825a49ed7c
Add more udp_proxy tests
2014-10-21 16:32:32 +02:00
a6189f0fb0
udp_proxy wasn't actually killed
2014-10-21 16:32:30 +02:00
a0719727da
Add tests with dropped packets
2014-10-21 16:32:30 +02:00
63eca930d7
Drop invalid records with DTLS
2014-10-21 16:30:28 +02:00
990f9e428a
Handle late handshake messages gracefully
2014-10-21 16:30:26 +02:00
be9eb877f7
Adapt ssl-opt.sh to allow using udp_proxy in tests
2014-10-21 16:30:25 +02:00
0a65934ef3
Re-enable valgrind for all tests
...
Now we can handle duplicated messages due to the peer re-sending (due to us
being soooo slow with valgrind)
2014-10-21 16:30:24 +02:00
0c4cbc7895
Add test for fragmentation + renego with GnuTLS
2014-10-21 16:30:23 +02:00
f1499f602e
Add interop testing for renego with GnuTLS
2014-10-21 16:30:23 +02:00
77b0b8d100
Disable some tests with valgrind for now
2014-10-21 16:30:23 +02:00
64dffc5d14
Make handshake reassembly work with openssl
2014-10-21 16:30:22 +02:00
a77561765f
Add test with openssl with DTLS in ssl-opt.sh
2014-10-21 16:30:22 +02:00
502bf30fb5
Handle reassembly of handshake messages
...
Works only with GnuTLS for now, OpenSSL packs other records in the same
datagram after the last fragmented one, which we don't handle yet.
Also, ssl-opt.sh fails the tests with valgrind for now: we're so slow with
valgrind that gnutls-serv retransmits some messages, and we don't handle
duplicated messages yet.
2014-10-21 16:30:22 +02:00
c392b240c4
Fix server-initiated renegotiation with DTLS
2014-10-21 16:30:21 +02:00
30d16eb429
Fix client-initiated renegotiation with DTLS
2014-10-21 16:30:20 +02:00
0eb6cab979
Add DTLS cookies test to ssl-opt.sh
2014-10-21 16:30:19 +02:00
53aef81a7d
Work around OpenSSL bug in compat.sh
2014-10-21 16:30:12 +02:00
d1af1025d0
Add DTLS interop testing with OpenSSL server
...
PSK suites failing with client auth
2014-10-21 16:30:12 +02:00
9bfb1226da
Add DTLS interop testing with GnuTLS server
2014-10-21 16:30:12 +02:00
29980b16bd
Add DTLS interop testing (PolarSSL server)
2014-10-21 16:30:11 +02:00
3025b6cfd6
Add DTLS self-op test in compat.sh
2014-10-21 16:30:10 +02:00
9eac4f7c4e
Prepare for release 1.3.9
2014-10-20 13:56:15 +02:00
9c911da68f
Add tests for X.509 name encoding mismatch
2014-10-17 12:42:31 +02:00
5d8618539f
Fix memory leak while parsing some X.509 certs
2014-10-17 12:41:41 +02:00
64938c63f0
Accept spaces at end of line/buffer in base64
2014-10-15 23:53:33 +02:00
da1b4de0e4
Increase MPI_MAX_BYTES to allow RSA 8192
2014-10-15 22:06:46 +02:00
5a5fa92bfe
x509_crt_parse() did not increase total_failed on PEM error
...
Result was that PEM errors in files with multiple certificates were not
detectable by the user.
2014-10-03 15:47:13 +02:00
7fa67728ad
Scripts print more info on failure within buildbot
2014-08-31 17:42:53 +02:00
c2b0092a1b
Fix leaving around temporary file in ssl-opt.sh
2014-08-31 17:17:36 +02:00
1287f11d54
Detect GnuTLS presence and version in compat.sh
2014-08-31 16:31:32 +02:00
16494496db
Fix details in compat.sh
2014-08-31 10:37:14 +02:00
72e51ee7be
Use arithmetic expansion in scripts, avoid bashisms
2014-08-31 10:22:11 +02:00
c0f6a692fb
Add client timeout to ssl-opt.sh and compat.sh
2014-08-30 22:59:55 +02:00
decaf0b182
Clean up unused variable in compat.sh
2014-08-30 22:22:09 +02:00
a4afadfccd
Fix bug in OpenSSL v2 support testing
2014-08-30 22:09:36 +02:00
644e8f377d
Adapt debug_level in ssl-opt.sh to new levels
...
The meaning of debug_level was shift by one during the last debug overhaul.
(The new one is more rational, previously debug_level=1 didn't do anything.)
2014-08-30 21:59:31 +02:00
8e03c71b23
Normalize names in ssl-opt.sh
...
No numbering: does not add value, and painful to maintain, esp. with branches
2014-08-30 21:42:40 +02:00
51362961b8
Add interop testing of renegotiation
2014-08-30 21:22:47 +02:00
f2629b965e
Rm now useless tricks from ssl-opt.sh
2014-08-30 14:20:14 +02:00
480905d563
Fix selection of hash from sig_alg ClientHello ext.
2014-08-30 14:19:59 +02:00
baa7f07809
Add GnuTLS support to ssl-opt.sh
2014-08-20 20:15:53 +02:00
f07f421759
Fix server-initiated renego with non-blocking I/O
2014-08-19 13:32:15 +02:00
a8c0a0dbd0
Add "exchanges" option to test server and client
...
Goal is to test renegotiation better: we need more than one exchange for
server-initiated renego to work reliably (the previous hack for this wouldn't
work with non-blocking I/O and probably not with DTLS either).
Also check message termination in a semi-realistic way.
2014-08-19 13:26:05 +02:00
6591962f06
Allow delay on renego on client
...
Currently unbounded: will be fixed later
2014-08-19 12:50:30 +02:00
d153ef335f
Missing dependencies on POLARSSL_ECP_C fixed
2014-08-18 12:00:28 +02:00
74b11702d7
Simplify terminating ssl_server2 in test scripts
2014-08-14 18:33:00 +02:00
6f4fbbb3e1
Add a "skip" feature in ssl-opt.sh
2014-08-14 18:33:00 +02:00
61bc57af99
Optimize all.sh for new build options
2014-08-14 18:33:00 +02:00
39141fed63
Add warnings in debug build, and -Werror with ASan
...
- warnings in debug build allows the to be caught earlier
- -Werror with ASan make tests/scripts/all.sh a bit shorter
2014-08-14 18:33:00 +02:00
192253aaa9
Fix buffer size in pk_write_*_pem()
2014-08-14 11:34:35 +02:00
