Commit graph

1289 commits

Author SHA1 Message Date
Emilia Kasper
d61f00780a Add TEST_check
Like OPENSSL_assert, but also prints the error stack before exiting.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-10 14:41:21 +02:00
Emilia Kasper
da085d273c SSL tests: port CT tests, add a few more
This commit only ports existing tests, and adds some coverage for
resumption. We don't appear to have any handshake tests that cover SCT
validation success, and this commit doesn't change that.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-10 14:41:21 +02:00
Emilia Kasper
6bd3379a58 SSL test ctx: fix tests
Some failure tests were failing for the wrong reason after the CTX
refactoring. Update those tests.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-10 14:41:21 +02:00
David Woodhouse
eb633d03fe Kill PACKET_starts() from bad_dtls_test
As discussed in PR#1409 it can be done differently.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-10 12:50:51 +01:00
David Woodhouse
c14e790d6c Fix clienthellotest to use PACKET functions
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-10 12:50:51 +01:00
Emilia Kasper
2ac6bdc029 NPN and ALPN: test resumption
In NPN and ALPN, the protocol is renegotiated upon resumption. Test that
resumption picks up changes to the extension.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-08 15:14:52 +02:00
Emilia Kasper
7b7cea6d71 Fix ALPN tests when NPN is off
OPENSSL_NO_NEXTPROTONEG only disables NPN, not ALPN

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-08 12:19:31 +02:00
Emilia Kasper
9f48bbacd8 Reorganize SSL test structures
Move custom server and client options from the test dictionary to an
"extra" section of each server/client. Rename test expectations to say
"Expected".

This is a big but straightforward change. Primarily, this allows us to
specify multiple server and client contexts without redefining the
custom options for each of them. For example, instead of
"ServerNPNProtocols", "Server2NPNProtocols", "ResumeServerNPNProtocols",
we now have, "NPNProtocols".

This simplifies writing resumption and SNI tests. The first application
will be resumption tests for NPN and ALPN.

Regrouping the options also makes it clearer which options apply to the
server, which apply to the client, which configure the test, and which
are test expectations.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-08 12:06:26 +02:00
klemens
6025001707 spelling fixes, just comments and readme.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1413)
2016-08-05 19:07:30 -04:00
Richard Levitte
5cdad22f3e Move the building of test/buildtest_*. to be done unconditionally
These were guarded by $disabled{tests}.  However, 'tests' is disabled
if we configure 'no-stdio', which means that we don't detect the lack
of OPENSSL_NO_STDIO guards in our public header files.  So we move the
generation and build of test/buildtest_*.c to be unconditional.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-05 21:17:05 +02:00
Richard Levitte
9cc76cc40a VMS: Fix building of bad_dtls_test
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-08-05 10:14:56 +02:00
David Woodhouse
16938284cf Add basic test for Cisco DTLS1_BAD_VER and record replay handling
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-04 20:56:24 +01:00
Richard Levitte
f37c159aed 80-test_ssl_new.t: only skip on $no_tls if no other skip conditions defined
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-02 13:27:39 +02:00
Richard Levitte
f4947bf10e In 80-test_ssl_new, more "plan tests" to a more useful position
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-02 11:37:38 +02:00
Matt Caswell
ee94aeee7d Fix tests for no-nextprotoneg
Fix the 80-test_ssl_test_ctx and 80-test_ssl_new tests when used with the
no-nextprotoneg option

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-02 10:19:56 +01:00
Ben Laurie
620c6ad312 Fix various no-*s.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-01 11:30:33 +01:00
Andy Polyakov
382bb0b294 test/smcont.txt: trigger assertion in bio_enc.c.
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-07-31 17:03:17 +02:00
Matt Caswell
0fae81501a Fix bogus warnings
Fix some bogus "may be used uninitialized" warnings on some compilers.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-30 10:38:28 +01:00
Matt Caswell
65e2d67254 Simplify and rename SSL_set_rbio() and SSL_set_wbio()
SSL_set_rbio() and SSL_set_wbio() are new functions in 1.1.0 and really
should be called SSL_set0_rbio() and SSL_set0_wbio(). The old
implementation was not consistent with what "set0" means though as there
were special cases around what happens if the rbio and wbio are the same.
We were only ever taking one reference on the BIO, and checking everywhere
whether the rbio and wbio are the same so as not to double free.

A better approach is to rename the functions to SSL_set0_rbio() and
SSL_set0_wbio(). If an existing BIO is present it is *always* freed
regardless of whether the rbio and wbio are the same or not. It is
therefore the callers responsibility to ensure that a reference is taken
for *each* usage, i.e. one for the rbio and one for the wbio.

The legacy function SSL_set_bio() takes both the rbio and wbio in one go
and sets them both. We can wrap up the old behaviour in the implementation
of that function, i.e. previously if the rbio and wbio are the same in the
call to this function then the caller only needed to ensure one reference
was passed. This behaviour is retained by internally upping the ref count.

