|
13-Oct-2014 |
jsing |
Remove _XOPEN_SOURCE_EXTENDED since we're not too concerned about gethostname being declared properly on Compaq platforms that use DEC C...
|
#
1.10 |
|
13-Oct-2014 |
jsing |
BIO_free() and SSL_CTX_free() have explicit NULL checks, so there is no need to have additional checks here.
|
#
1.9 |
|
13-Oct-2014 |
jsing |
Add NPN regress tests from OpenSSL. However, unlike OpenSSL, actually exit with a failure if the NPN verification fails.
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.8 |
|
12-Jul-2014 |
jsing |
More KNF.
|
#
1.7 |
|
12-Jul-2014 |
jsing |
Remove #ifndefs for OPENSSL_NO_DH, OPENSSL_NO_ECDH and OPENSSL_NO_X509_VERIFY. We're not going to build with these and the same removal has already been done for libssl.
|
#
1.6 |
|
11-Jul-2014 |
jsing |
Remove PSK from the ssl regress.
|
#
1.5 |
|
10-Jul-2014 |
jsing |
Uncompress ssltest.
|
#
1.4 |
|
21-Jun-2014 |
jsing |
Add DTLS support to ssltest and wire up some regress tests.
ok miod@
|
#
1.3 |
|
13-Jun-2014 |
miod |
Remove support for the `opaque PRF input' extension, which draft has expired 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major.
With help and enlightenment from Brendan MacDonell.
|
#
1.2 |
|
01-Jun-2014 |
miod |
Build with WARNINGS=Yes and Werror.
|
#
1.1 |
|
24-May-2014 |
jsing |
Move ssltest.c to a regress test.
|
#
1.37 |
|
02-Feb-2023 |
anton |
Sync function prototypes and declarations to satisfy clang 15.
ok jsing@
|
#
1.36 |
|
26-Nov-2022 |
tb |
Make internal header file names consistent
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually.
discussed with jsing, no objection bcook
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.35 |
|
07-Jul-2022 |
tb |
Make the ssltest security level aware.
From beck
|
#
1.34 |
|
07-Jul-2022 |
tb |
Switch ssltest to using the newly generated certs that use SHA-256 instead of SHA-1. This helps the switch to security-level aware ssltest.
From jsing
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.33 |
|
21-Nov-2021 |
tb |
Prepare ssltest for opaque DH
|
#
1.32 |
|
18-Nov-2021 |
tb |
Fix ssltest to work with opaque EVP_PKEY.
|
#
1.31 |
|
31-Oct-2021 |
tb |
Make this test compile again after the damage done in libcrypto
|
#
1.30 |
|
15-Oct-2021 |
jsing |
Pull in ssl_locl.h so that we can keep reaching into libssl internals.
|
#
1.29 |
|
13-Oct-2021 |
tb |
ssltest.c does not need param.h
From Jonas Termansen
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.28 |
|
03-Jul-2021 |
jsing |
Garbage collect do_test_cipherlist().
This code no longer compiles and the equivalent test coverage has been added to regress/lib/libssl/ciphers (and is actually run).
|
#
1.27 |
|
30-Jun-2021 |
jsing |
Disable some code that reaches into libssl internals.
This should be moved to a dedicated regress test.
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.26 |
|
14-Jul-2020 |
jsing |
Add a -tls1_2 option so we can force TLSv1.2 for testing.
|
#
1.25 |
|
07-Jul-2020 |
jsing |
Remove temporary RSA keys/callbacks code.
This was removed from libssl a very long time ago...
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.24 |
|
07-Apr-2019 |
tb |
exitting -> exiting
From Michael Scovetta, PR #108
|
#
1.23 |
|
11-Nov-2018 |
bcook |
Add automatic threading initialization for libcrypto.
This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks.
This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed.
ok beck@, tb@, looks sane guenther@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.22 |
|
12-Aug-2017 |
jsing |
Remove NPN test coverage.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.21 |
|
04-Mar-2017 |
jsing |
Treat "ERROR in STARTUP" as an actual error, rather than failing without exiting non-zero (which has been masking a DTLS related issue). Also make the message consistent with other errors.
Spotted by inogochi@
|
#
1.20 |
|
04-Mar-2017 |
jsing |
Remove commented out code and fix indentation of surrounding statements.
|
#
1.19 |
|
04-Mar-2017 |
jsing |
Remove handling for SSLv2.
|
#
1.18 |
|
24-Jan-2017 |
jsing |
Use prime256v1 for tests unless otherwise specified.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
13-Sep-2015 |
bcook |
remove e_os2.h includes ok jsing@
|
#
1.16 |
|
27-Aug-2015 |
doug |
Remove SSLv3 support from LibreSSL regression tests.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.15 |
|
08-Mar-2015 |
miod |
Reject DH keys sent by a server if they are considered too small; inspired by a similar BoringSSL change, but raising the limit to 1024 bits. ok jsing@ markus@ guenther@ deraadt@
|
#
1.14 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.13 |
|
10-Dec-2014 |
jsing |
Add regress for ALPN.
Based on OpenSSL.
|
#
1.12 |
|
06-Dec-2014 |
jsing |
The -ssl2 flag does nothing - remove the flag and any tests that were using it.
|
#
1.11 |
|
13-Oct-2014 |
jsing |
Remove _XOPEN_SOURCE_EXTENDED since we're not too concerned about gethostname being declared properly on Compaq platforms that use DEC C...
|
#
1.10 |
|
13-Oct-2014 |
jsing |
BIO_free() and SSL_CTX_free() have explicit NULL checks, so there is no need to have additional checks here.
|
#
1.9 |
|
13-Oct-2014 |
jsing |
Add NPN regress tests from OpenSSL. However, unlike OpenSSL, actually exit with a failure if the NPN verification fails.
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.8 |
|
12-Jul-2014 |
jsing |
More KNF.
|
#
1.7 |
|
12-Jul-2014 |
jsing |
Remove #ifndefs for OPENSSL_NO_DH, OPENSSL_NO_ECDH and OPENSSL_NO_X509_VERIFY. We're not going to build with these and the same removal has already been done for libssl.
|
#
1.6 |
|
11-Jul-2014 |
jsing |
Remove PSK from the ssl regress.
|
#
1.5 |
|
10-Jul-2014 |
jsing |
Uncompress ssltest.
|
#
1.4 |
|
21-Jun-2014 |
jsing |
Add DTLS support to ssltest and wire up some regress tests.
ok miod@
|
#
1.3 |
|
13-Jun-2014 |
miod |
Remove support for the `opaque PRF input' extension, which draft has expired 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major.
With help and enlightenment from Brendan MacDonell.
|
#
1.2 |
|
01-Jun-2014 |
miod |
Build with WARNINGS=Yes and Werror.
|
#
1.1 |
|
24-May-2014 |
jsing |
Move ssltest.c to a regress test.
|
#
1.36 |
|
26-Nov-2022 |
tb |
Make internal header file names consistent
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually.
discussed with jsing, no objection bcook
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.35 |
|
07-Jul-2022 |
tb |
Make the ssltest security level aware.
From beck
|
#
1.34 |
|
07-Jul-2022 |
tb |
Switch ssltest to using the newly generated certs that use SHA-256 instead of SHA-1. This helps the switch to security-level aware ssltest.
