summaryrefslogtreecommitdiff
path: root/test
Commit message (Collapse)AuthorAgeFilesLines
* Build: Change all _NO_INST to use attributes instead.Richard Levitte2019-01-222-18/+18
| | | | | | | | | This means that all PROGRAMS_NO_INST, LIBS_NO_INST, ENGINES_NO_INST and SCRIPTS_NO_INST are changed to be PROGRAM, LIBS, ENGINES and SCRIPTS with the associated attribute 'noinst'. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7581)
* Rework building: adapt some scriptsRichard Levitte2019-01-211-20/+5
| | | | | | | | | | | | | The platform module collection is made in such a way that any Perl script that wants to take part of the available information can use them just as well as the build system. This change adapts test/recipes/90-test_shlibload.t, util/mkdef.pl, and util/shlib_wrap.sh.in Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7473)
* Fix a memory leak in the mem bioCorey Minyard2019-01-213-1/+71
| | | | | | | | | | | | | | | | | | | | | If you use a BIO and set up your own buffer that is not freed, the memory bio will leak the BIO_BUF_MEM object it allocates. The trouble is that the BIO_BUF_MEM is allocated and kept around, but it is not freed if BIO_NOCLOSE is set. The freeing of BIO_BUF_MEM was fairly confusing, simplify things so mem_buf_free only frees the memory buffer and free the BIO_BUF_MEM in mem_free(), where it should be done. Alse add a test for a leak in the memory bio Setting a memory buffer caused a leak. Signed-off-by: Corey Minyard <minyard@acm.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8051)
* Reduce inputs before the RSAZ code.David Benjamin2019-01-171-0/+25
| | | | | | | | | | | The RSAZ code requires the input be fully-reduced. To be consistent with the other codepaths, move the BN_nnmod logic before the RSAZ check. This fixes an oft-reported fuzzer bug. https://github.com/google/oss-fuzz/issues/1761 Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7187)
* Fix CID 1434549: Unchecked return value in test/evp_test.cFdaSilvaYY2019-01-083-30/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 5. check_return: Calling EVP_EncodeUpdate without checking return value (as is done elsewhere 4 out of 5 times). Fix CID 1371695, 1371698: Resource leak in test/evp_test.c - leaked_storage: Variable edata going out of scope leaks the storage it points to. - leaked_storage: Variable encode_ctx going out of scope leaks the storage it points to Fix CID 1430437, 1430426, 1430429 : Dereference before null check in test/drbg_cavs_test.c check_after_deref: Null-checking drbg suggests that it may be null, but it has already been dereferenced on all paths leading to the check Fix CID 1440765: Dereference before null check in test/ssltestlib.c check_after_deref: Null-checking ctx suggests that it may be null, but it has already been dereferenced on all paths leading to the check. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/7993)
* Add a test for correct handling of the cryptopro bug extensionMatt Caswell2019-01-071-4/+28
| | | | | | | | | This was complicated by the fact that we were using this extension for our duplicate extension handling tests. In order to add tests for cryptopro bug the duplicate extension handling tests needed to change first. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7984)
* Fix no-sockMatt Caswell2019-01-062-9/+6
| | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7981)
* Fix no-cmacMatt Caswell2019-01-061-3/+3
| | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7979)
* Introduce a no-pinshared optionMatt Caswell2019-01-041-21/+25
| | | | | | | | | | | This option prevents OpenSSL from pinning itself in memory. Fixes #7598 [extended tests] Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7647)
* Test atexit handlersMatt Caswell2019-01-042-16/+87
| | | | | | | | Test that atexit handlers get called properly at process exit, unless we have explicitly asked for them not to be. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7647)
* Don't link shlibloadtest against libcryptoMatt Caswell2019-01-042-50/+90
| | | | | | | | | The whole point of shlibloadtest is to test dynamically loading and unloading the library. If we link shlibloadtest against libcrypto then that might mask potential issues. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7647)
* Fix shlibloadtest to properly execute the dso_ref testMatt Caswell2019-01-041-9/+3
| | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7647)
* Fix cert with rsa instead of rsaEncryption as public key algorithmBernd Edlinger2018-12-312-1/+21
| | | | | Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/7962)
* Use (D)TLS_MAX_VERSION_INTERNAL internallyKurt Roeckx2018-12-1513-64/+52
| | | | | | | Use 0 if we don't want to set a minimum or maximum version Reviewed-by: Matt Caswell <matt@openssl.org> GH: #7260
* Add RFC5297 AES-SIV supportTodd Short2018-12-123-27/+86
| | | | | | | | | | | | | | Based originally on github.com/dfoxfranke/libaes_siv This creates an SIV128 mode that uses EVP interfaces for the CBC, CTR and CMAC code to reduce complexity at the cost of perfomance. The expected use is for short inputs, not TLS-sized records. Add multiple AAD input capacity in the EVP tests. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/3540)
