- 25 1月, 2019 1 次提交
-
-
由 Klotz, Tobias 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/7569) (cherry picked from commit 5c8b7b4caa0faedb69277063a7c6b3a8e56c6308)
-
- 24 1月, 2019 1 次提交
-
-
由 Matt Caswell 提交于
During a DTLS handshake we may need to periodically handle timeouts in the DTLS timer to ensure retransmits due to lost packets are performed. However, one peer will always complete a handshake before the other. The DTLS timer stops once the handshake has finished so any handshake messages lost after that point will not automatically get retransmitted simply by calling DTLSv1_handle_timeout(). However attempting an SSL_read implies a DTLSv1_handle_timeout() and additionally will process records received from the peer. If those records are themselves retransmits then we know that the peer has not completed its handshake yet and a retransmit of our final flight automatically occurs. Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8047) (cherry picked from commit 80c455d5ae405e855391e298a2bf8a24629dd95d)
-
- 08 1月, 2019 1 次提交
-
-
由 FdaSilvaYY 提交于
5. check_return: Calling EVP_EncodeUpdate without checking return value (as is done elsewhere 4 out of 5 times). Fix CID 1371695, 1371698: Resource leak in test/evp_test.c - leaked_storage: Variable edata going out of scope leaks the storage it points to. - leaked_storage: Variable encode_ctx going out of scope leaks the storage it points to Fix CID 1430437, 1430426, 1430429 : Dereference before null check in test/drbg_cavs_test.c check_after_deref: Null-checking drbg suggests that it may be null, but it has already been dereferenced on all paths leading to the check Fix CID 1440765: Dereference before null check in test/ssltestlib.c check_after_deref: Null-checking ctx suggests that it may be null, but it has already been dereferenced on all paths leading to the check. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/7993) (cherry picked from commit 760e2d60e62511a6fb96f547f6730d05eb5f47ec)
-
- 26 10月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7414) (cherry picked from commit f1358634af5b84be22cb20fff3dcb613f5f8c978)
-
- 22 9月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/7257) (cherry picked from commit cd6fe29f5bad1a350a039673e06f83ec7a7ef619)
-
- 27 6月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NKurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/6340)
-
- 17 5月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5227)
-
- 11 5月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
If using an old style PSK callback and no certificate is configured for the server, we should prefer ciphersuites based on SHA-256, because that is the default hash for those callbacks as specified in the TLSv1.3 spec. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6215)
-
- 08 5月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Drop a record from a handshake and check that we can still complete the handshake. Repeat for all records in the handshake. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6170)
-
- 03 5月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
The max protocol version was only being set on the server side. It should have been done on both the client and the server. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6113)
-
- 20 3月, 2018 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5689)
-
由 Richard Levitte 提交于
Have all test programs using that function specify those versions. Additionally, have the remaining test programs that use SSL_CTX_new directly specify at least the maximum protocol version. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5663)
-
- 22 8月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4217)
-
- 18 8月, 2017 1 次提交
-
-
由 Pauli 提交于
Apart from ssltest_old.c, the test suite relied on e_os.h for the OSSL_NELEM macro and nothing else. The ssltest_old.c also requires EXIT and some socket macros. Create a new header to define the OSSL_NELEM macro and use that instead. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4186)
-
- 21 6月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3670)
-
- 10 6月, 2017 1 次提交
-
-
由 Paul Yang 提交于
Signed-off-by: NPaul Yang <paulyang.inf@gmail.com> Reviewed-by: NKurt Roeckx <kurt@openssl.org> Reviewed-by: NBen Kaduk <kaduk@mit.edu> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3622)
-
- 10 5月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
Test that custom extensions still work even after a change in SSL_CTX due to SNI. See #2180. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3425)
-
- 27 4月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Also converted most of ssltestlib but left the packet_dump output as-is (for now). Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3257)
-
- 28 3月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Those macros are private, not public. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3044)
-
- 24 2月, 2017 2 次提交
-
-
由 Benjamin Kaduk 提交于
Certain callback APIs allow the callback to request async processing by trickling a particular error value up the stack to the application as an error return from the handshake function. In those cases, SSL_want() returns a code specific to the type of async processing needed. The create_ssl_connection() helper function for the tests is very helpful for several things, including creating API tests. However, it does not currently let us test the async processing functionality of these callback interfaces, because the special SSL error codes are treated as generic errors and the helper continues to loop until it reaches its maximum iteration count. Add a new parameter, 'want', that indicates an expected/desired special SSL error code, so that the helper will terminate when either side reports that error, giving control back to the calling function and allowing the test to proceed. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2279)
-
由 Benjamin Kaduk 提交于
create_ssl_connection() prints out the results if SSL_accept() and/or SSL_connect() fail, but was reusing the client return value when printing about SSL_accept() failures. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2279)
-
- 30 1月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
In TLSv1.3 the connection will be created before the session is established. In OpenSSL we send the NewSessionTicket message immediately after the client finished has been received. Therefore we change create_ssl_connection() to attempt a read of application data after the handshake has completed. We expect this to fail but it will force the reading of the NewSessionTicket and the session to be set up. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2259)
-
- 25 1月, 2017 1 次提交
-
-
由 FdaSilvaYY 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1618)
-
- 23 11月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 10 11月, 2016 1 次提交
-
-
由 Andy Polyakov 提交于
Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
- 27 9月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
A mem leak could occur on an error path. Also the mempacket BIO_METHOD needs to be cleaned up, because of the newly added DTLS test. Also fixed a double semi-colon in ssltestlib.c Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 22 8月, 2016 1 次提交
-
-
由 Richard Levitte 提交于
In mempacket_test_read(), we've already fetched the top value of the stack, so when we shift the stack, we don't care for the value. The compiler needs to be told, or it will complain harshly when we tell it to be picky. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 19 8月, 2016 5 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Clang was complaining about some unused functions. Moving the stack declaration to the header seems to sort it. Also the certstatus variable in dtlstest needed to be declared static. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Split the create_ssl_connection() helper function into two steps: one to create the SSL objects, and one to actually create the connection. This provides the ability to make changes to the SSL object before the connection is actually made. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
This adds a BIO similar to a normal mem BIO but with datagram awareness. It also has the capability to inject additional packets at arbitrary locations into the BIO, for testing purposes. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Dump out the records passed over the BIO. Only works for DTLS at the moment but could easily be extended to TLS. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 19 7月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Add some more tests for sessions following on from the previous commit to ensure the callbacks are called when appropriate. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 02 7月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Don't use hardcoded SSL_METHODs! Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 14 6月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
This commit adds some session API tests, and in particular tests the modified behaviour of SSL_set_session() introduced in the last commit. To do this I have factored out some common code from the asynciotest into a new ssltestlib.c file. I've also renamed getsettest to sslapitest as this more closely matches what it now is! Reviewed-by: NRich Salz <rsalz@openssl.org>
-