This commit was inspired by BoringSSL commit f715c423224.

RT#4572

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-29 14:09:57 +01:00
Matt Caswell
9a7169870e Add some SSL BIO tests
This adds some simple SSL BIO tests that check for pushing and popping of
BIOs into the chain. These tests would have caught the bugs fixed in the
previous three commits, if combined with a crypto-mdebug build.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-29 14:09:57 +01:00
Matt Caswell
7fb4c82035 Add a test for SSL_set_bio()
The SSL_set_bio() function has some complicated ownership rules. This adds a
test to make sure it all works as expected.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-29 14:09:57 +01:00
Matt Caswell
80f397e2c6 Fix no-tls1_2
Misc fixes impacting no-tls1_2. Also fixes no-dtls1_2.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-25 08:24:32 +01:00
Matt Caswell
3e82ae573a Fix no-dtls*
Also fixes some other options like no-dgram and no-sock.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-25 08:24:32 +01:00
Matt Caswell
49dadc1cb7 Fix no-ct
Ensure that we don't build/run the ct fuzzing code if no-ct is used.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-25 08:18:14 +01:00
Emilia Kasper
d0c4415de5 SSL tests: compress generated output a little
Don't emit duplicate server/client sections when they are
identical. Instead, just point to the same section.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-22 15:54:26 +02:00
Emilia Kasper
d972af2b5e Make boolean SSL test conf values case-insensitive
Undo review mistake: I changed the wrong strcmp in a previous pull
request. Add test.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-22 15:54:12 +02:00
Emilia Kasper
11279b13f5 Test client-side resumption
Add tests for resuming with a different client version.

This happens in reality when clients persist sessions on disk through
upgrades.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-21 15:44:36 +02:00
Emilia Kasper
590ed3d7ea SSL test framework: port resumption tests
Systematically test every server-side version downgrade or upgrade.

Client version upgrade or downgrade could be tested analogously but will
be done in a later change.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-07-20 13:55:53 +02:00
FdaSilvaYY
e8aa8b6c8f Fix a few if(, for(, while( inside code.
Fix some indentation at the same time

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1292)
2016-07-20 07:21:53 -04:00
FdaSilvaYY
1c72f70df4 Use more X509_REQ_get0_pubkey & X509_get0_pubkey
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1284)
2016-07-20 01:35:38 -04:00
Matt Caswell
df0aa7770e Fix building with no-cms
The new fuzzing code broke no-cms

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-19 14:01:33 +01:00
Emilia Kasper
ce2cdac278 SSL test framework: port NPN and ALPN tests
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-19 14:17:48 +02:00
Matt Caswell
eaa776da07 Add more session tests
Add some more tests for sessions following on from the previous commit
to ensure the callbacks are called when appropriate.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-19 12:08:49 +01:00
Richard Levitte
7218ae5134 Use _NO_INST in some build.info files
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-18 20:49:54 +02:00
Matt Caswell
1b5c44b810 Fix client auth test_ssl_new failures when enabling/disabling protocols
If configuring for anything other than the default TLS protocols then
test failures were occuring.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-07-18 14:30:14 +01:00
Matt Caswell
10e6d23549 Fix SSLv3 ClientAuth alert checking
In TLS during ClientAuth if the CA is not recognised you should get an
UnknownCA alert. In SSLv3 this does not exist and you should get a
BadCertificate alert.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-07-18 14:30:14 +01:00
Matt Caswell
78cbe94f89 Fix Client Auth tests
The Client Auth tests were not correctly setting the Protocol, so that this
aspect had no effect. It was testing the same thing lots of times for
TLSv1.2 every time.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-07-18 14:30:14 +01:00
Dr. Stephen Henson
d166ed8c11 check return values for EVP_Digest*() APIs
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-15 14:09:05 +01:00
Viktor Dukhovni
5ae4ceb92c Perform DANE-EE(3) name checks by default
In light of potential UKS (unknown key share) attacks on some
applications, primarily browsers, despite RFC761, name checks are
by default applied with DANE-EE(3) TLSA records.  Applications for
which UKS is not a problem can optionally disable DANE-EE(3) name
checks via the new SSL_CTX_dane_set_flags() and friends.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-12 10:16:34 -04:00
Dr. Stephen Henson
d83b7e1a58 Extend mkcert.sh to support nameConstraints generation and more complex
subject alternate names.

Add nameConstraints tests incluing DNS, IP and email tests both in
subject alt name extension and subject name.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-11 23:30:04 +01:00
Rich Salz
cc75cbc4ed Platform sanity test
Replace nptest with sanity test.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-08 15:56:55 -04:00
Andy Polyakov
f1f5ee17b6 include/openssl: don't include <windows.h> in public headers.
If application uses any of Windows-specific interfaces, make it
application developer's respondibility to include <windows.h>.
Rationale is that <windows.h> is quite "toxic" and is sensitive
to inclusion order (most notably in relation to <winsock2.h>).
It's only natural to give complete control to the application developer.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-07-08 11:49:44 +02:00
Matt Caswell
fe964f0c88 Use the SSL_METHODs passed to create_ssl_ctx_pair()
Don't use hardcoded SSL_METHODs!

