The old proxy tests test the implementation of an application proxy
policy callback defined in the test itself, which is not particularly
useful.

It is, however, useful to test cert verify overrides in
general. Therefore, replace these tests with tests for cert verify
callback behaviour.

Also glob the ssl test inputs on the .in files to catch missing
generated files.
Reviewed-by: NRich Salz <rsalz@openssl.org>

The old cipherlist test in ssltest.c only tests the internal order of
the cipher table, which is pretty useless.

Replace this test with a test that catches inadvertent changes to the
default cipherlist.

Fix run_tests.pl to correctly filter tests that have "list" in their name.

(Also includes a small drive-by fix in .gitignore.)
Reviewed-by: NRich Salz <rsalz@openssl.org>

When *pp is NULL, don't write garbage, return an unexpected pointer
or leak memory on error.
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

The TLSProxy based tests don't work when TLS is disabled so we shouldn't
run them.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Add tests for ASN.1 INTEGER: invalid tag, valid 0, 1, -1 and 0, -1 with
illegal padding.

Also add ASN1_ANY tests for 0, 1 and -1.
Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Using ASN1_ITEM tables in d2i_test: this then uses consistent names and
makes it easier to extend.

Add bio, reencode and compare tests.
Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Our main development platforms are of the Unix family, which doesn't
have the same strictness regarding a shared library being consistent
with the contents of the ld script (.map file, on Linux and Solaris)
as Windows is with the contents of the .def file or VMS is with the
linker symb_vector option.

To eliminate surprises, we therefore need to make sure to check that
the contents of the .map file is matched with the shared library, at
least to check that the shared library isn't missing any symbols that
should be present.

This test isn't absolutely perfect, as it will only check the symbols
that would be present on Linux / Solaris and will therefore miss those
that would only appear on Windows or VMS.  On the other hand, those
platform specific are few and far apart in time, so it's not likely
they will pose a problem.
Reviewed-by: NMatt Caswell <matt@openssl.org>

Add copyright to most .pl files
This does NOT cover any .pl file that has other copyright in it.
Most of those are Andy's but some are public domain.
Fix typo's in some existing files.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The above config options were failing in test_ssl_old.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

The no-tls option was failing in the tests. This fixes it.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Misc fixes to get no-nextprotoneg config option working again.
Reviewed-by: NRich Salz <rsalz@openssl.org>

The simple reason is that the pre-generated files are mainly for Unix.
The VMS variants look slightly different, so comparing will always fail.
Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Suppress CT callbacks with aNULL or PSK ciphersuites that involve
no certificates.  Ditto when the certificate chain is validated via
DANE-TA(2) or DANE-EE(3) TLSA records.  Also skip SCT processing
when the chain is fails verification.

Move and consolidate CT callbacks from libcrypto to libssl.  We
also simplify the interface to SSL_{,CTX_}_enable_ct() which can
specify either a permissive mode that just collects information or
a strict mode that requires at least one valid SCT or else asks to
abort the connection.

Simplified SCT processing and options in s_client(1) which now has
just a simple pair of "-noct" vs. "-ct" options, the latter enables
the permissive callback so that we can complete the handshake and
report all relevant information.  When printing SCTs, print the
validation status if set and not valid.
Signed-off-by: NRob Percival <robpercival@google.com>
Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Misc fixes for no-ocsp
Reviewed-by: NRich Salz <rsalz@openssl.org>

ssltest_old.c is deprecated. New tests should use ssl_test.c, and the
recipes in 80-test_ssl_new.t
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Currently, SSL tests are configured via command-line switches to
ssltest.c. This results in a lot of duplication between ssltest.c and
apps, and a complex setup. ssltest.c is also simply old and needs
maintenance.

Instead, we already have a way to configure SSL servers and clients, so
we leverage that. SSL tests can now be configured from a configuration
file. Test servers and clients are configured using the standard
ssl_conf module. Additional test settings are configured via a test
configuration.

Moreover, since the CONF language involves unnecessary boilerplate, the
test conf itself is generated from a shorter Perl syntax.

The generated testcase files are checked in to the repo to make
it easier to verify that the intended test cases are in fact run; and to
simplify debugging failures.

To demonstrate the approach, min/max protocol tests are converted to the
new format. This change also fixes MinProtocol and MaxProtocol
handling. It was previously requested that an SSL_CTX have both the
server and client flags set for these commands; this clearly can never work.

Guide to this PR:
 - test/ssl_test.c - test framework
 - test/ssl_test_ctx.* - test configuration structure
 - test/handshake_helper.* - new SSL test handshaking code
 - test/ssl-tests/ - test configurations
 - test/generate_ssl_tests.pl - script for generating CONF-style test
   configurations from perl inputs
Reviewed-by: NRichard Levitte <levitte@openssl.org>

These leaks affect 1.1.0 dev branch only; introduced around commit
f93ad22f

Found with LibFuzzer
Reviewed-by: NBen Laurie <ben@openssl.org>

A new X509_VERIFY_PARAM_set_auth_level() function sets the
authentication security level.  For verification of SSL peers, this
is automatically set from the SSL security level.  Otherwise, for
now, the authentication security level remains at (effectively) 0
by default.

The new "-auth_level" verify(1) option is available in all the
command-line tools that support the standard verify(1) options.

New verify(1) tests added to check enforcement of chain signature
and public key security levels.  Also added new tests of enforcement
of the verify_depth limit.

Updated documentation.
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Since OpenSSL::Test only redirects stderr to /dev/null when being run
through non-verbose test harness, this change allows the stderr output
to be displayed when verbosity is requested.
Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Previously, it was sufficient to have certSign in keyUsage when the
basicConstraints extension was missing.  That is still accepted in
a trust anchor, but is no longer accepted in an intermediate CA.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

MR: #2452

According to documentation, perl's Math::BigInt does floored division,
i.e. the bdiv function does 1 / -4 = -1.  OpenSSL's BN_div, as well as
bc, do truncated division, i.e. 1 / -4 = 0.

We need to compensate for that difference in test/recipes/bc.pl to
make sure to verify the bntest results under its own conditions, by
dividing the absolute values of the given numbers and fixup the
result's negativity afterwards.

Closes RT#4485
Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

Misc fixes for no-sock
Reviewed-by: NRichard Levitte <levitte@openssl.org>

This fixes the no-cms compile time option.
Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Misc fixes for no-dsa.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

* Clear proposed, along with selected, before looking at ClientHello
* Add test case for above
* Clear NPN seen after selecting ALPN on server
* Minor documentation updates
Reviewed-by: NEmilia Käsper <emilia@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Numerous fixes for no-des.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NEmilia Käsper <emilia@openssl.org>

The CMS test uses some RC2 keys which should be skipped if the RC2 is
disabled.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

In most builds, we can assume that engines live in the build tree
subdirectory "engines".  This was hard coded into the tests that use
the engine ossltest.

However, that hard coding is tedious, it would need to be done in
every test recipe, and it's an incorrect assumption in some cases.

This change has us play it safe and let the build files tell the
testing framework where the engines are.
Reviewed-by: NViktor Dukhovni <viktor@openssl.org>

TLSProxy starts s_server and specifies the number of client connects
it should expect. After that s_server is supposed to close down
automatically. However, if another test is then run then TLSProxy
will start a new instance of s_server. If the previous instance
hasn't closed down yet then the new instance can fail to bind to
the socket.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

This commit adds the general verify options of ocsp, verify,
cms, etc. to the openssl timestamping app as suggested by
Stephen N. Henson in [openssl.org #4287]. The conflicting
"-policy" option of "openssl ts" has been renamed to
"-tspolicy". Documentation and tests have been updated.

CAVE: This will break code, which currently uses the "-policy"
option.
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Also make it possible to disable afalg separately.

we still need to update config again
Reviewed-by: NRichard Levitte <levitte@openssl.org>

While insignificant on Unix like systems, this is significant on
systems like VMS.
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NTim Hudson <tjh@openssl.org>