* Add an Ed448 malleability testMatt Caswell2018-12-111-0/+7
| | | | | Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/7748)
* typo ANS1 -> ASN1nxtstep2018-12-111-1/+1
| | | | | | | | CLA: trivial Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7857)
* Cleaner disposal of ephemeral engine ids and namesViktor Dukhovni2018-12-092-9/+10
| | | | | | | | | | | | Engine names and ids are typically static strings. If an application actually dynamically allocated these, the application owns the storage, and should dispose of it via the original handle, rather than the "const char *" returned by the engine. In any case, this resolves the test code issue without resort to "unconst" macros/casts. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Eliminate NOP castViktor Dukhovni2018-12-091-2/+2
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* change into hex string constants to avoid overflow warningsChristos Zoulas2018-12-091-8/+4
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* Add a format attribute to the format functions and fix the broken formatChristos Zoulas2018-12-093-14/+38
| | | | | | | | strings. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* Fix const issuesChristos Zoulas2018-12-091-3/+4
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* Avoid const castaway warningChristos Zoulas2018-12-091-2/+2
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* Use a const variableChristos Zoulas2018-12-091-1/+2
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* Use the proper fonst castChristos Zoulas2018-12-091-1/+1
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* don't pass const string where a modifyable string is expectedChristos Zoulas2018-12-091-1/+2
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* add missing "void" in prototype.Christos Zoulas2018-12-091-1/+1
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* add missing const in castChristos Zoulas2018-12-091-1/+1
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* add missing constChristos Zoulas2018-12-091-1/+1
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* use the proper types to eliminate castsChristos Zoulas2018-12-091-17/+17
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* sslapitest: add test ktlsBoris Pismenny2018-12-073-0/+317
| | | | | | | | | | | Add a unit-test for ktls. Signed-off-by: Boris Pismenny <borisp@mellanox.com> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Yang <yang.yang@baishancloud.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5253)
* Following the license change, modify the boilerplates in test/Richard Levitte2018-12-06347-347/+347
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7767)
* Refactor the computation of API version limitsRichard Levitte2018-12-062-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, the API version limit was indicated with a numeric version number. This was "natural" in the pre-3.0.0 because the version was this simple number. With 3.0.0, the version is divided into three separate numbers, and it's only the major number that counts, but we still need to be able to support pre-3.0.0 version limits. Therefore, we allow OPENSSL_API_COMPAT to be defined with a pre-3.0.0 style numeric version number or with a simple major number, i.e. can be defined like this for any application: -D OPENSSL_API_COMPAT=0x10100000L -D OPENSSL_API_COMPAT=3 Since the pre-3.0.0 numerical version numbers are high, it's easy to distinguish between a simple major number and a pre-3.0.0 numerical version number and to thereby support both forms at the same time. Internally, we define the following macros depending on the value of OPENSSL_API_COMPAT: OPENSSL_API_0_9_8 OPENSSL_API_1_0_0 OPENSSL_API_1_1_0 OPENSSL_API_3 They indicate that functions marked for deprecation in the corresponding major release shall not be built if defined. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7724)
* Switch to MAJOR.MINOR.PATCH versioning and version 3.0.0-devRichard Levitte2018-12-064-22/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We're strictly use version numbers of the form MAJOR.MINOR.PATCH. Letter releases are things of days past. The most central change is that we now express the version number with three macros, one for each part of the version number: OPENSSL_VERSION_MAJOR OPENSSL_VERSION_MINOR OPENSSL_VERSION_PATCH We also provide two additional macros to express pre-release and build metadata information (also specified in semantic versioning): OPENSSL_VERSION_PRE_RELEASE OPENSSL_VERSION_BUILD_METADATA To get the library's idea of all those values, we introduce the following functions: unsigned int OPENSSL_version_major(void); unsigned int OPENSSL_version_minor(void); unsigned int OPENSSL_version_patch(void); const char *OPENSSL_version_pre_release(void); const char *OPENSSL_version_build_metadata(void); Additionally, for shared library versioning (which is out of scope in semantic versioning, but that we still need): OPENSSL_SHLIB_VERSION We also provide a macro that contains the release date. This is not part of the version number, but is extra information that we want to be able to display: OPENSSL_RELEASE_DATE Finally, also provide the following convenience functions: const char *OPENSSL_version_text(void); const char *OPENSSL_version_text_full(void); The following macros and functions are deprecated, and while currently existing for backward compatibility, they are expected to disappear: OPENSSL_VERSION_NUMBER OPENSSL_VERSION_TEXT OPENSSL_VERSION OpenSSL_version_num() OpenSSL_version() Also, this function is introduced to replace OpenSSL_version() for all indexes except for OPENSSL_VERSION: OPENSSL_info() For configuration, the option 'newversion-only' is added to disable all the macros and functions that are mentioned as deprecated above. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7724)
* Switch future deprecation version from 1.2.0 to 3.0Richard Levitte2018-12-062-5/+5
| | | | | | | | | | This is in preparation for a switch to MAJOR.MINOR.PATCH versioning and calling the next major version 3.0.0. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7724)
* Fix some SSL_export_keying_material() issuesMatt Caswell2018-12-052-13/+37
| | | | | | | | | Fix some issues in tls13_hkdf_expand() which impact the above function for TLSv1.3. In particular test that we can use the maximum label length in TLSv1.3. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7755)
* Add an Ed25519 signature maleability testMatt Caswell2018-12-031-0/+8
| | | | | Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7697)
* Don't test the collected system errors when configured to not have themRichard Levitte2018-11-271-0/+3
| | | | | | | | | Config options 'no-err' and 'no-autoerrinit' Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/7711)
* Avoid test_errstr in a cross compiled configurationRichard Levitte2018-11-241-0/+9
| | | | | | | | | | There's too high a chance that the openssl app and perl get different messages for some error numbers. [extended tests] Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7699)
* Add an error message test recipes for system error messagesRichard Levitte2018-11-231-0/+66
| | | | | | | | This ensures we collected them properly and and as completely as can be tested safely. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7681)
* Update copyright yearMatt Caswell2018-11-2014-14/+14
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7668)
* test/siphash_internal_test.c: ensure the SIPHASH structure is zeroedRichard Levitte2018-11-151-2/+2
| | | | | | | | | Fixes #7641 [extended tests] Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7642)
* Fix no-ec and no-tls1_2Matt Caswell2018-11-143-35/+46
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7620)
* Fix rpath-related Linux "test_shlibload" failure.Richard Levitte2018-11-141-8/+19
| | | | | | | | | | | | When libssl and libcrypto are compiled on Linux with "-rpath", but not "--enable-new-dtags", the RPATH takes precedence over LD_LIBRARY_PATH, and we end up running with the wrong libraries. This is resolved by using full (or at least relative, rather than just the filename to be found on LD_LIBRARY_PATH) paths to the shared objects. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7626)
* KMAC implementation using EVP_MACShane Lontis2018-11-142-0/+102
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7597)
* Added missing signature algorithm reflection functionsViktor Dukhovni2018-11-122-2/+2
| | | | | | | | | | | | | SSL_get_signature_nid() -- local signature algorithm SSL_get_signature_type_nid() -- local signature algorithm key type SSL_get_peer_tmp_key() -- Peer key-exchange public key SSL_get_tmp_key -- local key exchange public key Aliased pre-existing SSL_get_server_tmp_key(), which was formerly just for clients, to SSL_get_peer_tmp_key(). Changed internal calls to use the new name. Reviewed-by: Matt Caswell <matt@openssl.org>
* Add a test for SSL_CTX_set0_CA_list()/SSL_CTX_set_client_CA_list()Matt Caswell2018-11-121-0/+136
| | | | | Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7503)
* Test use of a brainpool ECDSA certificateMatt Caswell2018-11-122-397/+495
| | | | | Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7442)
* Add some test brainpool certificatesMatt Caswell2018-11-123-0/+25
| | | | | Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7442)
* Fix SipHash init order.Richard Levitte2018-11-121-1/+1
| | | | | | | | | | | | | | | | Setting the SipHash hash size and setting its key is done with two independent functions... and yet, the internals depend on both. Unfortunately, the function to change the size wasn't adapted for the possibility that the key was set first, with a different hash size. This changes the hash setting function to fix the internal values (which is easy, fortunately) according to the hash size. evpmac.txt value for digestsize:8 is also corrected. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7613)
View Lorry Controller Status