From jsing
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.33 |
|
21-Nov-2021 |
tb |
Prepare ssltest for opaque DH
|
#
1.32 |
|
18-Nov-2021 |
tb |
Fix ssltest to work with opaque EVP_PKEY.
|
#
1.31 |
|
31-Oct-2021 |
tb |
Make this test compile again after the damage done in libcrypto
|
#
1.30 |
|
15-Oct-2021 |
jsing |
Pull in ssl_locl.h so that we can keep reaching into libssl internals.
|
#
1.29 |
|
13-Oct-2021 |
tb |
ssltest.c does not need param.h
From Jonas Termansen
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.28 |
|
03-Jul-2021 |
jsing |
Garbage collect do_test_cipherlist().
This code no longer compiles and the equivalent test coverage has been added to regress/lib/libssl/ciphers (and is actually run).
|
#
1.27 |
|
30-Jun-2021 |
jsing |
Disable some code that reaches into libssl internals.
This should be moved to a dedicated regress test.
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.26 |
|
14-Jul-2020 |
jsing |
Add a -tls1_2 option so we can force TLSv1.2 for testing.
|
#
1.25 |
|
07-Jul-2020 |
jsing |
Remove temporary RSA keys/callbacks code.
This was removed from libssl a very long time ago...
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.24 |
|
07-Apr-2019 |
tb |
exitting -> exiting
From Michael Scovetta, PR #108
|
#
1.23 |
|
11-Nov-2018 |
bcook |
Add automatic threading initialization for libcrypto.
This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks.
This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed.
ok beck@, tb@, looks sane guenther@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.22 |
|
12-Aug-2017 |
jsing |
Remove NPN test coverage.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.21 |
|
04-Mar-2017 |
jsing |
Treat "ERROR in STARTUP" as an actual error, rather than failing without exiting non-zero (which has been masking a DTLS related issue). Also make the message consistent with other errors.
Spotted by inogochi@
|
#
1.20 |
|
04-Mar-2017 |
jsing |
Remove commented out code and fix indentation of surrounding statements.
|
#
1.19 |
|
04-Mar-2017 |
jsing |
Remove handling for SSLv2.
|
#
1.18 |
|
24-Jan-2017 |
jsing |
Use prime256v1 for tests unless otherwise specified.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
13-Sep-2015 |
bcook |
remove e_os2.h includes ok jsing@
|
#
1.16 |
|
27-Aug-2015 |
doug |
Remove SSLv3 support from LibreSSL regression tests.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.15 |
|
08-Mar-2015 |
miod |
Reject DH keys sent by a server if they are considered too small; inspired by a similar BoringSSL change, but raising the limit to 1024 bits. ok jsing@ markus@ guenther@ deraadt@
|
#
1.14 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.13 |
|
10-Dec-2014 |
jsing |
Add regress for ALPN.
Based on OpenSSL.
|
#
1.12 |
|
06-Dec-2014 |
jsing |
The -ssl2 flag does nothing - remove the flag and any tests that were using it.
|
#
1.11 |
|
13-Oct-2014 |
jsing |
Remove _XOPEN_SOURCE_EXTENDED since we're not too concerned about gethostname being declared properly on Compaq platforms that use DEC C...
|
#
1.10 |
|
13-Oct-2014 |
jsing |
BIO_free() and SSL_CTX_free() have explicit NULL checks, so there is no need to have additional checks here.
|
#
1.9 |
|
13-Oct-2014 |
jsing |
Add NPN regress tests from OpenSSL. However, unlike OpenSSL, actually exit with a failure if the NPN verification fails.
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.8 |
|
12-Jul-2014 |
jsing |
More KNF.
|
#
1.7 |
|
12-Jul-2014 |
jsing |
Remove #ifndefs for OPENSSL_NO_DH, OPENSSL_NO_ECDH and OPENSSL_NO_X509_VERIFY. We're not going to build with these and the same removal has already been done for libssl.
|
#
1.6 |
|
11-Jul-2014 |
jsing |
Remove PSK from the ssl regress.
|
#
1.5 |
|
10-Jul-2014 |
jsing |
Uncompress ssltest.
|
#
1.4 |
|
21-Jun-2014 |
jsing |
Add DTLS support to ssltest and wire up some regress tests.
ok miod@
|
#
1.3 |
|
13-Jun-2014 |
miod |
Remove support for the `opaque PRF input' extension, which draft has expired 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major.
With help and enlightenment from Brendan MacDonell.
|
#
1.2 |
|
01-Jun-2014 |
miod |
Build with WARNINGS=Yes and Werror.
|
#
1.1 |
|
24-May-2014 |
jsing |
Move ssltest.c to a regress test.
|
#
1.35 |
|
07-Jul-2022 |
tb |
Make the ssltest security level aware.
From beck
|
#
1.34 |
|
07-Jul-2022 |
tb |
Switch ssltest to using the newly generated certs that use SHA-256 instead of SHA-1. This helps the switch to security-level aware ssltest.
From jsing
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.33 |
|
21-Nov-2021 |
tb |
Prepare ssltest for opaque DH
|
#
1.32 |
|
18-Nov-2021 |
tb |
Fix ssltest to work with opaque EVP_PKEY.
|
#
1.31 |
|
31-Oct-2021 |
tb |
Make this test compile again after the damage done in libcrypto
|
#
1.30 |
|
15-Oct-2021 |
jsing |
Pull in ssl_locl.h so that we can keep reaching into libssl internals.
|
#
1.29 |
|
13-Oct-2021 |
tb |
ssltest.c does not need param.h
From Jonas Termansen
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.28 |
|
03-Jul-2021 |
jsing |
Garbage collect do_test_cipherlist().
This code no longer compiles and the equivalent test coverage has been added to regress/lib/libssl/ciphers (and is actually run).
|
#
1.27 |
|
30-Jun-2021 |
jsing |
Disable some code that reaches into libssl internals.
This should be moved to a dedicated regress test.
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.26 |
|
14-Jul-2020 |
jsing |
Add a -tls1_2 option so we can force TLSv1.2 for testing.
|
#
1.25 |
|
07-Jul-2020 |
jsing |
Remove temporary RSA keys/callbacks code.
This was removed from libssl a very long time ago...
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.24 |
|
07-Apr-2019 |
tb |
exitting -> exiting
From Michael Scovetta, PR #108
|
#
1.23 |
|
11-Nov-2018 |
bcook |
Add automatic threading initialization for libcrypto.
This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks.
This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed.
ok beck@, tb@, looks sane guenther@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.22 |
|
12-Aug-2017 |
jsing |
Remove NPN test coverage.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.21 |
|
04-Mar-2017 |
jsing |
Treat "ERROR in STARTUP" as an actual error, rather than failing without exiting non-zero (which has been masking a DTLS related issue). Also make the message consistent with other errors.
Spotted by inogochi@
|
#
1.20 |
|
04-Mar-2017 |
jsing |
Remove commented out code and fix indentation of surrounding statements.
|
#
1.19 |
|
04-Mar-2017 |
jsing |
Remove handling for SSLv2.
|
#
1.18 |
|
24-Jan-2017 |
jsing |
Use prime256v1 for tests unless otherwise specified.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
13-Sep-2015 |
bcook |
remove e_os2.h includes ok jsing@
|
#
1.16 |
|
27-Aug-2015 |
doug |
Remove SSLv3 support from LibreSSL regression tests.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.15 |
|
08-Mar-2015 |
miod |
Reject DH keys sent by a server if they are considered too small; inspired by a similar BoringSSL change, but raising the limit to 1024 bits. ok jsing@ markus@ guenther@ deraadt@
|
#
1.14 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.13 |
|
10-Dec-2014 |
jsing |
Add regress for ALPN.
