1. 28 9月, 2019 1 次提交
  2. 29 5月, 2018 1 次提交
  3. 11 5月, 2018 1 次提交
  4. 27 7月, 2017 1 次提交
    • P
      Update the test framework so that the need for test_main is removed. Everything · ad887416
      Pauli 提交于
      that needed test_main now works using the same infrastructure as tests that used
      register_tests.
      
      This meant:
      * renaming register_tests to setup_tests and giving it a success/failure return.
      * renaming the init_test function to setup_test_framework.
      * renaming the finish_test function to pulldown_test_framework.
      * adding a user provided global_init function that runs before the test frame
          work is initialised.  It returns a failure indication that stops the stest.
      * adding helper functions that permit tests to access their command line args.
      * spliting the BIO initialisation and finalisation out from the test setup and
          teardown.
      * hiding some of the now test internal functions.
      * fix the comments in testutil.h
      Reviewed-by: NRichard Levitte <levitte@openssl.org>
      (Merged from https://github.com/openssl/openssl/pull/3953)
      ad887416
  5. 21 6月, 2017 1 次提交
  6. 27 4月, 2017 1 次提交
  7. 24 2月, 2017 1 次提交
    • B
      Let test handshakes stop on certain errors · 8e2236ef
      Benjamin Kaduk 提交于
      Certain callback APIs allow the callback to request async processing
      by trickling a particular error value up the stack to the application
      as an error return from the handshake function.  In those cases,
      SSL_want() returns a code specific to the type of async processing
      needed.
      
      The create_ssl_connection() helper function for the tests is very
      helpful for several things, including creating API tests.  However,
      it does not currently let us test the async processing functionality
      of these callback interfaces, because the special SSL error codes
      are treated as generic errors and the helper continues to loop until
      it reaches its maximum iteration count.
      
      Add a new parameter, 'want', that indicates an expected/desired
      special SSL error code, so that the helper will terminate when
      either side reports that error, giving control back to the calling
      function and allowing the test to proceed.
      Reviewed-by: NMatt Caswell <matt@openssl.org>
      Reviewed-by: NRichard Levitte <levitte@openssl.org>
      (Merged from https://github.com/openssl/openssl/pull/2279)
      8e2236ef
  8. 16 2月, 2017 1 次提交
    • M
      Don't change the state of the ETM flags until CCS processing · 28a31a0a
      Matt Caswell 提交于
      In 1.1.0 changing the ciphersuite during a renegotiation can result in
      a crash leading to a DoS attack. In master this does not occur with TLS
      (instead you get an internal error, which is still wrong but not a security
      issue) - but the problem still exists in the DTLS code.
      
      The problem is caused by changing the flag indicating whether to use ETM
      or not immediately on negotiation of ETM, rather than at CCS. Therefore,
      during a renegotiation, if the ETM state is changing (usually due to a
      change of ciphersuite), then an error/crash will occur.
      
      Due to the fact that there are separate CCS messages for read and write
      we actually now need two flags to determine whether to use ETM or not.
      
      CVE-2017-3733
      Reviewed-by: NRichard Levitte <levitte@openssl.org>
      28a31a0a
  9. 09 11月, 2016 1 次提交
  10. 02 11月, 2016 1 次提交