summaryrefslogtreecommitdiffstats
path: root/regress (follow)
Commit message (Collapse)AuthorAgeFilesLines
* add support for verification of webauthn sshsig signature, anddjm2020-06-224-7/+718
| | | | | example HTML/JS to generate webauthn signatures in SSH formats (also used to generate the testdata/* for the test).
* Enable lucky 13 test.tb2020-06-191-5/+2
|
* Test that ssh-agent exits when running as as subprocess of a specifieddtucker2020-06-192-1/+24
| | | | command (ie "ssh-agent command"). Would have caught bz#3181.
* run sshsig unit testsdjm2020-06-191-2/+2
|
* basic unit test for sshsig.[ch], including FIDO keysdjm2020-06-1923-0/+339
| | | | verification only so far
* basic unit test for FIDO kep parsingdjm2020-06-1924-7/+258
|
* Add test that splicing inet and unix sockets. This test should be abortedmvs2020-06-181-0/+24
| | | | | | with EPROTONOSUPPORT. ok mpi@
* Add test for passive interfacesdenis2020-06-124-7/+9
|
* Add lucky13 and bleichenbacher-timing teststb2020-06-101-1/+7
|
* Implement a rolling hash of the ClientHello message, Enforce RFC 8446beck2020-06-061-2/+2
| | | | | | | | section 4.1.2 to ensure subsequent ClientHello messages after a HelloRetryRequest messages must be unchanged from the initial ClientHello. ok tb@ jsing@
* When X509_ATTRIBUTE_create() receives an invalid NID (e.g., -1), returnschwarze2020-06-042-5/+115
| | | | | | | | | | | failure rather than silently constructing a broken X509_ATTRIBUTE object that might cause NULL pointer accesses later on. This matters because X509_ATTRIBUTE_create() is used by documented API functions like PKCS7_add_attribute(3) and the NID comes straight from the user. This fixes a bug found while working on documentation. OK tb@ and "thanks" bluhm@
* Enable the record layer limits test and mark two finished test cases astb2020-06-031-5/+8
| | | | | xfail for now. Arguably, the expected decode_error is more appropriate than the decrypt_error that we send at the moment.
* Enable the test-tls13-zero-length-data.py test, skipping thetb2020-06-011-8/+10
| | | | three tests that fail due to a BIO_gets() bug.
* Enable test-dhe-rsa-key-exchange-with-bad-messages.pytb2020-06-011-4/+2
|
* Fix printing long doubles on architectures with hm and lm bits.mortimer2020-05-311-1/+9
| | | | | | Issue reported with initial patch by enh@google.com. ok deraadt@
* Add checks for SH downgrade sentinel and HRR hash in appstest.shinoguchi2020-05-291-1/+27
|
* Add regression and unit tests for ${ENV} style environment variabledtucker2020-05-292-5/+79
| | | | expansion in various keywords (bz#3140). ok djm@
* Unit test for convtime. ok djm@dtucker2020-05-291-1/+20
|
* two new tests for Include in sshd_config, checking whether Portdjm2020-05-271-1/+35
| | | | | | directives are processed correctly and handling of Include directives that appear before Match. Both tests currently fail. bz#3122 and bz#3169 - patch from Jakub Jelen
* more tests after getopt_long.c rev. 1.32;schwarze2020-05-271-10/+43
| | | | OK martijn@
* The unmount-nested test creates 15 partitions with file systems.bluhm2020-05-251-17/+17
| | | | Use FFS1 for newfs as the file system size is below the FFS2 minimum.
* Test that syslogd closes the UDP sockets only if not configured tobluhm2020-05-252-0/+52
| | | | send UDP packets.
* Previous commit caught a few errx() cases by accident. undo them.tb2020-05-241-25/+25
|
* include newlines in FAIL messagestb2020-05-241-108/+108
|
* address some nits from jsingtb2020-05-241-7/+11
|
* The version detection doesn't work on bluhm's test machine, causingtb2020-05-241-3/+3
| | | | | | | the test to fail. Neuter it for now and just assume we do TLSv1.3. I have been intending to purge this version detection hack once I'm sure we can leave the 1.3 server enabled but I'll leave it here for now.
* Define REGRESS_TARGETS explicitly.tb2020-05-231-2/+4
|
* Enforce that SNI hostnames be correct as per rfc 6066 and 5980.beck2020-05-231-1/+79
| | | | | | | Correct SNI alerts to differentiate between illegal parameter and an unknown name. ok tb@`
* Add test covering revision 1.64 of c_sh, fix exit code of compound listsanton2020-05-221-1/+12
| | | | while using option e.
* beck fixed most of the keyupdate tests. update annotationtb2020-05-211-3/+8
|
* hook tlsfuzzer to regresstb2020-05-211-1/+2
|
* Add a harness that runs tests from tlsfuzzertb2020-05-212-0/+781
| | | | | | | | | | | | | This currently runs 54 tests from the tlsfuzzer suite against the TLSv1.3 server which exercise a large portion of the code. They already found a number of bugs and misbehaviors and also inspired a few diffs currently in the pipeline. This regress requires the py3-tlsfuzzer package to be installed, otherwise the tests are skipped. Many thanks to kmos for helping with the ports side and to beck for his positive feedback. ok beck
* LibreSSL error message has been improved, adapt syslogd TLS tests.bluhm2020-05-192-2/+2
|
* Add -status and -servername test for s_server and s_client in appstest.shinoguchi2020-05-191-1/+3
|
* Add -groups test for s_server and s_client in appstest.shinoguchi2020-05-191-3/+17
|
* Add client certificate test in appstest.shinoguchi2020-05-181-2/+89
|
* Rename variables for key, csr, pass, certinoguchi2020-05-181-85/+85
|
* Make ffs2 the default for newfs; change all calls to create e.g. floppyotto2020-05-181-2/+2
| | | | | filesystems or ramdisks to use explicit -O 1; installer already does that. ok sthen@
* Add GOST certificate test in appstest.shinoguchi2020-05-171-26/+107
| | | | Enabled by -g option, and default to disabled (RSA certificate is used)
* Suppress display output and reduce s_time to 1 sec in appstest.shinoguchi2020-05-171-28/+38
|
* Fix server client test with TLSv1.3 in appstest.shinoguchi2020-05-171-20/+27
|
* Factor out session reuse test and verification testinoguchi2020-05-151-56/+74
|
* Factor out the test for all available ciphers and add TLSv1.3 caseinoguchi2020-05-151-46/+61
|
* Add ECDSA certificate test in appstest.shinoguchi2020-05-151-8/+71
| | | | Enabled by -e option, and default to disabled (RSA certificate is used)
* go fmt whitespace nittb2020-05-141-3/+3
|
* reinstate an error check that was commented out while waiting for armtb2020-05-141-5/+4
| | | | packages to appear
* move a #define after the last #include linetb2020-05-141-3/+3
|
* Skip protocol version message check in appstest.shinoguchi2020-05-141-10/+15
| | | | | - OpenSSL1.1.1 with TLSv1.3 does not call SSL_SESSION_print() until NewSessionTicket arrival - Shorten function name
* Factor out the protocol version test in appstest.shinoguchi2020-05-141-49/+26
| | | | OTHER_OPENSSL default to eopenssl11
* Add TLS versioning tests.jsing2020-05-131-2/+96
| | | | | This ensures that a TLSv1.0, TLSv1.1, TLSv1.2 or TLSv1.3 client can talk with an appropriately configured server and vice versa.
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.