summaryrefslogtreecommitdiff
path: root/tests/suite/testcompat-main-openssl
Commit message (Collapse)AuthorAgeFilesLines
* tests: rewrite launch_server using launch_bare_serverDaiki Ueno2020-10-031-72/+70
| | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* tests: remove unused first argument from launch_serverDaiki Ueno2020-09-251-52/+52
| | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* tests: use ": ${FOO=BAR}" syntax for default handling in shell scriptsDaiki Ueno2020-09-251-3/+3
| | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* testcompat-openssl: specify -sigalgsDaiki Ueno2020-09-211-5/+7
| | | | | | | | | The default selection of signature schemes is also affected by the crypto-policies, and needs to be explicitly enabled with -sigalgs. Suggested by Tomas Mraz. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* testcompat-openssl: improve testing against secured OpenSSL versions.Dimitri John Ledkov2020-02-061-40/+33
| | | | | | | | | In Debian, and soon Ubuntu, OpenSSL is compiled with SECLEVEL=2 and requiring minimum TLSv1.2. However, smaller hashes/keys/versions are allowed if one enables SECLEVEL=1. Do so when testing pre v1.2 algos, and thus enabling testing more compatability combinations. Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com>
* testcompat-openssl: added interop test with DTLS 1.2Nikos Mavrogiannopoulos2019-07-031-2/+89
| | | | | | | | This tests AES-CBC ciphersuites in isolation, as they are prioritized lower than AES-GCM. We want to test them explicitly because they have different behavior under EtM. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* testcompat-openssl: do not test DSS or small curves with 1.1.1tmp-fix-ci-runsNikos Mavrogiannopoulos2018-11-071-25/+39
| | | | | | | DSA uses 1024-bit parameters, and these together with curves of less than 256 bits are not accepted by debian's openssl. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: fix serv location in testcompat-main-opensslNikos Mavrogiannopoulos2018-05-161-1/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Allow running of test against installed gnutls-servAndreas Metzler2018-05-151-1/+2
| | | | Signed-off-by: Andreas Metzler <ametzler@bebt.de>
* tests: testcompat-openssl: disable DSS ciphersuites under SSL3.0Nikos Mavrogiannopoulos2018-05-091-59/+64
| | | | | | | | Previously if openssl wouldn't support DSS, we would only disable DSS under TLS1.0 or later, not under SSL 3.0. This fixes interoperability with Fedora28 openssl. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* tests: added reproducer for safe renegotiation failure with opensslNikos Mavrogiannopoulos2017-09-071-1/+13
| | | | | | Relates #259 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: enhanced SSL3.0 openssl detection in testcompat-opensslNikos Mavrogiannopoulos2017-07-171-8/+25
| | | | | | | | That disables SSL 3.0 testing in openssl versions which cannot negotiated it (see https://bugzilla.redhat.com/show_bug.cgi?id=1471783 for rationale) and corrects a typo in the variable name and printed message. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: disable ARCFOUR interop tests if openssl doesn't support the cipherNikos Mavrogiannopoulos2017-07-171-12/+21
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: testcompat-openssl: 3DES is explicitly enabled for SSL 3.0Nikos Mavrogiannopoulos2017-07-171-6/+6
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: enabled X25519 interop tests with openssl 1.1.0Nikos Mavrogiannopoulos2017-06-191-13/+29
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* tests: modify tests to allow signatures with SHA1Nikos Mavrogiannopoulos2017-05-311-2/+2
| | | | | | | There were several tests that were utilizing SHA1 signatures but were not failing due to the bug in gnutls_pubkey_verify_hash2(). Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: remove bash usageAlon Bar-Lev2017-01-051-1/+1
| | | | Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
* tests: skip tests that requires tools if tools are disabledAlon Bar-Lev2017-01-051-0/+5
| | | | | | building with --disable-tools should not cause test failure. Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
* tests: enable all the ciphersuite in openssl cli for DSS checksfix-compat-testsNikos Mavrogiannopoulos2016-12-311-3/+3
|
* tests: don't check against 3DES if disabled in opensslNikos Mavrogiannopoulos2016-12-311-3/+8
|
* tests: do not pass the -dhparams to openssl 1.1.0; it doesn't workNikos Mavrogiannopoulos2016-12-311-1/+8
|
* tests: corrected type in openssl compat testsNikos Mavrogiannopoulos2016-12-311-2/+2
|
* tests: added common variable for DH parametersNikos Mavrogiannopoulos2016-12-311-23/+23
|
* tests: better termination checking in compat testsNikos Mavrogiannopoulos2016-12-311-2/+15
| | | | | This ensures that the exit code of all spawned processes is checked.
* tests: run compatibility checks in parallel for various modifiersNikos Mavrogiannopoulos2016-05-211-68/+79
| | | | | | That is, the various %NO_ETM, %COMPAT, ... modifiers are checked in parallel in the testcompat suite, reducing the overall running time significantly.
* tests: use /bin/bash in tests which require common.shNikos Mavrogiannopoulos2016-05-201-1/+1
|
* Allow for conditional compilation of SSL 3.0 protocolNikos Mavrogiannopoulos2016-05-141-2/+2
| | | | | | | This allows to completely remove SSL 3.0 support by calling configure with the '--disable-ssl3' option. Resolves #93
* tests: simplified server launching processNikos Mavrogiannopoulos2016-05-131-49/+91
| | | | | Also attempt to use a new port on every started server and added a waiting period for the port to become re-usable.
* tests: include self tests with CURVE-X25519Nikos Mavrogiannopoulos2016-04-241-63/+112
|
* tests: updated the openssl compat check to make explicit the used curvesNikos Mavrogiannopoulos2016-04-241-23/+32
|
* testcompat-openssl: enable TLS 1.2 tests with openssl 1.0.1+Nikos Mavrogiannopoulos2016-03-181-7/+7
|
* tests: tab indent + minor style changesAlon Bar-Lev2015-06-241-502/+525
| | | | Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
* tests: suite: cleanup shell usageAlon Bar-Lev2015-06-211-501/+491
| | | | | | | | | | | | Add quotes for most usages of variables. Added ${} for variables. Cleanup indentation to be consistent with other tests. Fix separate builddir issues. Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
* tests: check also individual ciphers for interoperabilityNikos Mavrogiannopoulos2015-06-111-4/+24
|
* tests: check legacy RC4 in testcompatNikos Mavrogiannopoulos2015-03-231-3/+23
| | | | | That would prevent losing compatibility without detecting it. That is currently the case since it is no longer enabled by default.
* tests: speed up testcompat check by remove less important optionsNikos Mavrogiannopoulos2015-03-051-1/+1
|
* tests: updated the suite to account for the removal of DSA by defaultNikos Mavrogiannopoulos2015-03-031-8/+8
|
* cross-implementation test suite was relicensed to 3-clause BSDNikos Mavrogiannopoulos2015-03-031-12/+22
| | | | That way the suite can be used by projects with other licenses.
* testcompat: corrected usage of null cipherNikos Mavrogiannopoulos2014-12-111-1/+1
|
* testcompat-openssl: disable SSL 3.0 as it is not supported on debianNikos Mavrogiannopoulos2014-11-061-0/+9
|
* tests: separated the two testcompat tests (openssl/polarssl)Nikos Mavrogiannopoulos2014-11-061-0/+603
View Lorry Controller Status