The new test framework produces a lot of log files (one for each
test).  Git doesn't need to know.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Note that this required a change in constant_time_test.c, as it says
"ok", which interferes with what Test::Harness expects to see.  I had
constant_time_test.c say "success" instead.
Reviewed-by: NRich Salz <rsalz@openssl.org>

This covers the certificate authority commands, the cms and smime
commands, OCSP, SSL and TSA.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Some of them make use of recipes/tconversion.pl.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Some of them make use of recipes/tconversion.pl.
Reviewed-by: NRich Salz <rsalz@openssl.org>

As tests are done until now, there are a few scripts that look almost,
but not quite the same.  tkey, tx509, tcrl, tpkcs7, treq, tsid and
probably a few more.

recipes/tconversions.pl is a helper script that generalises the
function of each of those, and can then be used in a general manner
from test recipes.
Reviewed-by: NRich Salz <rsalz@openssl.org>

This tests all available openssl cipher commands.
Reviewed-by: NRich Salz <rsalz@openssl.org>

These recipes all correspond to a compiled test program.
Reviewed-by: NRich Salz <rsalz@openssl.org>

The math recipes are among the heavier, but also quite important.
For the BN test, we have previously relied on bc to verify the numbers.
Unfortunately, bc doesn't exist everywhere, making tests on some platforms
rather painful.  With the new recipe (recipes/10-test_bn.t), we rely
on perl's Math::BigInt and a homegrown simple calculator (recipes/bc.pl)
that can do enough to cover for bc.
Reviewed-by: NRich Salz <rsalz@openssl.org>

The idea with this perl based testing framework is to make use of
what's delivered with perl and exists on all sorts of platforms.

The choice came to using Test::More and Test::Harness, as that seems
to be the most widely spread foundation, even if perl is aged.

The main runner of the show is run_tests.pl.  As it currently stands,
it's designed to run from inside Makefile, but it's absolutely
possible to run it from the command line as well, like so:

	cd test
	OPENSSL_SRCDIR=.. perl run_tests.pl

The tester scripts themselves are stored in the subdirectory recipes/,
and initially, we have two such scripts, recipes/00-check_testalltests.t
and recipes/00-check_testexes.t.  recipes/00-check_testalltests.t will
pick out the dependencies of "alltests" in test/Makefile, and check if
it can find recipes with corresponding names.  recipes/00-check_testexes.t
does something similar, but bases it on existing compiled test binaries.
They make it easy to figure out what's to be added, and will be
removed when this effort is finished.

Individual recipes can be run as well, of course, as they are perl
scripts in themselves.  For example, you can run only
recipes/00-check_testexes.t like so:

	cd test
	OPENSSL_SRCDIR=.. perl recipes/00-check_testexes.t

To make coding easier, there's a routine library OpenSSL::Test, which
is reachable in a perl script like so:

	use lib 'testlib';
	use OpenSSL::Test;
Reviewed-by: NRich Salz <rsalz@openssl.org>

Process the ServerKeyExchange message using the PACKET API
Reviewed-by: NTim Hudson <tjh@openssl.org>

Process ServerHello messages using the PACKET API
Reviewed-by: NTim Hudson <tjh@openssl.org>

Ensure that EBCDIC support works and update a comment.
Reviewed-by: NTim Hudson <tjh@openssl.org>

GOST requires improved NumericString support.
Reviewed-by: NTim Hudson <tjh@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

The build was breaking due to a Makefile recipe expecting an openssl
version to be on the PATH with support for the rehash command.
Reviewed-by: NBen Laurie <ben@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

On Unix/Linux platforms, merge c_rehash script into openssl as a
C program.
Signed-off-by: NRich Salz <rsalz@akamai.com>
Reviewed-by: NTim Hudson <tjh@openssl.org>

This takes away a build failure in some cases.
Reviewed-by: NTim Hudson <tjh@openssl.org>

To set both the incoming and outgoing data when 'encrypting' or
'decrypting' to FORMAT_BASE64 wasn't quite the right thing to do.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Reviewed-by: NStephen Henson <steve@openssl.org>

If the output to stdout or the input from stdin is meant to be binary,
it's deeply unsetting to get the occasional LF converted to CRLF or
the other way around.  If someone happens to forget to redirect stdin
or stdout, they will get gibberish anyway, line ending conversion will
not change that.

Therefore, let's not have dup_bio_* decide unilaterally what mode the
BIO derived from stdin and stdout, and rather let the app decide by
declaring the intended format.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Fixing a small mixup.
Reviewed-by: NTim Hudson <tjh@openssl.org>

The test executables use standard output and standard error for text output,
so let's open the corresponding BIOs in text mode.
Reviewed-by: NTim Hudson <tjh@openssl.org>

The different apps had the liberty to decide whether they would open their
input and output files in binary mode or not, which could be confusing if
two different apps were handling the same type of file in different ways.

The solution is to centralise the decision of low level file organisation,
and that the apps would use a selection of formats to state the intent of
the file.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Most of all, we needed to sort out which ones are binary and which
ones are text, and make sure they are treated accordingly and
consistently so
Reviewed-by: NTim Hudson <tjh@openssl.org>

Depending on platform, verify_extra_test may fail because it relies on
test/ being the current working directory.  Make it get all the required
files on the command line instead to solve that issue.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

Add RUN function; remove single-use functions and use their body inline.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Most of the accessors existed and were already used so it was easy.
TS_VERIFY_CTX didn't have accessors/settors so I added the simple and
obvious ones, and changed the app to use them.  Also, within crypto/ts,
replaced the functions with direct access to the structure members
since we generally aren't opaque within a directory.

Also fix RT3901.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Use malloc/free instead of big onstack buffers.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Signed-off-by: NRich Salz <rsalz@akamai.com>
Reviewed-by: NTim Hudson <tjh@openssl.org>

In some environments, such as firmware, the current system time is entirely
meaningless. Provide a clean mechanism to suppress the checks against it.
Signed-off-by: NRich Salz <rsalz@akamai.com>
Reviewed-by: NTim Hudson <tjh@openssl.org>

Since there seems to be no way to avoid linking to libssl and libcrypto,
just wrap the test. This unbreaks "shared" builds when using clang and/or
OS X.
Signed-off-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NBen Laurie <ben@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>