Based on OpenSSL.
|
#
1.12 |
|
06-Dec-2014 |
jsing |
The -ssl2 flag does nothing - remove the flag and any tests that were using it.
|
#
1.11 |
|
13-Oct-2014 |
jsing |
Remove _XOPEN_SOURCE_EXTENDED since we're not too concerned about gethostname being declared properly on Compaq platforms that use DEC C...
|
#
1.10 |
|
13-Oct-2014 |
jsing |
BIO_free() and SSL_CTX_free() have explicit NULL checks, so there is no need to have additional checks here.
|
#
1.9 |
|
13-Oct-2014 |
jsing |
Add NPN regress tests from OpenSSL. However, unlike OpenSSL, actually exit with a failure if the NPN verification fails.
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.8 |
|
12-Jul-2014 |
jsing |
More KNF.
|
#
1.7 |
|
12-Jul-2014 |
jsing |
Remove #ifndefs for OPENSSL_NO_DH, OPENSSL_NO_ECDH and OPENSSL_NO_X509_VERIFY. We're not going to build with these and the same removal has already been done for libssl.
|
#
1.6 |
|
11-Jul-2014 |
jsing |
Remove PSK from the ssl regress.
|
#
1.5 |
|
10-Jul-2014 |
jsing |
Uncompress ssltest.
|
#
1.4 |
|
21-Jun-2014 |
jsing |
Add DTLS support to ssltest and wire up some regress tests.
ok miod@
|
#
1.3 |
|
13-Jun-2014 |
miod |
Remove support for the `opaque PRF input' extension, which draft has expired 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major.
With help and enlightenment from Brendan MacDonell.
|
#
1.2 |
|
01-Jun-2014 |
miod |
Build with WARNINGS=Yes and Werror.
|
#
1.1 |
|
24-May-2014 |
jsing |
Move ssltest.c to a regress test.
|
#
1.33 |
|
21-Nov-2021 |
tb |
Prepare ssltest for opaque DH
|
#
1.32 |
|
18-Nov-2021 |
tb |
Fix ssltest to work with opaque EVP_PKEY.
|
#
1.31 |
|
31-Oct-2021 |
tb |
Make this test compile again after the damage done in libcrypto
|
#
1.30 |
|
15-Oct-2021 |
jsing |
Pull in ssl_locl.h so that we can keep reaching into libssl internals.
|
#
1.29 |
|
13-Oct-2021 |
tb |
ssltest.c does not need param.h
From Jonas Termansen
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.28 |
|
03-Jul-2021 |
jsing |
Garbage collect do_test_cipherlist().
This code no longer compiles and the equivalent test coverage has been added to regress/lib/libssl/ciphers (and is actually run).
|
#
1.27 |
|
30-Jun-2021 |
jsing |
Disable some code that reaches into libssl internals.
This should be moved to a dedicated regress test.
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.26 |
|
14-Jul-2020 |
jsing |
Add a -tls1_2 option so we can force TLSv1.2 for testing.
|
#
1.25 |
|
07-Jul-2020 |
jsing |
Remove temporary RSA keys/callbacks code.
This was removed from libssl a very long time ago...
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.24 |
|
07-Apr-2019 |
tb |
exitting -> exiting
From Michael Scovetta, PR #108
|
#
1.23 |
|
11-Nov-2018 |
bcook |
Add automatic threading initialization for libcrypto.
This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks.
This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed.
ok beck@, tb@, looks sane guenther@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.22 |
|
12-Aug-2017 |
jsing |
Remove NPN test coverage.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.21 |
|
04-Mar-2017 |
jsing |
Treat "ERROR in STARTUP" as an actual error, rather than failing without exiting non-zero (which has been masking a DTLS related issue). Also make the message consistent with other errors.
Spotted by inogochi@
|
#
1.20 |
|
04-Mar-2017 |
jsing |
Remove commented out code and fix indentation of surrounding statements.
|
#
1.19 |
|
04-Mar-2017 |
jsing |
Remove handling for SSLv2.
|
#
1.18 |
|
24-Jan-2017 |
jsing |
Use prime256v1 for tests unless otherwise specified.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
13-Sep-2015 |
bcook |
remove e_os2.h includes ok jsing@
|
#
1.16 |
|
27-Aug-2015 |
doug |
Remove SSLv3 support from LibreSSL regression tests.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.15 |
|
08-Mar-2015 |
miod |
Reject DH keys sent by a server if they are considered too small; inspired by a similar BoringSSL change, but raising the limit to 1024 bits. ok jsing@ markus@ guenther@ deraadt@
|
#
1.14 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.13 |
|
10-Dec-2014 |
jsing |
Add regress for ALPN.
Based on OpenSSL.
|
#
1.12 |
|
06-Dec-2014 |
jsing |
The -ssl2 flag does nothing - remove the flag and any tests that were using it.
|
#
1.11 |
|
13-Oct-2014 |
jsing |
Remove _XOPEN_SOURCE_EXTENDED since we're not too concerned about gethostname being declared properly on Compaq platforms that use DEC C...
|
#
1.10 |
|
13-Oct-2014 |
jsing |
BIO_free() and SSL_CTX_free() have explicit NULL checks, so there is no need to have additional checks here.
|
#
1.9 |
|
13-Oct-2014 |
jsing |
Add NPN regress tests from OpenSSL. However, unlike OpenSSL, actually exit with a failure if the NPN verification fails.
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.8 |
|
12-Jul-2014 |
jsing |
More KNF.
|
#
1.7 |
|
12-Jul-2014 |
jsing |
Remove #ifndefs for OPENSSL_NO_DH, OPENSSL_NO_ECDH and OPENSSL_NO_X509_VERIFY. We're not going to build with these and the same removal has already been done for libssl.
|
#
1.6 |
|
11-Jul-2014 |
jsing |
Remove PSK from the ssl regress.
|
#
1.5 |
|
10-Jul-2014 |
jsing |
Uncompress ssltest.
|
#
1.4 |
|
21-Jun-2014 |
jsing |
Add DTLS support to ssltest and wire up some regress tests.
ok miod@
|
#
1.3 |
|
13-Jun-2014 |
miod |
Remove support for the `opaque PRF input' extension, which draft has expired 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major.
With help and enlightenment from Brendan MacDonell.
|
#
1.2 |
|
01-Jun-2014 |
miod |
Build with WARNINGS=Yes and Werror.
|
#
1.1 |
|
24-May-2014 |
jsing |
Move ssltest.c to a regress test.
|
#
1.32 |
|
18-Nov-2021 |
tb |
Fix ssltest to work with opaque EVP_PKEY.
|
#
1.31 |
|
31-Oct-2021 |
tb |
Make this test compile again after the damage done in libcrypto
|
#
1.30 |
|
15-Oct-2021 |
jsing |
Pull in ssl_locl.h so that we can keep reaching into libssl internals.
|
#
1.29 |
|
13-Oct-2021 |
tb |
ssltest.c does not need param.h
From Jonas Termansen
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.28 |
|
03-Jul-2021 |
jsing |
Garbage collect do_test_cipherlist().
This code no longer compiles and the equivalent test coverage has been added to regress/lib/libssl/ciphers (and is actually run).
|
#
1.27 |
|
30-Jun-2021 |
jsing |
Disable some code that reaches into libssl internals.
This should be moved to a dedicated regress test.
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.26 |
|
14-Jul-2020 |
jsing |
Add a -tls1_2 option so we can force TLSv1.2 for testing.
|
#
1.25 |
|
07-Jul-2020 |
jsing |
Remove temporary RSA keys/callbacks code.
This was removed from libssl a very long time ago...
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.24 |
|
07-Apr-2019 |
tb |
exitting -> exiting
From Michael Scovetta, PR #108
|
#
1.23 |
|
11-Nov-2018 |
bcook |
Add automatic threading initialization for libcrypto.
This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks.
This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed.
ok beck@, tb@, looks sane guenther@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.22 |
|
12-Aug-2017 |
jsing |
Remove NPN test coverage.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.21 |
|
04-Mar-2017 |
jsing |
Treat "ERROR in STARTUP" as an actual error, rather than failing without exiting non-zero (which has been masking a DTLS related issue). Also make the message consistent with other errors.
Spotted by inogochi@
|
#
1.20 |
|
04-Mar-2017 |
jsing |
Remove commented out code and fix indentation of surrounding statements.
|
#
1.19 |
|
04-Mar-2017 |
jsing |
Remove handling for SSLv2.
|
#
1.18 |
|
24-Jan-2017 |
jsing |
Use prime256v1 for tests unless otherwise specified.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
13-Sep-2015 |
bcook |
remove e_os2.h includes ok jsing@
|
#
1.16 |
|
27-Aug-2015 |
doug |
Remove SSLv3 support from LibreSSL regression tests.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.15 |
|
08-Mar-2015 |
miod |
Reject DH keys sent by a server if they are considered too small; inspired by a similar BoringSSL change, but raising the limit to 1024 bits. ok jsing@ markus@ guenther@ deraadt@
|
#
1.14 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.13 |
|
10-Dec-2014 |
jsing |
Add regress for ALPN.
Based on OpenSSL.
|
#
1.12 |
|
06-Dec-2014 |
jsing |
The -ssl2 flag does nothing - remove the flag and any tests that were using it.
|
#
1.11 |
|
13-Oct-2014 |
jsing |
Remove _XOPEN_SOURCE_EXTENDED since we're not too concerned about gethostname being declared properly on Compaq platforms that use DEC C...
|
#
1.10 |
|
13-Oct-2014 |
jsing |
BIO_free() and SSL_CTX_free() have explicit NULL checks, so there is no need to have additional checks here.
|
#
1.9 |
|
13-Oct-2014 |
jsing |
Add NPN regress tests from OpenSSL. However, unlike OpenSSL, actually exit with a failure if the NPN verification fails.
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.8 |
|
12-Jul-2014 |
jsing |
More KNF.
|
#
1.7 |
|
12-Jul-2014 |
jsing |
Remove #ifndefs for OPENSSL_NO_DH, OPENSSL_NO_ECDH and OPENSSL_NO_X509_VERIFY. We're not going to build with these and the same removal has already been done for libssl.
|
#
1.6 |
|
11-Jul-2014 |
jsing |
Remove PSK from the ssl regress.
|
#
1.5 |
|
10-Jul-2014 |
jsing |
Uncompress ssltest.
|
#
1.4 |
|
21-Jun-2014 |
jsing |
Add DTLS support to ssltest and wire up some regress tests.
ok miod@
|
#
1.3 |
|
13-Jun-2014 |
miod |
Remove support for the `opaque PRF input' extension, which draft has expired 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major.
With help and enlightenment from Brendan MacDonell.
|
#
1.2 |
|
01-Jun-2014 |
miod |
Build with WARNINGS=Yes and Werror.
|
#
1.1 |
|
24-May-2014 |
jsing |
Move ssltest.c to a regress test.
|
#
1.31 |
|
31-Oct-2021 |
tb |
Make this test compile again after the damage done in libcrypto
|
#
1.30 |
|
15-Oct-2021 |
jsing |
Pull in ssl_locl.h so that we can keep reaching into libssl internals.
|
#
1.29 |
|
13-Oct-2021 |
tb |
ssltest.c does not need param.h
From Jonas Termansen
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.28 |
|
03-Jul-2021 |
jsing |
Garbage collect do_test_cipherlist().
This code no longer compiles and the equivalent test coverage has been added to regress/lib/libssl/ciphers (and is actually run).
|
#
1.27 |
|
30-Jun-2021 |
jsing |
Disable some code that reaches into libssl internals.
This should be moved to a dedicated regress test.
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.26 |
|
14-Jul-2020 |
jsing |
Add a -tls1_2 option so we can force TLSv1.2 for testing.
|
#
1.25 |
|
07-Jul-2020 |
jsing |
Remove temporary RSA keys/callbacks code.
This was removed from libssl a very long time ago...
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.24 |
|
07-Apr-2019 |
tb |
exitting -> exiting
From Michael Scovetta, PR #108
|
#
1.23 |
|
11-Nov-2018 |
bcook |
Add automatic threading initialization for libcrypto.
This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks.
This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed.
ok beck@, tb@, looks sane guenther@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.22 |
|
12-Aug-2017 |
jsing |
Remove NPN test coverage.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.21 |
|
04-Mar-2017 |
jsing |
Treat "ERROR in STARTUP" as an actual error, rather than failing without exiting non-zero (which has been masking a DTLS related issue). Also make the message consistent with other errors.
Spotted by inogochi@
|
#
1.20 |
|
04-Mar-2017 |
jsing |
Remove commented out code and fix indentation of surrounding statements.
|
#
1.19 |
|
04-Mar-2017 |
jsing |
Remove handling for SSLv2.
|
#
1.18 |
|
24-Jan-2017 |
jsing |
Use prime256v1 for tests unless otherwise specified.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
13-Sep-2015 |
bcook |
remove e_os2.h includes ok jsing@
|
#
1.16 |
|
27-Aug-2015 |
doug |
Remove SSLv3 support from LibreSSL regression tests.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.15 |
|
08-Mar-2015 |
miod |
Reject DH keys sent by a server if they are considered too small; inspired by a similar BoringSSL change, but raising the limit to 1024 bits. ok jsing@ markus@ guenther@ deraadt@
|
#
1.14 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.13 |
|
10-Dec-2014 |
jsing |
Add regress for ALPN.
Based on OpenSSL.
|
#
1.12 |
|
06-Dec-2014 |
jsing |
The -ssl2 flag does nothing - remove the flag and any tests that were using it.
|
#
1.11 |
|
13-Oct-2014 |
jsing |
Remove _XOPEN_SOURCE_EXTENDED since we're not too concerned about gethostname being declared properly on Compaq platforms that use DEC C...
|
#
1.10 |
|
13-Oct-2014 |
jsing |
BIO_free() and SSL_CTX_free() have explicit NULL checks, so there is no need to have additional checks here.
|
#
1.9 |
|
13-Oct-2014 |
jsing |
Add NPN regress tests from OpenSSL. However, unlike OpenSSL, actually exit with a failure if the NPN verification fails.
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.8 |
|
12-Jul-2014 |
jsing |
More KNF.
|
#
1.7 |
|
12-Jul-2014 |
jsing |
Remove #ifndefs for OPENSSL_NO_DH, OPENSSL_NO_ECDH and OPENSSL_NO_X509_VERIFY. We're not going to build with these and the same removal has already been done for libssl.
|
#
1.6 |
|
11-Jul-2014 |
jsing |
Remove PSK from the ssl regress.
|
#
1.5 |
|
10-Jul-2014 |
jsing |
Uncompress ssltest.
|
#
1.4 |
|
21-Jun-2014 |
jsing |
Add DTLS support to ssltest and wire up some regress tests.
ok miod@
|
#
1.3 |
|
13-Jun-2014 |
miod |
Remove support for the `opaque PRF input' extension, which draft has expired 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major.
With help and enlightenment from Brendan MacDonell.
|
#
1.2 |
|
01-Jun-2014 |
miod |
Build with WARNINGS=Yes and Werror.
|
#
1.1 |
|
24-May-2014 |
jsing |
Move ssltest.c to a regress test.
|
#
1.30 |
|
15-Oct-2021 |
jsing |
Pull in ssl_locl.h so that we can keep reaching into libssl internals.
|
#
1.29 |
|
13-Oct-2021 |
tb |
ssltest.c does not need param.h
From Jonas Termansen
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.28 |
|
03-Jul-2021 |
jsing |
Garbage collect do_test_cipherlist().
This code no longer compiles and the equivalent test coverage has been added to regress/lib/libssl/ciphers (and is actually run).
|
#
1.27 |
|
30-Jun-2021 |
jsing |
Disable some code that reaches into libssl internals.
This should be moved to a dedicated regress test.
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.26 |
|
14-Jul-2020 |
jsing |
Add a -tls1_2 option so we can force TLSv1.2 for testing.
|
#
1.25 |
|
07-Jul-2020 |
jsing |
Remove temporary RSA keys/callbacks code.
This was removed from libssl a very long time ago...
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.24 |
|
07-Apr-2019 |
tb |
exitting -> exiting
From Michael Scovetta, PR #108
|
#
1.23 |
|
11-Nov-2018 |
bcook |
Add automatic threading initialization for libcrypto.
This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks.
This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed.
ok beck@, tb@, looks sane guenther@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.22 |
|
12-Aug-2017 |
jsing |
Remove NPN test coverage.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.21 |
|
04-Mar-2017 |
jsing |
Treat "ERROR in STARTUP" as an actual error, rather than failing without exiting non-zero (which has been masking a DTLS related issue). Also make the message consistent with other errors.
Spotted by inogochi@
|
#
1.20 |
|
04-Mar-2017 |
jsing |
Remove commented out code and fix indentation of surrounding statements.
|
#
1.19 |
|
04-Mar-2017 |
jsing |
Remove handling for SSLv2.
|
#
1.18 |
|
24-Jan-2017 |
jsing |
Use prime256v1 for tests unless otherwise specified.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
13-Sep-2015 |
bcook |
remove e_os2.h includes ok jsing@
|
#
1.16 |
|
27-Aug-2015 |
doug |
Remove SSLv3 support from LibreSSL regression tests.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.15 |
|
08-Mar-2015 |
miod |
Reject DH keys sent by a server if they are considered too small; inspired by a similar BoringSSL change, but raising the limit to 1024 bits. ok jsing@ markus@ guenther@ deraadt@
|
#
1.14 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.13 |
|
10-Dec-2014 |
jsing |
Add regress for ALPN.
Based on OpenSSL.
|
#
1.12 |
|
06-Dec-2014 |
jsing |
The -ssl2 flag does nothing - remove the flag and any tests that were using it.
|
#
1.11 |
|
13-Oct-2014 |
jsing |
Remove _XOPEN_SOURCE_EXTENDED since we're not too concerned about gethostname being declared properly on Compaq platforms that use DEC C...
|
#
1.10 |
|
13-Oct-2014 |
jsing |
BIO_free() and SSL_CTX_free() have explicit NULL checks, so there is no need to have additional checks here.
|
#
1.9 |
|
13-Oct-2014 |
jsing |
Add NPN regress tests from OpenSSL. However, unlike OpenSSL, actually exit with a failure if the NPN verification fails.
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.8 |
|
12-Jul-2014 |
jsing |
More KNF.
|
#
1.7 |
|
12-Jul-2014 |
jsing |
Remove #ifndefs for OPENSSL_NO_DH, OPENSSL_NO_ECDH and OPENSSL_NO_X509_VERIFY. We're not going to build with these and the same removal has already been done for libssl.
|
#
1.6 |
|
11-Jul-2014 |
jsing |
Remove PSK from the ssl regress.
|
#
1.5 |
|
10-Jul-2014 |
jsing |
Uncompress ssltest.
|
#
1.4 |
|
21-Jun-2014 |
jsing |
Add DTLS support to ssltest and wire up some regress tests.
ok miod@
|
#
1.3 |
|
13-Jun-2014 |
miod |
Remove support for the `opaque PRF input' extension, which draft has expired 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major.
With help and enlightenment from Brendan MacDonell.
|
#
1.2 |
|
01-Jun-2014 |
miod |
Build with WARNINGS=Yes and Werror.
|
#
1.1 |
|
24-May-2014 |
jsing |
Move ssltest.c to a regress test.
|
#
1.28 |
|
03-Jul-2021 |
jsing |
Garbage collect do_test_cipherlist().
This code no longer compiles and the equivalent test coverage has been added to regress/lib/libssl/ciphers (and is actually run).
|
#
1.27 |
|
30-Jun-2021 |
jsing |
Disable some code that reaches into libssl internals.
This should be moved to a dedicated regress test.
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.26 |
|
14-Jul-2020 |
jsing |
Add a -tls1_2 option so we can force TLSv1.2 for testing.
|
#
1.25 |
|
07-Jul-2020 |
jsing |
Remove temporary RSA keys/callbacks code.
This was removed from libssl a very long time ago...
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.24 |
|
07-Apr-2019 |
tb |
exitting -> exiting
From Michael Scovetta, PR #108
|
#
1.23 |
|
11-Nov-2018 |
bcook |
Add automatic threading initialization for libcrypto.
This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks.
This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed.
ok beck@, tb@, looks sane guenther@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.22 |
|
12-Aug-2017 |
jsing |
Remove NPN test coverage.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.21 |
|
04-Mar-2017 |
jsing |
Treat "ERROR in STARTUP" as an actual error, rather than failing without exiting non-zero (which has been masking a DTLS related issue). Also make the message consistent with other errors.
Spotted by inogochi@
|
#
1.20 |
|
04-Mar-2017 |
jsing |
Remove commented out code and fix indentation of surrounding statements.
|
#
1.19 |
|
04-Mar-2017 |
jsing |
Remove handling for SSLv2.
|
#
1.18 |
|
24-Jan-2017 |
jsing |
Use prime256v1 for tests unless otherwise specified.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
13-Sep-2015 |
bcook |
remove e_os2.h includes ok jsing@
|
#
1.16 |
|
27-Aug-2015 |
doug |
Remove SSLv3 support from LibreSSL regression tests.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.15 |
|
08-Mar-2015 |
miod |
Reject DH keys sent by a server if they are considered too small; inspired by a similar BoringSSL change, but raising the limit to 1024 bits. ok jsing@ markus@ guenther@ deraadt@
|
#
1.14 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.13 |
|
10-Dec-2014 |
jsing |
Add regress for ALPN.
Based on OpenSSL.
|
#
1.12 |
|
06-Dec-2014 |
jsing |
The -ssl2 flag does nothing - remove the flag and any tests that were using it.
|
#
1.11 |
|
13-Oct-2014 |
jsing |
Remove _XOPEN_SOURCE_EXTENDED since we're not too concerned about gethostname being declared properly on Compaq platforms that use DEC C...
|
#
1.10 |
|
13-Oct-2014 |
jsing |
BIO_free() and SSL_CTX_free() have explicit NULL checks, so there is no need to have additional checks here.
|
#
1.9 |
|
13-Oct-2014 |
jsing |
Add NPN regress tests from OpenSSL. However, unlike OpenSSL, actually exit with a failure if the NPN verification fails.
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.8 |
|
12-Jul-2014 |
jsing |
More KNF.
|
#
1.7 |
|
12-Jul-2014 |
jsing |
Remove #ifndefs for OPENSSL_NO_DH, OPENSSL_NO_ECDH and OPENSSL_NO_X509_VERIFY. We're not going to build with these and the same removal has already been done for libssl.
|
#
1.6 |
|
11-Jul-2014 |
jsing |
Remove PSK from the ssl regress.
|
#
1.5 |
|
10-Jul-2014 |
jsing |
Uncompress ssltest.
|
#
1.4 |
|
21-Jun-2014 |
jsing |
Add DTLS support to ssltest and wire up some regress tests.
ok miod@
|
#
1.3 |
|
13-Jun-2014 |
miod |
Remove support for the `opaque PRF input' extension, which draft has expired 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major.
With help and enlightenment from Brendan MacDonell.
|
#
1.2 |
|
01-Jun-2014 |
miod |
Build with WARNINGS=Yes and Werror.
|
#
1.1 |
|
24-May-2014 |
jsing |
Move ssltest.c to a regress test.
|
#
1.27 |
|
30-Jun-2021 |
jsing |
Disable some code that reaches into libssl internals.
This should be moved to a dedicated regress test.
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.26 |
|
14-Jul-2020 |
jsing |
Add a -tls1_2 option so we can force TLSv1.2 for testing.
|
#
1.25 |
|
07-Jul-2020 |
jsing |
Remove temporary RSA keys/callbacks code.
This was removed from libssl a very long time ago...
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.24 |
|
07-Apr-2019 |
tb |
exitting -> exiting
From Michael Scovetta, PR #108
|
#
1.23 |
|
11-Nov-2018 |
bcook |
Add automatic threading initialization for libcrypto.
This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks.
This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed.
ok beck@, tb@, looks sane guenther@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.22 |
|
12-Aug-2017 |
jsing |
Remove NPN test coverage.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.21 |
|
04-Mar-2017 |
jsing |
Treat "ERROR in STARTUP" as an actual error, rather than failing without exiting non-zero (which has been masking a DTLS related issue). Also make the message consistent with other errors.
Spotted by inogochi@
|
#
1.20 |
|
04-Mar-2017 |
jsing |
Remove commented out code and fix indentation of surrounding statements.
|
#
1.19 |
|
04-Mar-2017 |
jsing |
Remove handling for SSLv2.
|
#
1.18 |
|
24-Jan-2017 |
jsing |
Use prime256v1 for tests unless otherwise specified.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
13-Sep-2015 |
bcook |
remove e_os2.h includes ok jsing@
|
#
1.16 |
|
27-Aug-2015 |
doug |
Remove SSLv3 support from LibreSSL regression tests.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.15 |
|
08-Mar-2015 |
miod |
Reject DH keys sent by a server if they are considered too small; inspired by a similar BoringSSL change, but raising the limit to 1024 bits. ok jsing@ markus@ guenther@ deraadt@
|
#
1.14 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.13 |
|
10-Dec-2014 |
jsing |
Add regress for ALPN.
Based on OpenSSL.
|
#
1.12 |
|
06-Dec-2014 |
jsing |
The -ssl2 flag does nothing - remove the flag and any tests that were using it.
|
#
1.11 |
|
13-Oct-2014 |
jsing |
Remove _XOPEN_SOURCE_EXTENDED since we're not too concerned about gethostname being declared properly on Compaq platforms that use DEC C...
|
#
1.10 |
|
13-Oct-2014 |
jsing |
BIO_free() and SSL_CTX_free() have explicit NULL checks, so there is no need to have additional checks here.
|
#
1.9 |
|
13-Oct-2014 |
jsing |
Add NPN regress tests from OpenSSL. However, unlike OpenSSL, actually exit with a failure if the NPN verification fails.
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.8 |
|
12-Jul-2014 |
jsing |
More KNF.
|
#
1.7 |
|
12-Jul-2014 |
jsing |
Remove #ifndefs for OPENSSL_NO_DH, OPENSSL_NO_ECDH and OPENSSL_NO_X509_VERIFY. We're not going to build with these and the same removal has already been done for libssl.
|
#
1.6 |
|
11-Jul-2014 |
jsing |
Remove PSK from the ssl regress.
|
#
1.5 |
|
10-Jul-2014 |
jsing |
Uncompress ssltest.
|
#
1.4 |
|
21-Jun-2014 |
jsing |
Add DTLS support to ssltest and wire up some regress tests.
ok miod@
|
#
1.3 |
|
13-Jun-2014 |
miod |
Remove support for the `opaque PRF input' extension, which draft has expired 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major.
With help and enlightenment from Brendan MacDonell.
|
#
1.2 |
|
01-Jun-2014 |
miod |
Build with WARNINGS=Yes and Werror.
|
#
1.1 |
|
24-May-2014 |
jsing |
Move ssltest.c to a regress test.
|
#
1.26 |
|
14-Jul-2020 |
jsing |
Add a -tls1_2 option so we can force TLSv1.2 for testing.
|
#
1.25 |
|
07-Jul-2020 |
jsing |
Remove temporary RSA keys/callbacks code.
This was removed from libssl a very long time ago...
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.24 |
|
07-Apr-2019 |
tb |
exitting -> exiting
From Michael Scovetta, PR #108
|
#
1.23 |
|
11-Nov-2018 |
bcook |
Add automatic threading initialization for libcrypto.
This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks.
This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed.
ok beck@, tb@, looks sane guenther@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.22 |
|
12-Aug-2017 |
jsing |
Remove NPN test coverage.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.21 |
|
04-Mar-2017 |
jsing |
Treat "ERROR in STARTUP" as an actual error, rather than failing without exiting non-zero (which has been masking a DTLS related issue). Also make the message consistent with other errors.
Spotted by inogochi@
|
#
1.20 |
|
04-Mar-2017 |
jsing |
Remove commented out code and fix indentation of surrounding statements.
|
#
1.19 |
|
04-Mar-2017 |
jsing |
Remove handling for SSLv2.
|
#
1.18 |
|
24-Jan-2017 |
jsing |
Use prime256v1 for tests unless otherwise specified.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
13-Sep-2015 |
bcook |
remove e_os2.h includes ok jsing@
|
#
1.16 |
|
27-Aug-2015 |
doug |
Remove SSLv3 support from LibreSSL regression tests.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.15 |
|
08-Mar-2015 |
miod |
Reject DH keys sent by a server if they are considered too small; inspired by a similar BoringSSL change, but raising the limit to 1024 bits. ok jsing@ markus@ guenther@ deraadt@
|
#
1.14 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.13 |
|
10-Dec-2014 |
jsing |
Add regress for ALPN.
