| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2019-01-28 | The test sshd_config in in $OBJ. | Darren Tucker | |
| 2019-01-28 | Remove leftover debugging. | Darren Tucker | |
| 2019-01-28 | Enable ssh-dss for the agent test. Disable it for the certificate | Darren Tucker | |
| test. | |||
| 2019-01-28 | Count the number of key types instead of assuming there are only two. | Darren Tucker | |
| 2019-01-27 | Generate all key supported key types and enable for keyscan test. | Darren Tucker | |
| 2019-01-27 | zap a commented out line. 0RTT will need more thought than | Theo Buehler | |
| just uncommenting this. | |||
| 2019-01-27 | refactor and clean up the code generating dot output. | Theo Buehler | |
| 2019-01-25 | print errors to stderr | Theo Buehler | |
| 2019-01-25 | sort output suffixes | Theo Buehler | |
| 2019-01-25 | I am retiring my old email address; replace it with my OpenBSD one. | Todd C. Miller | |
| 2019-01-24 | Add code to visualize the state machine. Both the state machine and the | Theo Buehler | |
| output will have to be tweaked, but this may as well happen in-tree. To try it, pkg_add graphviz and run 'make handshake.svg' in this directory. Committing early so Bob's followers can play. | |||
| 2019-01-24 | set the NEGOTIATED flag in the flags argument rather than | Theo Buehler | |
| squeezing it into the table. | |||
| 2019-01-24 | Add server side of versions, keyshare, and client and server of cookie | Bob Beck | |
| extensions for tls1.3. versions is currently defanged to ignore its result until tls13 server side wired in full, so that server side code still works today when we only support tls 1.2 ok bcook@ tb@ jsing@ | |||
| 2019-01-24 | Remove SHA224 based sigalgs from use in TLS 1.2 as SHA224 is deprecated. | Bob Beck | |
| Remove GOST based sigalgs from TLS 1.2 since they don't work with TLS 1.2. ok jsing@ | |||
| 2019-01-23 | make whitespace inside curlies consistent; sort function prototypes. | Theo Buehler | |
| 2019-01-23 | Rename NUM_HANDSHAKE to handshake_count and make it a variable | Theo Buehler | |
| so it can be used from regress. Update regress accordingly. Make sure the print target generates the entire table as it currently is in tls13_handshake.c discussed with beck and jsing ok jsing | |||
| 2019-01-23 | fix dumping of trace cmp coverage | anton | |
| 2019-01-23 | Modify sigalgs extension processing to accomodate TLS 1.3. | Bob Beck | |
| - Make a separate sigalgs list for TLS 1.3 including only modern algorithm choices which we use when the handshake will not negotiate TLS 1.2. - Modify the legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as mandated by RFC8446 when the handshake will permit negotiation of TLS 1.2 from a 1.3 handshake. ok jsing@ tb@ | |||
| 2019-01-23 | revert previous, accidentally contained another diff in addition | Bob Beck | |
| to the one I intended to commit | |||
| 2019-01-23 | Modify sigalgs extension processing for TLS 1.3. | Bob Beck | |
| - Make a separate sigalgs list for TLS 1.3 including only modern algorithm choices which we use when the handshake will not negotiate TLS 1.2 - Modify the legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as mandated by RFC8446 when the handshake will permit negotiation of TLS 1.2 ok jsing@ tb@ | |||
| 2019-01-23 | incorrrect spelling | Theo Buehler | |
| 2019-01-23 | do not print the command in the print: target | Theo Buehler | |
| 2019-01-23 | Add a regression test that builds up the handshake state table | Theo Buehler | |
| from graph information and cross-checks it against the state table in tls13_handshake.c. with help from jsing | |||
| 2019-01-22 | add support for xchacha20 and xchacha20-poly1305 | David Gwynne | |
| xchacha is a chacha stream that allows for an extended nonce, which in turn makes it feasible to use random nonces. ok tb@ | |||
| 2019-01-21 | adapt to changes in KEX APIs and file removals | Damien Miller | |
| 2019-01-21 | adapt to changes in KEX API and file removals | Damien Miller | |
| 2019-01-21 | adapt to bignum1 API removal and bignum2 API change | Damien Miller | |
| 2019-01-21 | remove hack to use non-system libcrypto | Damien Miller | |
| 2019-01-20 | allow override of ssh-pkcs11-helper binary via $TEST_SSH_SSHPKCS11HELPER | Damien Miller | |
| from markus@ | |||
| 2019-01-20 | adapt agent-pkcs11.sh test to softhsm2 and add support for ECDSA keys | Damien Miller | |
| work by markus@, ok djm@ | |||
| 2019-01-20 | add "extra:" target to run some extra tests that are not enabled by | Damien Miller | |
| default (currently includes agent-pkcs11.sh); from markus@ | |||
| 2019-01-20 | Update record regress to match functionality changes. | Joel Sing | |
| 2019-01-20 | run all tests for each supported trace mode | anton | |
| 2019-01-20 | hook handshake test | Theo Buehler | |
| 2019-01-20 | Add a simple test that verifies that every valid handshake | Theo Buehler | |
| sets action->handshake_complete. | |||
| 2019-01-19 | remove mmap test for now | anton | |
| 2019-01-19 | Hook record regress. | Joel Sing | |
| 2019-01-19 | Add regress for TLSv1.3 record handling. | Joel Sing | |
| 2019-01-18 | Adapt expected number of dropped messages after sendsyslog(2) kernel | Alexander Bluhm | |
| buffer size has changed. | |||
| 2019-01-18 | initialize offset value so this passes | Bob Beck | |
| ok jsing@ | |||
| 2019-01-18 | Add client side of supported versions and keyshare extensions with basic regress | Bob Beck | |
| ok jsing@ | |||
| 2019-01-18 | Removed unused struct members. | Joel Sing | |
| 2019-01-18 | Update regress following TLS extension renaming. | Joel Sing | |
| 2019-01-17 | Add regress for extensible buffer code. | Joel Sing | |
| 2019-01-17 | Test handling of escaped backslashes because the code related to | Ingo Schwarze | |
| copy mode is complicated and prone to regressions. | |||
| 2019-01-17 | Unveil fixes: | Bob Beck | |
| 1) Correctly notice covering unveil when using .. - fix crash noticed by visa@ 2) Notice when v_mount is NULL to not crash when unveil vnodes are on a forcibly unmounted filesystem, noticed by yasuoka@ 3) Add a flag to ni_data so that failures from unveil flag mismatches in covering unveils return the correct EACCESS instead of ENOENT (noticed by brynet@) ok deraadt@ | |||
| 2019-01-16 | The test regress/sys/uvm/misc used mincore(2) to check how mmap, | Alexander Bluhm | |
| mlock, mlockall, mprotect, madvise, shmget affect resident pages. As we have no kernel interface for that anymore, remove the test. OK jca@ | |||
| 2019-01-16 | test latest mmap() changes | anton | |
| 2019-01-14 | Fix unveil issue noticed by kn@ where unveil does not notice covering | Bob Beck | |
| unveil matches when .. is used correctly. Also adds regress based upon his test program for the same issue. | |||
| 2019-01-11 | Remove the HTML title= attributes which harmed accessibility and | Ingo Schwarze | |
| violated the principle of separation of content and presentation. Instead, implement the tooltips purely in CSS. Thanks to John Gardner <gardnerjohng at gmail dot com> for suggesting most of the styling in the new ::before rules. | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |