| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2022-07-14 | Only run the client connection test with supported ciphers. Avoids test | Theo Buehler | |
| breakage also noted by anton. | |||
| 2022-07-13 | Enable Wycheproof primality tests. | Theo Buehler | |
| 2022-07-12 | The asn1time test no longer needs static linking. | Theo Buehler | |
| 2022-07-09 | Check that ASN1_{INTEGER,ENUMERATED}_get(NULL) return 0 as documented. | Theo Buehler | |
| 2022-07-08 | whitespace | Theo Buehler | |
| 2022-07-08 | Add to variables instead of overriding them | Theo Buehler | |
| 2022-07-07 | Add support for primality checking | Theo Buehler | |
| Project Wycheproof's primality_tests.json contain a set of 280 numbers that trigger edge cases in Miller-Rabin and related checks. libcrypto's Miller-Rabin test is known to be rather poor, hopefully we will soon see a diff on tech that improves on this. This extends the Go test in the usual way and also adds a perl script that allows testing on non-Go architectures. Deliberately not yet linked to regress since the tests are flaky with the current BN_is_prime_ex() implementatation. | |||
| 2022-07-07 | Adjust to new bgpctl output | Claudio Jeker | |
| 2022-07-07 | Use the security level knob in the test script. | Theo Buehler | |
| from beck | |||
| 2022-07-07 | Only run tests against ciphers supported by the method. | Theo Buehler | |
| 2022-07-07 | Add some minimal regress coverage for the security level. | Theo Buehler | |
| From beck | |||
| 2022-07-07 | Make the ssltest security level aware. | Theo Buehler | |
| From beck | |||
| 2022-07-07 | Adjust prototype of dummy rde_generate_updates() function | Claudio Jeker | |
| 2022-07-07 | Switch ssltest to using the newly generated certs that use SHA-256 instead | Theo Buehler | |
| of SHA-1. This helps the switch to security-level aware ssltest. From jsing | |||
| 2022-07-06 | While the HTML standard allows multiple <h1> elements in the same | Ingo Schwarze | |
| document, <h1> is intended for top level headers, and most of the sections in a manual page can hardly be considered top-level. It is more usual to use <h1> only for the main title of the document of for the site name. Consequently, move .Sh/.SH from <h1> to <h2> and .Ss/.SS from <h2> to <h3>, freeing <h1> for use by header.html in man.cgi(8). Discussed with Anna Vyalkova <cyber at sysrq dot in>. | |||
| 2022-07-05 | cope with ASN1_TIME_set_string_X509() rename | Anton Lindqvist | |
| 2022-07-04 | Add TEST_REGRESS_CACHE_DIR which, if set, is used to cache regress test | Darren Tucker | |
| names that have succeeded and skip those on a re-run. | |||
| 2022-07-02 | Adjust to new tls1_ec_nid2group_id API. | Theo Buehler | |
| 2022-06-30 | Add valid time test from ruby regress, and check ASN1_time_to_tm | Bob Beck | |
| against recorded time value. | |||
| 2022-06-30 | add valid utc time that should fail to parse as generalized | Bob Beck | |
| 2022-06-30 | Add tests for times missing seconds, and to be able to test | Bob Beck | |
| invalid generalized times specifically | |||
| 2022-06-30 | With recent a_time_tm.c changes, we also need the bytestring API. | Theo Buehler | |
| 2022-06-29 | Add support for sending QUIC transport parameters | Bob Beck | |
| This is the start of adding the boringssl API for QUIC support, and the TLS extensions necessary to send and receive QUIC transport data. Inspired by boringssl's https://boringssl-review.googlesource.com/24464 ok jsing@ tb@ | |||
| 2022-06-29 | Use relative paths so beck can run regress in his git tree and have | Theo Buehler | |
| the correct ssl_local.h etc be picked up. | |||
| 2022-06-29 | cope with rtentry refcnt changes | Anton Lindqvist | |
| 2022-06-28 | Botan 2.19.2 has removed support for the OpenSSL crypto provider. | Alexander Bluhm | |
| It was incompatible with OpenSSL 3.0. Remove the regression test to check that LibreSSL crypto works with Botan tests. This is better than to keep an outdated Botan in ports. discussed with tb@ beck@ | |||