Based on OpenSSL.
|
#
1.12 |
|
06-Dec-2014 |
jsing |
The -ssl2 flag does nothing - remove the flag and any tests that were using it.
|
#
1.11 |
|
13-Oct-2014 |
jsing |
Remove _XOPEN_SOURCE_EXTENDED since we're not too concerned about gethostname being declared properly on Compaq platforms that use DEC C...
|
#
1.10 |
|
13-Oct-2014 |
jsing |
BIO_free() and SSL_CTX_free() have explicit NULL checks, so there is no need to have additional checks here.
|
#
1.9 |
|
13-Oct-2014 |
jsing |
Add NPN regress tests from OpenSSL. However, unlike OpenSSL, actually exit with a failure if the NPN verification fails.
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.8 |
|
12-Jul-2014 |
jsing |
More KNF.
|
#
1.7 |
|
12-Jul-2014 |
jsing |
Remove #ifndefs for OPENSSL_NO_DH, OPENSSL_NO_ECDH and OPENSSL_NO_X509_VERIFY. We're not going to build with these and the same removal has already been done for libssl.
|
#
1.6 |
|
11-Jul-2014 |
jsing |
Remove PSK from the ssl regress.
|
#
1.5 |
|
10-Jul-2014 |
jsing |
Uncompress ssltest.
|
#
1.4 |
|
21-Jun-2014 |
jsing |
Add DTLS support to ssltest and wire up some regress tests.
ok miod@
|
#
1.3 |
|
13-Jun-2014 |
miod |
Remove support for the `opaque PRF input' extension, which draft has expired 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major.
With help and enlightenment from Brendan MacDonell.
|
#
1.2 |
|
01-Jun-2014 |
miod |
Build with WARNINGS=Yes and Werror.
|
#
1.1 |
|
24-May-2014 |
jsing |
Move ssltest.c to a regress test.
|
#
1.25 |
|
07-Jul-2020 |
jsing |
Remove temporary RSA keys/callbacks code.
This was removed from libssl a very long time ago...
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.24 |
|
07-Apr-2019 |
tb |
exitting -> exiting
From Michael Scovetta, PR #108
|
#
1.23 |
|
11-Nov-2018 |
bcook |
Add automatic threading initialization for libcrypto.
This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks.
This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed.
ok beck@, tb@, looks sane guenther@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.22 |
|
12-Aug-2017 |
jsing |
Remove NPN test coverage.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.21 |
|
04-Mar-2017 |
jsing |
Treat "ERROR in STARTUP" as an actual error, rather than failing without exiting non-zero (which has been masking a DTLS related issue). Also make the message consistent with other errors.
Spotted by inogochi@
|
#
1.20 |
|
04-Mar-2017 |
jsing |
Remove commented out code and fix indentation of surrounding statements.
|
#
1.19 |
|
04-Mar-2017 |
jsing |
Remove handling for SSLv2.
|
#
1.18 |
|
24-Jan-2017 |
jsing |
Use prime256v1 for tests unless otherwise specified.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
13-Sep-2015 |
bcook |
remove e_os2.h includes ok jsing@
|
#
1.16 |
|
27-Aug-2015 |
doug |
Remove SSLv3 support from LibreSSL regression tests.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.15 |
|
08-Mar-2015 |
miod |
Reject DH keys sent by a server if they are considered too small; inspired by a similar BoringSSL change, but raising the limit to 1024 bits. ok jsing@ markus@ guenther@ deraadt@
|
#
1.14 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.13 |
|
10-Dec-2014 |
jsing |
Add regress for ALPN.
Based on OpenSSL.
|
#
1.12 |
|
06-Dec-2014 |
jsing |
The -ssl2 flag does nothing - remove the flag and any tests that were using it.
|
#
1.11 |
|
13-Oct-2014 |
jsing |
Remove _XOPEN_SOURCE_EXTENDED since we're not too concerned about gethostname being declared properly on Compaq platforms that use DEC C...
|
#
1.10 |
|
13-Oct-2014 |
jsing |
BIO_free() and SSL_CTX_free() have explicit NULL checks, so there is no need to have additional checks here.
|
#
1.9 |
|
13-Oct-2014 |
jsing |
Add NPN regress tests from OpenSSL. However, unlike OpenSSL, actually exit with a failure if the NPN verification fails.
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.8 |
|
12-Jul-2014 |
jsing |
More KNF.
|
#
1.7 |
|
12-Jul-2014 |
jsing |
Remove #ifndefs for OPENSSL_NO_DH, OPENSSL_NO_ECDH and OPENSSL_NO_X509_VERIFY. We're not going to build with these and the same removal has already been done for libssl.
|
#
1.6 |
|
11-Jul-2014 |
jsing |
Remove PSK from the ssl regress.
|
#
1.5 |
|
10-Jul-2014 |
jsing |
Uncompress ssltest.
|
#
1.4 |
|
21-Jun-2014 |
jsing |
Add DTLS support to ssltest and wire up some regress tests.
ok miod@
|
#
1.3 |
|
13-Jun-2014 |
miod |
Remove support for the `opaque PRF input' extension, which draft has expired 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major.
With help and enlightenment from Brendan MacDonell.
|
#
1.2 |
|
01-Jun-2014 |
miod |
Build with WARNINGS=Yes and Werror.
|
#
1.1 |
|
24-May-2014 |
jsing |
Move ssltest.c to a regress test.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.24 |
|
07-Apr-2019 |
tb |
exitting -> exiting
From Michael Scovetta, PR #108
|
#
1.23 |
|
11-Nov-2018 |
bcook |
Add automatic threading initialization for libcrypto.
This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks.
This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed.
ok beck@, tb@, looks sane guenther@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.22 |
|
12-Aug-2017 |
jsing |
Remove NPN test coverage.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.21 |
|
04-Mar-2017 |
jsing |
Treat "ERROR in STARTUP" as an actual error, rather than failing without exiting non-zero (which has been masking a DTLS related issue). Also make the message consistent with other errors.
Spotted by inogochi@
|
#
1.20 |
|
04-Mar-2017 |
jsing |
Remove commented out code and fix indentation of surrounding statements.
|
#
1.19 |
|
04-Mar-2017 |
jsing |
Remove handling for SSLv2.
|
#
1.18 |
|
24-Jan-2017 |
jsing |
Use prime256v1 for tests unless otherwise specified.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
13-Sep-2015 |
bcook |
remove e_os2.h includes ok jsing@
|
#
1.16 |
|
27-Aug-2015 |
doug |
Remove SSLv3 support from LibreSSL regression tests.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.15 |
|
08-Mar-2015 |
miod |
Reject DH keys sent by a server if they are considered too small; inspired by a similar BoringSSL change, but raising the limit to 1024 bits. ok jsing@ markus@ guenther@ deraadt@
|
#
1.14 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.13 |
|
10-Dec-2014 |
jsing |
Add regress for ALPN.
Based on OpenSSL.
|
#
1.12 |
|
06-Dec-2014 |
jsing |
The -ssl2 flag does nothing - remove the flag and any tests that were using it.
|
#
1.11 |
|
13-Oct-2014 |
jsing |
Remove _XOPEN_SOURCE_EXTENDED since we're not too concerned about gethostname being declared properly on Compaq platforms that use DEC C...
|
#
1.10 |
|
13-Oct-2014 |
jsing |
BIO_free() and SSL_CTX_free() have explicit NULL checks, so there is no need to have additional checks here.
|
#
1.9 |
|
13-Oct-2014 |
jsing |
Add NPN regress tests from OpenSSL. However, unlike OpenSSL, actually exit with a failure if the NPN verification fails.
