- 23 6月, 2017 1 次提交
-
-
由 Pauli 提交于
This macro aborts the test which prevents later tests from executing. It also bypasses the test framework output functionality. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3750)
-
- 10 6月, 2017 1 次提交
-
-
由 Paul Yang 提交于
Signed-off-by: NPaul Yang <paulyang.inf@gmail.com> Reviewed-by: NKurt Roeckx <kurt@openssl.org> Reviewed-by: NBen Kaduk <kaduk@mit.edu> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3622)
-
- 02 5月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3256)
-
- 25 4月, 2017 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3243)
-
- 29 3月, 2017 1 次提交
-
-
由 Pauli 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NEmilia Käsper <emilia@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3011)
-
- 03 3月, 2017 2 次提交
-
-
由 Matt Caswell 提交于
Don't create a custom boolean type for parsing CompressionExpected. Use the existing one instead. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2814)
-
由 Matt Caswell 提交于
Check whether we negotiate compression in various scenarios. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2814)
-
- 09 11月, 2016 1 次提交
-
-
由 Emilia Kasper 提交于
Simple tests only need to implement register_tests(). Tests that need a custom main() should implement test_main(). This will be wrapped in a main() that performs common setup/teardown (currently crypto-mdebug). Note that for normal development, enable-asan is usually sufficient for detecting leaks, and more versatile. enable-crypto-mdebug is stricter as it will also insist that all static variables be freed. This is useful for debugging library init/deinit; however, it also means that test_main() must free everything it allocates. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 07 11月, 2016 1 次提交
-
-
由 Emilia Kasper 提交于
1) Remove some unnecessary fixtures 2) Add EXECUTE_TEST_NO_TEARDOWN shorthand when a fixture exists but has no teardown. 3) Fix return values in ct_test.c (introduced by an earlier refactoring, oops) Note that for parameterized tests, the index (test vector) usually holds all the customization, and there should be no need for a separate test fixture. The CTS test is an exception: it demonstrates how to combine customization with parameterization. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 04 11月, 2016 1 次提交
-
-
由 Emilia Kasper 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 30 8月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
The previous commit revealed a long standing problem where CertStatus processing was broken in DTLS. This would have been revealed by better testing - so add some! Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 18 8月, 2016 1 次提交
-
-
由 Emilia Kasper 提交于
Make maximum fragment length configurable and add various fragmentation tests, in addition to the existing multi-buffer tests. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 16 8月, 2016 1 次提交
-
-
由 Emilia Kasper 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 10 8月, 2016 3 次提交
-
-
由 Emilia Kasper 提交于
Like OPENSSL_assert, but also prints the error stack before exiting. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Emilia Kasper 提交于
This commit only ports existing tests, and adds some coverage for resumption. We don't appear to have any handshake tests that cover SCT validation success, and this commit doesn't change that. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Emilia Kasper 提交于
Some failure tests were failing for the wrong reason after the CTX refactoring. Update those tests. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 08 8月, 2016 1 次提交
-
-
由 Emilia Kasper 提交于
Move custom server and client options from the test dictionary to an "extra" section of each server/client. Rename test expectations to say "Expected". This is a big but straightforward change. Primarily, this allows us to specify multiple server and client contexts without redefining the custom options for each of them. For example, instead of "ServerNPNProtocols", "Server2NPNProtocols", "ResumeServerNPNProtocols", we now have, "NPNProtocols". This simplifies writing resumption and SNI tests. The first application will be resumption tests for NPN and ALPN. Regrouping the options also makes it clearer which options apply to the server, which apply to the client, which configure the test, and which are test expectations. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 01 8月, 2016 1 次提交
-
-
由 Ben Laurie 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 20 7月, 2016 1 次提交
-
-
由 Emilia Kasper 提交于
Systematically test every server-side version downgrade or upgrade. Client version upgrade or downgrade could be tested analogously but will be done in a later change. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 19 7月, 2016 1 次提交
-
-
由 Emilia Kasper 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 28 6月, 2016 1 次提交
-
-
由 Emilia Kasper 提交于
Observe that the old tests were partly ill-defined: setting sn_server1 but not sn_server2 in ssltest_old.c does not enable the SNI callback. Fix this, and also explicitly test both flavours of SNI mismatch (ignore / fatal alert). Tests still pass. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 13 6月, 2016 2 次提交
-
-
由 Emilia Kasper 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Emilia Kasper 提交于
- Only send SNI in SNI tests. This allows us to test handshakes without the SNI extension as well. - Move all handshake-specific machinery to handshake_helper.c - Use enum types to represent the enum everywhere (Resorting to plain ints can end in sign mismatch when the enum is represented by an unsigned type.) Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 10 6月, 2016 1 次提交
-
-
由 Todd Short 提交于
When session tickets are used, it's possible that SNI might swtich the SSL_CTX on an SSL. Normally, this is not a problem, because the initial_ctx/session_ctx are used for all session ticket/id processes. However, when the SNI callback occurs, it's possible that the callback may update the options in the SSL from the SSL_CTX, and this could cause SSL_OP_NO_TICKET to be set. If this occurs, then two bad things can happen: 1. The session ticket TLSEXT may not be written when the ticket expected flag is set. The state machine transistions to writing the ticket, and the client responds with an error as its not expecting a ticket. 2. When creating the session ticket, if the ticket key cb returns 0 the crypto/hmac contexts are not initialized, and the code crashes when trying to encrypt the session ticket. To fix 1, if the ticket TLSEXT is not written out, clear the expected ticket flag. To fix 2, consider a return of 0 from the ticket key cb a recoverable error, and write a 0 length ticket and continue. The client-side code can explicitly handle this case. Fix these two cases, and add unit test code to validate ticket behavior. Reviewed-by: NEmilia Käsper <emilia@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1098)
-
- 18 5月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 13 5月, 2016 1 次提交
-
-
由 Emilia Kasper 提交于
The old proxy tests test the implementation of an application proxy policy callback defined in the test itself, which is not particularly useful. It is, however, useful to test cert verify overrides in general. Therefore, replace these tests with tests for cert verify callback behaviour. Also glob the ssl test inputs on the .in files to catch missing generated files. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 05 4月, 2016 2 次提交
-
-
由 Emilia Kasper 提交于
Require that test methods return 1 on success (not 0). This is more customary for OpenSSL. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Emilia Kasper 提交于
Currently, SSL tests are configured via command-line switches to ssltest.c. This results in a lot of duplication between ssltest.c and apps, and a complex setup. ssltest.c is also simply old and needs maintenance. Instead, we already have a way to configure SSL servers and clients, so we leverage that. SSL tests can now be configured from a configuration file. Test servers and clients are configured using the standard ssl_conf module. Additional test settings are configured via a test configuration. Moreover, since the CONF language involves unnecessary boilerplate, the test conf itself is generated from a shorter Perl syntax. The generated testcase files are checked in to the repo to make it easier to verify that the intended test cases are in fact run; and to simplify debugging failures. To demonstrate the approach, min/max protocol tests are converted to the new format. This change also fixes MinProtocol and MaxProtocol handling. It was previously requested that an SSL_CTX have both the server and client flags set for these commands; this clearly can never work. Guide to this PR: - test/ssl_test.c - test framework - test/ssl_test_ctx.* - test configuration structure - test/handshake_helper.* - new SSL test handshaking code - test/ssl-tests/ - test configurations - test/generate_ssl_tests.pl - script for generating CONF-style test configurations from perl inputs Reviewed-by: NRichard Levitte <levitte@openssl.org>
-