- Aug 10, 2016
-
-
Emilia Kasper authored
In practice, CT isn't really functional without EC anyway, as most logs use EC keys. So, skip loading the log list with no-ec, and skip CT tests completely in that conf. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
jamercee authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1386)
-
JimC authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1386)
-
jamercee authored
Commit 417be660 broken BIO_new_accept() by changing the definition of the macro BIO_set_accept_port() which stopped acpt_ctrl() from calling BIO_parse_hostserv(). This commit completes the series of changes initiated in 417be660. Updated pods to reflect new definition introduced by 417be660 . Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1386)
-
Rich Salz authored
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1429)
-
Rich Salz authored
Binary- and backward-compatible. Just better. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1429)
-
Kurt Roeckx authored
Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1421)
-
Rich Salz authored
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1397)
-
Rich Salz authored
Reviewed-by: Emilia Käsper <emilia@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1385
-
Emilia Kasper authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Emilia Kasper authored
Like OPENSSL_assert, but also prints the error stack before exiting. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Emilia Kasper authored
This commit only ports existing tests, and adds some coverage for resumption. We don't appear to have any handshake tests that cover SCT validation success, and this commit doesn't change that. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Emilia Kasper authored
Make method names match reality Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Emilia Kasper authored
Some failure tests were failing for the wrong reason after the CTX refactoring. Update those tests. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
David Woodhouse authored
As discussed in PR#1409 it can be done differently. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
David Woodhouse authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
- Aug 08, 2016
-
-
Adam Langley authored
Thanks to Peter Gijsels for pointing out that if a CBC record has 255 bytes of padding, the first was not being checked. (This is an import of change 80842bdb from BoringSSL.) Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1431)
-
Cristian Stoica authored
Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com> Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1378)
-
Emilia Kasper authored
In NPN and ALPN, the protocol is renegotiated upon resumption. Test that resumption picks up changes to the extension. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Emilia Kasper authored
OPENSSL_NO_NEXTPROTONEG only disables NPN, not ALPN Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Emilia Kasper authored
Move custom server and client options from the test dictionary to an "extra" section of each server/client. Rename test expectations to say "Expected". This is a big but straightforward change. Primarily, this allows us to specify multiple server and client contexts without redefining the custom options for each of them. For example, instead of "ServerNPNProtocols", "Server2NPNProtocols", "ResumeServerNPNProtocols", we now have, "NPNProtocols". This simplifies writing resumption and SNI tests. The first application will be resumption tests for NPN and ALPN. Regrouping the options also makes it clearer which options apply to the server, which apply to the client, which configure the test, and which are test expectations. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Aug 06, 2016
-
-
JimC authored
Commit 3eb2aff4 renamed a field of ssl_cipher_st from algorithm_ssl -> min_tls but neglected to update the fprintf reference which is included by -DCIPHER_DEBUG Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1417)
-
Richard Levitte authored
I bug in perl's File::Spec->canonpath() was uncovered. There's nothing we can do about it (except re-implementing canonpath()), except working around the problem (a directory rename) and reporting the issue to the perl module developers. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Tomas Mraz authored
Add colon when printing Registered ID. Remove extra space when printing DirName. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1401)
-
Rob Percival authored
In one failure case, it used to return -1. That failure case (CTLOG_new() returning NULL) was not usefully distinct from all of the other failure cases. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1407)
-
- Aug 05, 2016
-
-
klemens authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1413)
-
klemens authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1413)
-
Rob Percival authored
This is an entirely useless function, given that CTLOG is publicly immutable. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1406)
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
These functions are: SSL_use_certificate_file SSL_use_RSAPrivateKey_file SSL_use_PrivateKey_file SSL_CTX_use_certificate_file SSL_CTX_use_RSAPrivateKey_file SSL_CTX_use_PrivateKey_file SSL_use_certificate_chain_file Internally, they use BIO_s_file(), which is defined and implemented at all times, even when OpenSSL is configured no-stdio. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
The macros that produce PEM_write_FOO() andd PEM_read_FOO() only do so unless 'no-stdio' has been configured. mkdef.pl should mimic that by marking those functions with the "STDIO" algo. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
These were guarded by $disabled{tests}. However, 'tests' is disabled if we configure 'no-stdio', which means that we don't detect the lack of OPENSSL_NO_STDIO guards in our public header files. So we move the generation and build of test/buildtest_*.c to be unconditional. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Thanks to Hanno Böck for reporting this bug. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Emilia Kasper authored
Should result in more accurate header file coverage, see https://github.com/eddyxu/cpp-coveralls/issues/54 Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-
Emilia Kasper authored
Run tests with coverage and report to coveralls.io For simplicity, this currently only adds a single target in a configuration that attempts to maximize coverage. The true CI coverage from all the various builds may be a little larger. The coverage run has the following configuration: - no-asm: since we can't track asm coverage anyway, might as well measure the non-asm code coverage. - Enable various disabled-by-default options: - rc5 - md2 - ec_nistp_64_gcc_128 - ssl3 - ssl3-method - weak-ssl-ciphers Finally, observe that no-pic implies no-shared, and therefore running both builds in the matrix is redundant. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-
Dr. Stephen Henson authored
Thank to Shi Lei for reporting this bug. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Rich Salz authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-