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.8 |
|
12-Jul-2014 |
jsing |
More KNF.
|
#
1.7 |
|
12-Jul-2014 |
jsing |
Remove #ifndefs for OPENSSL_NO_DH, OPENSSL_NO_ECDH and OPENSSL_NO_X509_VERIFY. We're not going to build with these and the same removal has already been done for libssl.
|
#
1.6 |
|
11-Jul-2014 |
jsing |
Remove PSK from the ssl regress.
|
#
1.5 |
|
10-Jul-2014 |
jsing |
Uncompress ssltest.
|
#
1.4 |
|
21-Jun-2014 |
jsing |
Add DTLS support to ssltest and wire up some regress tests.
ok miod@
|
#
1.3 |
|
13-Jun-2014 |
miod |
Remove support for the `opaque PRF input' extension, which draft has expired 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major.
With help and enlightenment from Brendan MacDonell.
|
#
1.2 |
|
01-Jun-2014 |
miod |
Build with WARNINGS=Yes and Werror.
|
#
1.1 |
|
24-May-2014 |
jsing |
Move ssltest.c to a regress test.
|
#
1.23 |
|
11-Nov-2018 |
bcook |
Add automatic threading initialization for libcrypto.
This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks.
This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed.
ok beck@, tb@, looks sane guenther@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.22 |
|
12-Aug-2017 |
jsing |
Remove NPN test coverage.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.21 |
|
04-Mar-2017 |
jsing |
Treat "ERROR in STARTUP" as an actual error, rather than failing without exiting non-zero (which has been masking a DTLS related issue). Also make the message consistent with other errors.
Spotted by inogochi@
|
#
1.20 |
|
04-Mar-2017 |
jsing |
Remove commented out code and fix indentation of surrounding statements.
|
#
1.19 |
|
04-Mar-2017 |
jsing |
Remove handling for SSLv2.
|
#
1.18 |
|
24-Jan-2017 |
jsing |
Use prime256v1 for tests unless otherwise specified.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
13-Sep-2015 |
bcook |
remove e_os2.h includes ok jsing@
|
#
1.16 |
|
27-Aug-2015 |
doug |
Remove SSLv3 support from LibreSSL regression tests.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.15 |
|
08-Mar-2015 |
miod |
Reject DH keys sent by a server if they are considered too small; inspired by a similar BoringSSL change, but raising the limit to 1024 bits. ok jsing@ markus@ guenther@ deraadt@
|
#
1.14 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.13 |
|
10-Dec-2014 |
jsing |
Add regress for ALPN.
Based on OpenSSL.
|
#
1.12 |
|
06-Dec-2014 |
jsing |
The -ssl2 flag does nothing - remove the flag and any tests that were using it.
|
#
1.11 |
|
13-Oct-2014 |
jsing |
Remove _XOPEN_SOURCE_EXTENDED since we're not too concerned about gethostname being declared properly on Compaq platforms that use DEC C...
|
#
1.10 |
|
13-Oct-2014 |
jsing |
BIO_free() and SSL_CTX_free() have explicit NULL checks, so there is no need to have additional checks here.
|
#
1.9 |
|
13-Oct-2014 |
jsing |
Add NPN regress tests from OpenSSL. However, unlike OpenSSL, actually exit with a failure if the NPN verification fails.
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.8 |
|
12-Jul-2014 |
jsing |
More KNF.
|
#
1.7 |
|
12-Jul-2014 |
jsing |
Remove #ifndefs for OPENSSL_NO_DH, OPENSSL_NO_ECDH and OPENSSL_NO_X509_VERIFY. We're not going to build with these and the same removal has already been done for libssl.
|
#
1.6 |
|
11-Jul-2014 |
jsing |
Remove PSK from the ssl regress.
|
#
1.5 |
|
10-Jul-2014 |
jsing |
Uncompress ssltest.
|
#
1.4 |
|
21-Jun-2014 |
jsing |
Add DTLS support to ssltest and wire up some regress tests.
ok miod@
|
#
1.3 |
|
13-Jun-2014 |
miod |
Remove support for the `opaque PRF input' extension, which draft has expired 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major.
With help and enlightenment from Brendan MacDonell.
|
#
1.2 |
|
01-Jun-2014 |
miod |
Build with WARNINGS=Yes and Werror.
|
#
1.1 |
|
24-May-2014 |
jsing |
Move ssltest.c to a regress test.
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.22 |
|
12-Aug-2017 |
jsing |
Remove NPN test coverage.
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.21 |
|
04-Mar-2017 |
jsing |
Treat "ERROR in STARTUP" as an actual error, rather than failing without exiting non-zero (which has been masking a DTLS related issue). Also make the message consistent with other errors.
Spotted by inogochi@
|
#
1.20 |
|
04-Mar-2017 |
jsing |
Remove commented out code and fix indentation of surrounding statements.
|
#
1.19 |
|
04-Mar-2017 |
jsing |
Remove handling for SSLv2.
|
#
1.18 |
|
24-Jan-2017 |
jsing |
Use prime256v1 for tests unless otherwise specified.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.17 |
|
13-Sep-2015 |
bcook |
remove e_os2.h includes ok jsing@
|
#
1.16 |
|
27-Aug-2015 |
doug |
Remove SSLv3 support from LibreSSL regression tests.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.15 |
|
08-Mar-2015 |
miod |
Reject DH keys sent by a server if they are considered too small; inspired by a similar BoringSSL change, but raising the limit to 1024 bits. ok jsing@ markus@ guenther@ deraadt@
|
#
1.14 |
|
14-Dec-2014 |
jsing |
unifdef OPENSSL_NO_NEXTPROTONEG
|
#
1.13 |
|
10-Dec-2014 |
jsing |
Add regress for ALPN.
Based on OpenSSL.
|
#
1.12 |
|
06-Dec-2014 |
jsing |
The -ssl2 flag does nothing - remove the flag and any tests that were using it.
|
#
1.11 |
|
13-Oct-2014 |
jsing |
Remove _XOPEN_SOURCE_EXTENDED since we're not too concerned about gethostname being declared properly on Compaq platforms that use DEC C...
|
#
1.10 |
|
13-Oct-2014 |
jsing |
BIO_free() and SSL_CTX_free() have explicit NULL checks, so there is no need to have additional checks here.
|
#
1.9 |
|
13-Oct-2014 |
jsing |
Add NPN regress tests from OpenSSL. However, unlike OpenSSL, actually exit with a failure if the NPN verification fails.
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.8 |
|
12-Jul-2014 |
jsing |
More KNF.
|
#
1.7 |
|
12-Jul-2014 |
jsing |
Remove #ifndefs for OPENSSL_NO_DH, OPENSSL_NO_ECDH and OPENSSL_NO_X509_VERIFY. We're not going to build with these and the same removal has already been done for libssl.
|
#
1.6 |
|
11-Jul-2014 |
jsing |
Remove PSK from the ssl regress.
|
#
1.5 |
|
10-Jul-2014 |
jsing |
Uncompress ssltest.
|
#
1.4 |
|
21-Jun-2014 |
jsing |
Add DTLS support to ssltest and wire up some regress tests.
ok miod@
|
#
1.3 |
|
13-Jun-2014 |
miod |
Remove support for the `opaque PRF input' extension, which draft has expired 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major.
With help and enlightenment from Brendan MacDonell.
|
#
1.2 |
|
01-Jun-2014 |
miod |
Build with WARNINGS=Yes and Werror.
|
#
1.1 |
|
24-May-2014 |
jsing |
Move ssltest.c to a regress test.
|