- 31 8月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3926)
-
- 25 8月, 2017 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4257)
-
由 Kazuki Yamaguchi 提交于
A condition was removed by commit 1053a6e2; presumably it was an unintended change. Restore the previous behavior so the get_session_cb won't be called with zero-length session ID. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/4236)
-
- 22 8月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4217)
-
- 18 8月, 2017 2 次提交
-
-
由 Todd Short 提交于
Force non-empty padding extension. When enabled, force the padding extension to be at least 1 byte long. WebSphere application server cannot handle having an empty extension (e.g. EMS/EtM) as the last extension in a client hello. This moves the SigAlgs extension last for TLSv1.2 to avoid this issue. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3921)
-
由 Pauli 提交于
Apart from ssltest_old.c, the test suite relied on e_os.h for the OSSL_NELEM macro and nothing else. The ssltest_old.c also requires EXIT and some socket macros. Create a new header to define the OSSL_NELEM macro and use that instead. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4186)
-
- 13 8月, 2017 1 次提交
-
-
由 FdaSilvaYY 提交于
[skip ci] Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4149)
-
- 10 8月, 2017 1 次提交
-
-
由 Benjamin Kaduk 提交于
When we are using the internal cache we have to make a copy of the session before removing it from the parent context's cache, since we want our copy to still be resumable. However, SSL_CTX_remove_session() just detaches the session from the SSL_CTX; it does not free the session. So, we must call SSL_SESSION_free() ourselves before overwriting the variable that we dup'd from. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4126)
-
- 09 8月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
In particular this covers the scenario mentioned in #4014 Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4072)
-
- 02 8月, 2017 1 次提交
-
-
由 Pauli 提交于
Removing the use of SETUP_TEST_FIXTURE reduces complxity in those tests that used it. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4066)
-
- 01 8月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
In TLSv1.3 we can resume, but still get a new session. This adds a test to make sure that is happening. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4068)
-
- 27 7月, 2017 1 次提交
-
-
由 Pauli 提交于
that needed test_main now works using the same infrastructure as tests that used register_tests. This meant: * renaming register_tests to setup_tests and giving it a success/failure return. * renaming the init_test function to setup_test_framework. * renaming the finish_test function to pulldown_test_framework. * adding a user provided global_init function that runs before the test frame work is initialised. It returns a failure indication that stops the stest. * adding helper functions that permit tests to access their command line args. * spliting the BIO initialisation and finalisation out from the test setup and teardown. * hiding some of the now test internal functions. * fix the comments in testutil.h Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3953)
-
- 19 7月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NBen Kaduk <kaduk@mit.edu> Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/3954)
-
- 18 7月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3933)
-
- 07 7月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
Our test was using 32. The latest ticket nonce changes now validate this value and so sslapitest was failing. Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3852)
-
- 29 6月, 2017 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3782)
-
由 Matt Caswell 提交于
There aren't any test vectors for this, so all we do is test that both sides of the communication create the same result for different protocol versions. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3782)
-
- 21 6月, 2017 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3670)
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3670)
-
- 16 6月, 2017 3 次提交
-
-
由 Matt Caswell 提交于
Make it clear that we are pausing one of the connections and then restarting it again. Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3623)
-
由 Matt Caswell 提交于
This does things as per the recommendation in the TLSv1.3 spec. It also means that the server will always choose its preferred ciphersuite. Previously the server would only select ciphersuites compatible with the session. Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3623)
-
由 Matt Caswell 提交于
Test that if a server selects a differenct ciphersuite with the same hash in TLSv1.3 then this is accepted by the client. Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3623)
-
- 12 6月, 2017 1 次提交
-
-
由 Benjamin Kaduk 提交于
Call it from the early callback used for testing these functions, and verify the expected contents of the ClientHello Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2976)
-
- 12 5月, 2017 1 次提交
-
-
由 Bernd Edlinger 提交于
- Mostly missing fall thru comments - And uninitialized value used in sslapitest.c Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3440)
-
- 10 5月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
Test that custom extensions still work even after a change in SSL_CTX due to SNI. See #2180. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3425)
-
- 04 5月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
The previous commit fixed a bug which occurs when serverinfo is loaded from memory (not from a file). This adds a test for loading serverinfo from memory. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3382)
-
- 27 4月, 2017 2 次提交
-
-
由 Rich Salz 提交于
Showed up on GCC with strict warnings. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3325)
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3252)
-
- 25 4月, 2017 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3243)
-
- 07 4月, 2017 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3139)
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3139)
-
- 04 4月, 2017 2 次提交
-
-
由 Matt Caswell 提交于
Make sure the server can write normal data after earlier writing early data. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3091)
-
由 Matt Caswell 提交于
Commit 9b5c865d introduced a synthetic delay between arrival of EoED and CF. We actually want to delay the arrival of CF even further to demonstrate that we can write early data even when "in init". Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3091)
-
- 30 3月, 2017 2 次提交
-
-
由 Matt Caswell 提交于
This tests the bug fixed in the previous commit. We introduce a synthetic delay between the server receiving EoED and CF and check that we can still send early data. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3089)
-
由 Matt Caswell 提交于
We want to make sure that if we if are using SSL_MODE_AUTO_RETRY then if SSL_read_early_data() hits EndOfEarlyData then it doesn't auto retry and end up with normal data. The same issue could occur with read_ahead which is what we use in this test. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3077)
-
- 29 3月, 2017 1 次提交
-
-
由 FdaSilvaYY 提交于
Fix some comments too [skip ci] Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3069)
-
- 16 3月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
The end of early data is now indicated by a new handshake message rather than an alert. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2895)
-
- 03 3月, 2017 3 次提交
-
-
由 Matt Caswell 提交于
Change the early data API so that the server must use SSL_write_early_data() to write to an unauthenticated client. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2737)
-
由 Matt Caswell 提交于
This is for consistency with the rest of the API where all the functions are called *early_data*. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2737)
-
由 Matt Caswell 提交于
This is for consistency with the rest of the API where all the functions are called *early_data*. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2737)
-