- May 08, 2017
-
-
Matt Caswell authored
Update the message callback documentation to cover the new inner content type capability. Also major update of the documentation which was very out of date. Reviewed-by:
Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3408)
-
Matt Caswell authored
When using the -trace option with TLSv1.3 all records appear as "application data". This adds the ability to see the inner content type too. Reviewed-by:
-
Matt Caswell authored
This trace option does not appear in Configure as a separate option and is undocumented. It can be switched on using "-DOPENSSL_SSL_TRACE_CRYPTO", however this does not compile in master or in any 1.1.0 released version. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Check we send supported_groups in EE if there is a group we prefer instead of the one sent in the key_share. Reviewed-by:
-
Matt Caswell authored
The TLSv1.3 spec says that a server SHOULD send supported_groups in the EE message if there is a group that it prefers to the one used in the key_share. Clients MAY act on that. At the moment we don't do anything with it on the client side, but that may change in the future. Reviewed-by:
-
- May 06, 2017
-
-
Richard Levitte authored
Reviewed-by:
Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3400)
-
- May 05, 2017
-
-
Richard Levitte authored
The conditions to skip these recipes entirely don't show in a non-verbose test harness output. We prefer to know, so use skip_all, as it is a little bit more verbose. [extended tests] Reviewed-by:
-
Pauli authored
Some refactoring done as well. The prime_field_tests() function needs splitting and refactoring still. Reviewed-by:
Andy Polyakov <appro@openssl.org> Reviewed-by:
-
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
Perl, multiple versions, for some reason occasionally takes issue with letter b[?] in ox([0-9a-f]+) regex. As result some constants, such as 0xb1 came out wrong when generating code for MASM. Fixes GH#3241. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
- May 04, 2017
-
-
Rich Salz authored
Reviewed-by:
-
Rich Salz authored
Reviewed-by:
-
Rich Salz authored
Fix warning/bug in rc5test Remove useless/warning-only test from dsatest. Reviewed-by:
Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3387)
-
Pauli authored
Format the test failure output more nicely. More vertical space is used to make things a little clearer. Tests are expected to pass so this doesn't impact the normal case. Strings and memory comparisons highlight differences. Reviewed-by:
-
Richard Levitte authored
Because we now have TAP output for every mod_exp round, there's no more need to mark the round with outputting a period. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
The previous commit fixed a bug which occurs when serverinfo is loaded from memory (not from a file). This adds a test for loading serverinfo from memory. Reviewed-by:
-
Matt Caswell authored
SSL_CTX_use_serverinfo_ex() et al were always processing data as if it was V2 format, even if it was V1. This bug was masked because, although we had a test which loaded V1 serverinfo data from a file, the function SSL_CTX_use_serverinfo_file() transparently converts V1 data to V2 before calling SSL_CTX_use_serverinfo_ex(). Reviewed-by:
-
Matt Caswell authored
This reverts commit 1608d658 . This is the wrong fix for this issue. The next commit provides a better fix. Reviewed-by:
-
Matt Caswell authored
The init code uses DSO_dsobyaddr() to leak a reference to ourselves to ensure we remain loaded until atexit() time. In some circumstances that can fail and leave stale errors on the error queue. Fixes #3372 Reviewed-by:
-
Matt Caswell authored
Introduced by commit 0e534337 Reviewed-by:
-
Todd Short authored
|version| "could" be used uninitialized here, not really, but the compiler doesn't understand the flow Reviewed-by:
-
- May 03, 2017
-
-
Rich Salz authored
Reviewed-by:
-
Rich Salz authored
Reviewed-by:
-
Rich Salz authored
Reviewed-by:
-
Rich Salz authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Todd Short authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
This should have been added before but was missed. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Ensure that serverinfo only gets added for the first Certificate in a list. Reviewed-by:
-
Matt Caswell authored
Also document other releated changes to the serverinfo capability. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
This also tests the SERVERINFO2 file format. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
