mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-12 13:36:28 +08:00
Code Issues Packages Projects Releases Wiki Activity
18,631 Commits 34 Branches 385 Tags 429 MiB
aec23ecebd
Commit Graph

18631 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Richard Levitte
aec23ecebd Don't run OCSP tests when OCSP is disabled 
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2173)
 2017-01-04 15:27:00 +01:00
Richard Levitte
8f8c11d83f Don't build OCSP stuff when OCSP is disabled 
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2173)
 2017-01-04 15:27:00 +01:00
Richard Levitte
327d38d0ac Don't test SRP when it's disabled 
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2172)
 2017-01-04 15:24:34 +01:00
Richard Levitte
e0c47b2c3a Don't run NPN tests when NPN is disabled 
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2171)
 2017-01-04 08:28:43 +01:00
Dr. Stephen Henson
13ab87083a Add RSA decrypt and OAEP tests. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2017-01-01 19:29:26 +00:00
Dr. Stephen Henson
4fee75ca23 evptests.txt is not a shell script 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2017-01-01 19:23:28 +00:00
Matt Caswell
d2e491f225 Don't run the sigalgs tests over a TLSv1.3 connection 
We need a new API for TLSv1.3 sig algs

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2160)
 2016-12-30 20:59:16 +00:00
Matt Caswell
f1b25aaed3 Provide some tests for the sig algs API 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2160)
 2016-12-30 20:58:58 +00:00
Matt Caswell
fb3ae0e830 Fix the SSL_set1_sigalgs() macro 
This macro has a typo in it which makes it unusable. This issue was already
fixed in 1.0.2 in commit 75fdee0482, but the same fix was not applied to
other branches.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2160)
 2016-12-30 17:33:43 +00:00
Richard Levitte
2ed4c57149 70-test_sslvertol.t: skip test 1 and 2 if too few protocols are enabled 
These tests depend on there being at least one protocol version below
TLSv1.3 enabled.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2144)
 2016-12-29 15:42:23 +01:00
Richard Levitte
ac6eb15293 80-test_ssl_new.t: Make 19-mac-then-encrypt.conf work without TLSv1.2 
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2144)
 2016-12-29 15:42:22 +01:00
Richard Levitte
7638e37846 70-test_sslvertol.t: Make sure to check a max TLS version that matches configuration 
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2144)
 2016-12-29 15:42:22 +01:00
Richard Levitte
f6e752c0ac 70-test_sslmessages.t: Don't check EXT_SIG_ALGS if TLS 1.2 is disabled 
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2144)
 2016-12-29 15:12:09 +01:00
Matt Caswell
0a6793c942 Fix CT test_sslmessages hangs 
The CT tests in test_sslmessages require EC to be available, therefore
we must skip these if no-ec

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2153)
 2016-12-29 13:32:54 +00:00
Matt Caswell
3cf96e88b7 Fix compilation with no-ec 
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2153)
 2016-12-29 13:32:54 +00:00
Matt Caswell
0785274ca5 Fix extension for various no- options 
Previously we were omitting the extension information from ext_defs if
the association no- option was defined. This doesn't work because the
indexes into the table are no longer valid.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2153)
 2016-12-29 13:32:54 +00:00
Matt Caswell
397f4f7876 Add a test to check the EC point formats extension appears when we expect 
The previous commit fixed a bug where the EC point formats extensions did
not appear in the ServerHello. This should have been caught by
70-test_sslmessages but that test never tries an EC ciphersuite. This
updates the test to do that.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2153)
 2016-12-29 13:32:54 +00:00
Matt Caswell
3b58c54f26 Fix the EC point formats extension 
This should be sent in the ServerHello if a EC based ciphersuite is
negotiated. The relevant flag to do this was missed off in the recent
extensions refactor.

Fixes GitHub Issue #2133

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2153)
 2016-12-29 13:32:54 +00:00
Markus Triska
67adf0a7c2 replace "will lookup up" by "will look up" 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
CLA: trivial
(Merged from https://github.com/openssl/openssl/pull/2145)
 2016-12-29 01:29:39 +01:00
Andy Polyakov
3c274a6e20 chacha/asm/chacha-x86_64.pl: add AVX512 path optimized for shorter inputs. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-12-25 16:31:40 +01:00
Todd Short
8bfa99f04f Fix EVP_MD_meth_get_flags 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2134)
 2016-12-22 15:23:41 +01:00
Richard Levitte
1307af2283 Travis: The TLS 1.3 code isn't interoperable yet, move it to its own build 
We should move it back to the BORINGTEST build when we are approaching
interoperability.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2123)
 2016-12-21 18:56:42 +01:00
Richard Levitte
2629440d42 Reformat M_check_autoarg to match our coding style 
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2121)
 2016-12-20 23:21:25 +01:00
Richard Levitte
d7c8f142ea M_check_autoarg: sanity check the key 
For now, checking that the size is non-zero will suffice.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2120)
 2016-12-20 16:10:24 +01:00
Richard Levitte
992155d0ea Add bwrite_conv and bread_conv values to methods_dgramp_sctp 
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2116)
 2016-12-19 20:08:30 +01:00
Richard Levitte
c0aa6b814e Fix erroneous goto lable 
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2116)
 2016-12-19 20:08:30 +01:00
Andy Polyakov
a30b0522cb x86 assembly pack: update performance results. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-12-19 16:18:25 +01:00
Kurt Roeckx
f15eed3b79 Update fuzz corpora 
Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #2090
 2016-12-19 00:46:45 +01:00
Kurt Roeckx
a1d6a0b6e6 Fix memory leak in tls_parse_stoc_key_share 
Found by oss-fuzz

Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #2102
 2016-12-19 00:46:43 +01:00
Finn Hakansson
0b742f93ea Fix typo. 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
CLA: trivial
(Merged from https://github.com/openssl/openssl/pull/2086)
 2016-12-18 21:44:42 +01:00
Richard Levitte
ceb6d74694 test/ssl_test: give up if both client and server wait on read 
In some cases, both client and server end of the test can end up in
SSL_ERROR_WANT_READ and never get out of it, making the test spin.
Detect it and give up instead of waiting endlessly.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2096)
 2016-12-16 14:46:58 +01:00
Richard Levitte
a05bed1952 Fix no-ct, skip tests recipes that try to test CT 
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2096)
 2016-12-16 14:46:58 +01:00
Richard Levitte
97043e46aa e_afalg: Don't warn about kernel version when pedantic 
When built with --strict-warnings and the Linux kernel headers don't
match the kernel version, the preprocessor warnings in
engines/afalg/e_afalg.c cause compilation errors.  Use the macro
PEDANTIC to avoid those warnings in that case.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2095)
 2016-12-16 14:43:49 +01:00
Richard Levitte
cd3fe0e09c evp_test: when function and reason strings aren't available, just skip 
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2093)
 2016-12-16 14:39:46 +01:00
Richard Levitte
7d9533bfa2 HP-UX doesn't have hstrerror(), so make our own for that platform 
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2092)
(cherry picked from commit 46766d0036)
 2016-12-16 14:37:56 +01:00
Kurt Roeckx
4e9954799a Make client and server fuzzer support all ciphers 
Also send a SNI extension in the client so the fuzzer can react to it.

Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2088
 2016-12-16 01:08:22 +01:00
Kurt Roeckx
e104d01deb Document the recommended parameters for fuzzing 
We use those parameters for calculating the coverage.

Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2088
 2016-12-16 01:08:22 +01:00
Kurt Roeckx
2fd54ebadf Enable TLS1.3 and PEDANTIC in the coverage target 
This make sure that the coverage is the same for the fuzzers and this
coverage target

Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2088
 2016-12-16 01:08:22 +01:00
Kurt Roeckx
eeab356c29 Don't call memcpy with NULL as source 
Calling it with lenght 0 and NULL as source is undefined behaviour.

Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2089
 2016-12-15 21:45:25 +01:00
Andy Polyakov
1ea01427c5 poly1305/asm/poly1305-x86_64.pl: allow nasm to assemble AVX512 code. 
chacha/asm/chacha-x86_64.pl: refine nasm version detection logic.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-12-15 17:57:50 +01:00
Andy Polyakov
526ab89645 perlasm/x86_64-xlate.pl: add support for AVX512 OPMASK-ing. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-12-15 17:57:45 +01:00
Andy Polyakov
569204be90 man3/OPENSSL_ia32cap.pod: clarify AVX512 support in clang context. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-12-15 17:57:38 +01:00
Rich Salz
2b40699082 CRL critical extension bugfix 
More importantly, port CRL test from boringSSL crypto/x509/x509_test.cc

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1775)
 2016-12-14 12:32:49 -05:00
Dr. Stephen Henson
99f2f1dc3e Add function and reason checking to evp_test 
Add options to check the function and reason code matches expected values.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-12-14 16:33:41 +00:00
Rich Salz
a47bc28317 Add X509_VERIFY_PARAM inheritance flag set/get 
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2079)
 2016-12-13 14:30:21 -05:00
Rich Salz
3dfda1a636 Fix various doc nits. 
find-doc-nits warns if you don't give a "what to do flag"
Don't use regexps for section names, just strings:  More consistency.
Rename "COMMAND OPTIONS" to OPTIONS.
Fix a couple of other nit-level things.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2076)
 2016-12-13 12:12:35 -05:00
Azat Khuzhin
b9b5181dd2 Remove ENGINE_load_dasync() (no OPENSSL_INIT_ENGINE_DASYNC already) 
Fixes: 8d00e30f96 ("Don't try to init
dasync internally")

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
CLA: trivial
 2016-12-12 17:32:48 +00:00
Dmitry Belyavskiy
498180de5c Typo fixed 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2075)
 2016-12-12 09:28:56 -05:00
Paul Hovey
6974fca49d updated macro spacing for styling purposes 
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
CLA: trivial
 2016-12-12 13:50:17 +00:00
Paul Hovey
8bd62abe00 fix undoes errors introduced by fc6076ca27 (diff-1014acebaa2c13d44ca196b9a433ef2eR184) 
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
CLA: trivial
 2016-12-12 13:50:17 +00:00