| 2022-06-28 | Use refcnt API for struct rtentry instead of hand-crafted atomic | Alexander Bluhm | |
| operations. OK mvs@ | |||
| 2022-06-28 | Only asn1time needs to be static for now. | Theo Buehler | |
| 2022-06-28 | Make this regress test link staticly and use internal symbols | Bob Beck | |
| so that it works and compiles during the tb@ pre-bump shuffle(tm). | |||
| 2022-06-28 | Fix the legacy verifier callback behaviour for untrusted certs. | Bob Beck | |
| The verifier callback is used by mutt to do a form of certificate pinning where the callback gets fired and depending on a cert saved to a file will decide to accept an untrusted cert. This corrects two problems that affected this. The callback was not getting the correct depth and chain for the error where mutt would save the certificate in the first place, and then the callback was not getting fired to allow it to override the failing certificate validation. thanks to Avon Robertson <avon.r@xtra.co.nz> for the report and sthen@ for analysis. "The callback is not an API, it's a gordian knot - tb@" ok jsing@ | |||
| 2022-06-27 | Add new time manipulation funcitons that OpenSSL has exposed that | Bob Beck | |
| the world seems to be using. Symbols.list changes and exposure to wait for minor bump ok jsing@ jca@ | |||
| 2022-06-27 | Regress test for the open policy role capability. Make sure it properly | Claudio Jeker | |
| fails when enforced or there is a missmatch and that the session is accepeted if the roles match. | |||
| 2022-06-26 | In groff commit 78e66624 on May 7 20:15:33 2021 +1000, | Ingo Schwarze | |
| G. Branden Robinson changed the -T ascii rendering of \(sd, the "second" symbol, U+2033 DOUBLE PRIME, from '' to ". Follow suit in mandoc. | |||
| 2022-06-26 | Fix URI name constraints, allow for URI's with no host part. | Bob Beck | |
| Such uri's must be parsed and allowed, but then should fail if a name constraint is present. Adds regress testing for this same case. fixes https://github.com/libressl-portable/openbsd/issues/131 ok tb@ | |||
| 2022-06-25 | Move leaf certificate checks to the last thing after chain validation. | Bob Beck | |
| While seemingly illogical and not what is done in Go's validator, this mimics OpenSSL's behavior so that callback overrides for the expiry of a certificate will not "sticky" override a failure to build a chain. ok jsing@ | |||
| 2022-06-25 | Increase the auto partitioner's maximum /usr size to 30G. | mbuhl | |
| OK bluhm, otto, deraadt | |||
| 2022-06-25 | Check pointer argument after {d2i,i2d}_ASN1_{BIT_STRING,BOOLEAN,INTEGER}() | Joel Sing | |
| 2022-06-25 | Add regress for ASN1_INTEGER_{get,set}_{u,}int64() | Joel Sing | |
| 2022-06-25 | Add regress for ASN1_INTEGER_cmp() | Joel Sing | |
| 2022-06-23 | Use dynamic linking correctly. bntest and bn_to_string need static linking. | Theo Buehler | |
| 2022-06-22 | Explicitly include fcntl.h and unistd.h for pipe2 | Theo Buehler | |
| 2022-06-22 | Fix format strings for size_t | Theo Buehler | |
| 2022-06-22 | Fix format string: use %zu for size_t, not %lu. | Theo Buehler | |
| 2022-06-19 | Use uppercase for SUCCESS for consistency | Theo Buehler | |
| 2022-06-19 | None of these tests needs to link statically. | Theo Buehler | |
| 2022-06-19 | Drop bogus DPADD += ${LIBSSL} | Theo Buehler | |
| 2022-06-19 | Make expected output match reality again. | Theo Buehler | |
| 2022-06-19 | Since rtsock.c -r1.329 routes sent via sysctl(2) are now marked RTF_DONE. | Theo Buehler | |
| Adjust expected output. | |||
| 2022-06-19 | Fix rttest output after rtsock.c r1.329 that RTF_DONE to routes sent | Theo Buehler | |
| via sysctl(2) | |||
| 2022-06-18 | Quick regression test that checks that BN_is_prime_fasttest_ex() | Theo Buehler | |
| recognizes the primes in the primes[] table with and without trial division. Would have caught the bug fixed in bn_primes.c r1.9. | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |