summaryrefslogtreecommitdiff
path: root/tests
Commit message (Collapse)AuthorAgeFilesLines
* tests: add missing ${EXEEXT}Daiki Ueno2020-10-035-6/+6
| | | | | | Pointed by Andreas Metzler. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* tests: prolong timeout in wait_for_portDaiki Ueno2020-10-031-6/+7
| | | | | | | gnutls-serv invocations in cert-tests/dsa can take long time to launch if valgrind tests are enabled. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* tests: remove unused lock facility using lockfile-createDaiki Ueno2020-10-031-8/+0
| | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* tests: create lock for tests using GETPORTDaiki Ueno2020-10-032-3/+23
| | | | | | | This fixes a race condition in the timings between when a free port is detected and when the port is actually used. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* tests: simplify program detectionDaiki Ueno2020-10-037-56/+54
| | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* tests: rewrite launch_server using launch_bare_serverDaiki Ueno2020-10-036-158/+150
| | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* tests: remove launch_pkcs11_serverDaiki Ueno2020-09-252-10/+1
| | | | | | This function is only used by testpkcs11.sh. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* tests: remove unused first argument from launch_serverDaiki Ueno2020-09-2533-176/+168
| | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* tests: use ": ${FOO=BAR}" syntax for default handling in shell scriptsDaiki Ueno2020-09-25156-437/+437
| | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* Merge branch 'tmp-clock_nanosleep' into 'master'Daiki Ueno2020-09-212-5/+8
|\ | | | | | | | | | | | | tests: allow clock_nanosleep in seccomp tests Closes #1086 See merge request gnutls/gnutls!1325
| * testcompat-openssl: specify -sigalgsDaiki Ueno2020-09-211-5/+7
| | | | | | | | | | | | | | | | | | The default selection of signature schemes is also affected by the crypto-policies, and needs to be explicitly enabled with -sigalgs. Suggested by Tomas Mraz. Signed-off-by: Daiki Ueno <ueno@gnu.org>
| * tests: allow clock_nanosleep in seccomp testsDaiki Ueno2020-09-181-0/+1
| | | | | | | | | | | | | | | | The nanosleep wrapper in glibc has changed the implementation using the clock_nanosleep syscall: https://sourceware.org/git/?p=glibc.git;a=commit;h=3537ecb49cf7177274607004c562d6f9ecc99474 Signed-off-by: Daiki Ueno <ueno@gnu.org>
* | Merge branch 'tmp-ametzler-1090-testsuite' into 'master'Daiki Ueno2020-09-215-7/+11
|\ \ | | | | | | | | | | | | | | | | | | Fix inconsistent handling of $SERV environment variable in testsuite Closes #1090 See merge request gnutls/gnutls!1331
| * | testsuite: Fix $SERV / $GNUTLS_SERV inconsistencyAndreas Metzler2020-09-194-4/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | Some tests did not support overriding the PATH to gnutls-serv by setting the environment variable SERV but used GNUTLS_SERV instead. Closes #1090 Signed-off-by: Andreas Metzler <ametzler@bebt.de>
| * | In testsuite scripts use "$@" instead of $*.Andreas Metzler2020-09-181-3/+3
| |/ | | | | | | Signed-off-by: Andreas Metzler <ametzler@bebt.de>
* | Merge branch 'rsa_privkey_prive' into 'master'Daiki Ueno2020-09-201-0/+32
|\ \ | |/ |/| | | | | Make private exponent optional in gnutls_privkey_import_rsa_raw() See merge request gnutls/gnutls!1323
| * Make private exponent optional in gnutls_privkey_import_rsa_raw().Nikolay Sivov2020-09-061-0/+32
| | | | | | | | Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com>
* | testsuite: Run GOST part of tests/gnutls-cli-debug.shAndreas Metzler2020-09-171-0/+7
| | | | | | | | | | | | Closes #1097 Signed-off-by: Andreas Metzler <ametzler@bebt.de>
* | testsuite: Fix GOST gnutls-cli-debug testAndreas Metzler2020-09-171-1/+1
|/ | | | | | | GOST algorithms are not enabled by default, explicitely request them in priority string. Signed-off-by: Andreas Metzler <ametzler@bebt.de>
* Merge branch 'tmp-sizeof' into 'master'Daiki Ueno2020-09-031-1/+1
|\ | | | | | | | | | | | | Fix padlock partial PHE detection and sizeof usage Closes #1076 See merge request gnutls/gnutls!1316
| * tests: fix sizeof usage in mini-record-timingtmp-sizeofDaiki Ueno2020-08-301-1/+1
| | | | | | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* | Consolidate optional arguments tests for RSA key import, cleanup after each ↵Nikolay Sivov2020-09-021-25/+26
| | | | | | | | | | | | import. Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com>
* | Add some tests for optional arguments in gnutls_privkey_import_rsa_raw().Nikolay Sivov2020-09-011-0/+30
|/ | | | Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com>
* Merge branch 'tmp-tls12-version-checks' into 'master'Daiki Ueno2020-08-211-11/+28
|\ | | | | | | | | | | | | handshake: check TLS version against modified server priorities Closes #1054 See merge request gnutls/gnutls!1309
| * handshake: check TLS version against modified server prioritiestmp-tls12-version-checksDaiki Ueno2020-08-171-11/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | The server needs to take into account of multiple factors when determining the TLS protocol version actually being used: - the legacy version - "supported_versions" extension - user_hello_func that may modify the server's priorities Only after that it can check whether the TLS version is enabled in the server's priorities. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* | Merge branch 'tmp-ocsp-resp-status' into 'master'Daiki Ueno2020-08-203-2/+113
|\ \ | | | | | | | | | | | | | | | | | | cert-session: check OCSP error responses Closes #1062 See merge request gnutls/gnutls!1308
| * | cert-session: check OCSP error responsestmp-ocsp-resp-statusDaiki Ueno2020-08-143-2/+113
| |/ | | | | | | | | | | | | | | If the OCSP responder returns an error code, such as tryLater, we can't proceed to examine the response bytes. In that case, just skip the check unless the stapling is mandatory on this certificate. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* | Merge branch 'tmp-cipher-check-length' into 'master'Daiki Ueno2020-08-181-0/+83
|\ \ | | | | | | | | | | | | | | | | | | gnutls_aead_cipher_decrypt: check output buffer size before writing Closes #1049 See merge request gnutls/gnutls!1312
| * | gnutls_aead_cipher_decrypt: check output buffer size before writingtmp-cipher-check-lengthDaiki Ueno2020-08-171-0/+83
| |/ | | | | | | | | | | | | | | | | While the documentation of gnutls_aead_cipher_decrypt indicates that the inout argument ptext_len initially holds the size that sufficiently fits the expected output size, there was no runtime check on that. This makes the interface robuster against misuses. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* | gnutls_x509_crt_export2: return 0 instead of the lengthtmp-crt-export2Daiki Ueno2020-08-161-0/+2
| | | | | | | | | | | | This aligns the behavior to the documentation. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* | Fix parser output in tests/cert-tests/data/gost-cert-nogost.pemFiona Klute2020-08-161-15/+1
| | | | | | | | | | | | | | | | | | When building without GOST support parsing a GOST certificate must return an "error importing public key" message instead of key details. This change makes tests/cert-tests/pem-decoding pass for builds with --disable-gost. Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
* | doc: assorted typo fixestmp-typo-fixesDaiki Ueno2020-08-121-2/+2
|/ | | | | | Spotted by codespell. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* Fix invalid free in missing issuer test case error pathMichael Catanzaro2020-08-071-1/+0
| | | | | | | This variable is not initialized in this error path: it's only initialized if gnutls_x509_crt_get_authority_info_access() succeeds. Signed-off-by: Michael Catanzaro <mcatanzaro@gnome.org>
* tests: split up system-override-sig-hash.shAlexander Sosedkin2020-07-033-20/+46
| | | | | | | | | Split up system-override-sig-hash.sh so that the errors won't get swallowed or conflated. Also correct unused `srcdir` to `builddir`, which I believe was meant to be set there. Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
* dhe: check if DH params in SKE match the FIPS approved algorithmstmp-sp800-56ar3Daiki Ueno2020-06-274-32/+160
| | | | | | | | SP800-56A rev. 3 restricts the FIPS compliant clients to use only approved DH parameters, defined in RFC 7919 and RFC 3526. This adds a check in the handling of ServerKeyExchange if DHE is negotiated. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* Update tlsfuzzer to get Python interpreter detectionFiona Klute2020-06-161-0/+0
| | | | | | | | Tlsfuzzer also assumed the Python interpreter would be called "python", this update is necessary to get a fixed version (see https://github.com/tomato42/tlsfuzzer/pull/671). Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
* Detect Python interpreter instead of assuming "python"Fiona Klute2020-06-163-6/+15
| | | | | | | This makes the extended test suite work one Debian(-ish) systems without Python 2, where the Python 3 interpreter is called "python3". Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
* Merge branch 'master' into 'tmp-mark-gost94-as-broken'Dmitry Baryshkov2020-06-15103-248/+3413
|\ | | | | | | # Conflicts: # lib/crypto-selftests-pk.c
| * Merge branch 'tmp-enum' into 'master'Dmitry Baryshkov2020-06-151-1/+1
| |\ | | | | | | | | | | | | build: minor fixes See merge request gnutls/gnutls!1287
| | * build: avoid -Wenum-conversion warnings with GCC 10Daiki Ueno2020-06-151-1/+1
| | | | | | | | | | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
| * | tests/cert-test/invalid-sig: use datefudge to test expired certstmp-skip-datefudgeDaiki Ueno2020-06-121-18/+25
| | | | | | | | | | | | | | | | | | | | | Suggested by Andreas Metzler in: https://gitlab.com/gnutls/gnutls/-/issues/1021 Signed-off-by: Daiki Ueno <ueno@gnu.org>
| * | tests: check_for_datefudge: don't exit the test programsDaiki Ueno2020-06-1248-48/+53
| |/ | | | | | | | | | | | | | | This makes check_for_datefudge not to immediately exit the program, but to return non-zero to allow the tests by themselves to control the behavior when "datefudge" is not found. Signed-off-by: Daiki Ueno <ueno@gnu.org>
| * Merge branch 'tmp-iov-memleak' into 'master'Dmitry Baryshkov2020-06-071-15/+18
| |\ | | | | | | | | | | | | | | | | | | crypto-api: always allocate memory when serializing iovec_t Closes #1017 See merge request gnutls/gnutls!1278
| | * crypto-api: always allocate memory when serializing iovec_ttmp-iov-memleakDaiki Ueno2020-06-051-15/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The AEAD iov interface falls back to serializing the input buffers if the low-level cipher doesn't support scatter/gather encryption. However, there was a bug in the functions used for the serialization, which causes memory leaks under a certain condition (i.e. the number of input buffers is 1). This patch makes the logic of the functions simpler, by removing a micro-optimization that tries to minimize the number of calls to malloc/free. The original problem was reported by Marius Steffen in: https://bugzilla.samba.org/show_bug.cgi?id=14399 and the cause was investigated by Alexander Haase in: https://gitlab.com/gnutls/gnutls/-/merge_requests/1277 Signed-off-by: Daiki Ueno <ueno@gnu.org>
| * | Merge branch 'master' into 'master'Daiki Ueno2020-06-053-0/+2
| |\ \ | | | | | | | | | | | | | | | | tests: updated tlsfuzzer tests to latest version See merge request gnutls/gnutls!1276
| | * | tests: updated tlsfuzzer tests to latest versionKrenzelokFrantisek2020-06-043-0/+2
| | |/ | | | | | | | | | | | | | | | excluded some tests from test-certificate-malformed.py Signed-off-by: KrenzelokFrantisek <krenzelok.frantisek@gmail.com>
| * | tests: Adds new tests missingissuer and missingissuer_aiaSahana Prasad2020-06-035-2/+784
| |/ | | | | | | Signed-off-by: Sahana Prasad <sahana@redhat.com>
| * stek: differentiate initial state from valid time window of TOTPDaiki Ueno2020-06-032-6/+6
| | | | | | | | | | | | | | | | | | There was a confusion in the TOTP implementation in stek.c. When the mechanism is initialized at the first time, it records the timestamp but doesn't initialize the key. This removes the timestamp recording at the initialization phase, so the key is properly set later. Signed-off-by: Daiki Ueno <ueno@gnu.org>
| * tests: add test case for certificate chain supersedingDaiki Ueno2020-05-311-0/+97
| | | | | | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
| * Merge branch 'add-aes192-gcm' into 'master'Dmitry Baryshkov2020-05-303-0/+4
| |\ | | | | | | | | | | | | lib: add support for AES-192-GCM See merge request gnutls/gnutls!1267
View Lorry Controller Status