Skip to content
  1. Apr 05, 2016
    • Emilia Kasper's avatar
      Rename ssltest -> ssltest_old · 69853045
      Emilia Kasper authored
      
      
      ssltest_old.c is deprecated. New tests should use ssl_test.c, and the
      recipes in 80-test_ssl_new.t
      
      Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
      69853045
    • Emilia Kasper's avatar
      testutil: return 1 on success · ababe86b
      Emilia Kasper authored
      
      
      Require that test methods return 1 on success (not 0). This is more
      customary for OpenSSL.
      
      Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
      ababe86b
    • Dr. Stephen Henson's avatar
      fix memory leak in ca · 6e863f07
      Dr. Stephen Henson authored
      
      
      Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
      6e863f07
    • Emilia Kasper's avatar
      New SSL test framework · 453dfd8d
      Emilia Kasper authored
      
      
      Currently, SSL tests are configured via command-line switches to
      ssltest.c. This results in a lot of duplication between ssltest.c and
      apps, and a complex setup. ssltest.c is also simply old and needs
      maintenance.
      
      Instead, we already have a way to configure SSL servers and clients, so
      we leverage that. SSL tests can now be configured from a configuration
      file. Test servers and clients are configured using the standard
      ssl_conf module. Additional test settings are configured via a test
      configuration.
      
      Moreover, since the CONF language involves unnecessary boilerplate, the
      test conf itself is generated from a shorter Perl syntax.
      
      The generated testcase files are checked in to the repo to make
      it easier to verify that the intended test cases are in fact run; and to
      simplify debugging failures.
      
      To demonstrate the approach, min/max protocol tests are converted to the
      new format. This change also fixes MinProtocol and MaxProtocol
      handling. It was previously requested that an SSL_CTX have both the
      server and client flags set for these commands; this clearly can never work.
      
      Guide to this PR:
       - test/ssl_test.c - test framework
       - test/ssl_test_ctx.* - test configuration structure
       - test/handshake_helper.* - new SSL test handshaking code
       - test/ssl-tests/ - test configurations
       - test/generate_ssl_tests.pl - script for generating CONF-style test
         configurations from perl inputs
      
      Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
      453dfd8d
  2. Apr 04, 2016
  3. Apr 03, 2016
  4. Apr 02, 2016