- 10 3月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2896)
-
- 05 3月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
We just check that if we insert a cookie into an HRR it gets echoed back in the subsequent ClientHello. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2839)
-
- 14 2月, 2017 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
- 30 1月, 2017 2 次提交
-
-
由 Matt Caswell 提交于
TLSProxy normally fires off s_client, which creates a connection to the server. TLSProxy also pipes some data to send to the process and s_client automatically exits when the pipe hits eof. Unfortunately this means that it sends the data and closes before it has processed the NewSessionTicket returned from the server in TLSv1.3. This commits adds an option for s_client to stay loaded until the sesion has been processed. A side effect of this is that s_client never sends a close_notify in this mode, so we count success as seeing that data has been transferred. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2259)
-
由 Matt Caswell 提交于
This is required for the later addition of resumption support. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2259)
-
- 23 1月, 2017 1 次提交
-
-
由 Bernd Edlinger 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2205)
-
- 11 1月, 2017 3 次提交
-
-
由 Matt Caswell 提交于
This enables us to make changes to in-flight TLSv1.3 messages that appear after the ServerHello. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2157)
-
由 Matt Caswell 提交于
Previously SKE in TLSProxy only knew about one anonymous ciphersuite so there was never a signature. Extend that to include a ciphersuite that is not anonymous. This also fixes a bug where the existing SKE processing was checking against the wrong anon ciphersuite value. This has a knock on impact on the sslskewith0p test. The bug meant the test was working...but entirely by accident! Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2157)
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2157)
-
- 06 1月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
Also updates TLSProxy to be able to understand the format and parse the contained extensions. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2020)
-
- 29 12月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
The previous commit fixed a bug where the EC point formats extensions did not appear in the ServerHello. This should have been caught by 70-test_sslmessages but that test never tries an EC ciphersuite. This updates the test to do that. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2153)
-
- 09 12月, 2016 8 次提交
-
-
由 Matt Caswell 提交于
The indentation was a bit off in some of the perl files following the extensions refactor. Perl changes reviewed by Richard Levitte. Non-perl changes reviewed by Rich Salz Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Perl changes reviewed by Richard Levitte. Non-perl changes reviewed by Rich Salz Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Perl changes reviewed by Richard Levitte. Non-perl changes reviewed by Rich Salz Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Perl changes reviewed by Richard Levitte. Non-perl changes reviewed by Rich Salz Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Extend test_tls13messages to additionally check the expected extensions under different options given to s_client/s_server. Perl changes reviewed by Richard Levitte. Non-perl changes reviewed by Rich Salz Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Because extensions were keyed by type which is sparse, we were continually scanning the list to find the one we wanted. The way we stored them also had the side effect that we were running initialisers/finalisers in a different oder to the parsers. In this commit we change things so that we instead key on an index value for each extension. Perl changes reviewed by Richard Levitte. Non-perl changes reviewed by Rich Salz Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
At this stage the message is just empty. We need to fill it in with extension data. Perl changes reviewed by Richard Levitte. Non-perl changes reviewed by Rich Salz Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
There are some minor differences in the format of a ServerHello in TLSv1.3. Perl changes reviewed by Richard Levitte. Non-perl changes reviewed by Rich Salz Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 06 12月, 2016 2 次提交
-
-
由 Matt Caswell 提交于
Add some tests for the new record construction Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 30 11月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
This updates the record layer to use the TLSv1.3 style nonce construciton. It also updates TLSProxy and ossltest to be able to recognise the new layout. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 23 11月, 2016 2 次提交
-
-
由 Matt Caswell 提交于
After the client processes the server's initial flight in TLS1.3 it may respond with either an encrypted, or an unencrypted alert. We needed to teach TLSProxy about this so that it didn't issue spurious warnings. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 16 11月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 10 11月, 2016 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 07 11月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Prior to TLS1.3 we check that the received record version number is correct. In TLS1.3 we need to ignore the record version number. This adds a test to make sure we do it correctly. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 03 11月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
We should fail if we receive an unrecognised record type Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 02 11月, 2016 2 次提交
-
-
由 Matt Caswell 提交于
Now that ossltest knows about a TLS1.3 cipher we can now do TLS1.3 in TLSProxy Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Includes addition of the various options to s_server/s_client. Also adds one of the new TLS1.3 ciphersuites. This isn't "real" TLS1.3!! It's identical to TLS1.2 apart from the protocol and the ciphersuite...and the ciphersuite is just a renamed TLS1.2 one (not a "real" TLS1.3 ciphersuite). Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 27 9月, 2016 1 次提交
-
-
由 David Benjamin 提交于
This is a regression test for https://github.com/openssl/openssl/pull/1431. It tests a maximally-padded record with each possible invalid offset. This required fixing a bug in Message.pm where the client sending a fatal alert followed by close_notify was still treated as success. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 16 8月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Test that we handle a TLS ClientHello in an SSLv2 record correctly. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 27 6月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
The previous commit fixed a problem where fragmented alerts would cause an infinite loop. This commit adds a test for these fragmented alerts. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 16 6月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
On some platforms we can't startup the TLSProxy due to environmental problems (e.g. network set up on the build machine). These aren't OpenSSL problems so we shouldn't treat them as test failures. Just visibly indicate that we are skipping the test. We only skip the first time we attempt to start up the proxy. If that works then everything else should do...if not we should probably investigate and so report as a failure. This also removes test_networking...there is a danger that this turns into a test of user's environmental set up rather than OpenSSL. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 17 5月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Workaround an apparent IO:Socket::IP bug where a seemingly valid server socket is being returned even though a valid connection does not exist. This causes the tests to intermittently hang. We additionally check that the peerport looks ok to verify that the returned socket looks usable. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 12 5月, 2016 1 次提交
-
-
由 Viktor Dukhovni 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 20 4月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 16 3月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
TLSProxy starts s_server and specifies the number of client connects it should expect. After that s_server is supposed to close down automatically. However, if another test is then run then TLSProxy will start a new instance of s_server. If the previous instance hasn't closed down yet then the new instance can fail to bind to the socket. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-