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-01 23:23:16 +01:00
Richard Levitte
0483f58652 Simplify INCLUDE statements in build.info files
Now that INCLUDE considers both the source and build trees, no need
for the rel2abs perl fragment hacks any more.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-01 18:36:08 +02:00
Kurt Roeckx
a05b0bcf87 Re-add x509 and crl fuzzer
Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1276
2016-07-01 17:02:33 +02:00
Ben Laurie
90d28f0519 Run the fuzzing corpora as tests.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-01 13:45:45 +01:00
Kurt Cancemi
8a3c000c8f Fix hmac test case 6
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1267)
2016-06-30 08:52:37 -04:00
FdaSilvaYY
6b4a77f56e Whitespace cleanup in apps
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1264)
2016-06-29 09:56:39 -04:00
FdaSilvaYY
9d22666eb8 Spelling
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1264)
2016-06-29 09:56:39 -04:00
Emilia Kasper
d2b23cd2b0 SSL test framework: port SNI tests
Observe that the old tests were partly ill-defined:
setting sn_server1 but not sn_server2 in ssltest_old.c does not enable
the SNI callback.

Fix this, and also explicitly test both flavours of SNI mismatch (ignore
/ fatal alert). Tests still pass.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-28 17:26:24 +02:00
Matt Caswell
c3fd55d4a6 Add a test for fragmented alerts
The previous commit fixed a problem where fragmented alerts would cause an
infinite loop. This commit adds a test for these fragmented alerts.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-27 14:51:03 +01:00
Matt Caswell
a6211814c4 Add a getter to obtain the HMAC_CTX md
As a result of opaque HMAC_CTX apps need a getter for the HMAC_CTX md.

GitHub Issue #1152

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-06-24 13:22:40 +01:00
Rich Salz
fe2d149119 RT2867: des_ede3_cfb1 ignored "size in bits" flag
Code and tests by Steve.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-23 10:03:50 -04:00
Viktor Dukhovni
615dd78b72 Drop extraneous printf argument in mkcert.sh
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-23 23:40:29 +10:00
Dr. Stephen Henson
b58614d7f5 Fix generation of expired CA certificate.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-22 23:23:09 +01:00
Richard Levitte
768a3eca39 OpenSSL::Test: Fix directory calculations in __cwd()
The previous fix contained a mistake, where any absolute path in
%directories would be cleared away instead of just being left alone.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-22 22:24:07 +02:00
Andy Polyakov
eeac54ef6d crypto/cryptlib.c: omit OPENSSL_ia32cap_loc().
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-22 20:20:37 +02:00
Richard Levitte
3da9eeb158 OpenSSL::Test: Fix directory calculations in __cwd()
We recalculate the location of the directories we keep track of.
However, we did so after having moved to the new directory already, so
the data we did the calculations from were possibly not quite correct.

This change moves the calculations to happen before moving to the new
directory.

This issue is sporadic, and possibly dependent on the platform.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-21 14:52:34 +02:00
Richard Levitte
aa951ef3d7 Add verification of proxy certs to 25-test_verify.t
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-06-20 21:34:37 +02:00
Richard Levitte
8dfb2021d1 Create some proxy certificates
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-06-20 21:34:37 +02:00
Richard Levitte
71c8cd2085 Make it possible to generate proxy certs with test/certs/mkcert.sh
This extends 'req' to take more than one DN component, and to take
them as full DN components and not just CN values.  All other commands
are changed to pass "CN = $cn" instead of just a CN value.

This adds 'genpc', which differs from the other 'gen*' commands by not
calling 'req', and expect the result from 'req' to come through stdin.

Finally, test/certs/setup.sh gets the commands needed to generate a
few proxy certificates.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-06-20 21:34:37 +02:00
Emilia Kasper
9267c11bb5 Make DSA_SIG and ECDSA_SIG getters const.
Reorder arguments to follow convention.

Also allow r/s to be NULL in DSA_SIG_get0, similarly to ECDSA_SIG_get0.

This complements GH1193 which adds non-const setters.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-20 14:58:36 +02:00
Rob Percival
876a1a83ad Tests should check validation status directly
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-20 11:54:56 +01:00
Rob Percival
4fc31f7583 Test SCT lists
This encompasses what was previously tested.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-20 11:31:04 +01:00
FdaSilvaYY
93b8981d89 Useless includes
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1168)
2016-06-18 16:30:24 -04:00
Rich Salz
d3b64b89ed Fix GCC build; make update; fix number re-use
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-16 15:48:03 -04:00
Matt Caswell
b02b574317 Skip the TLSProxy tests if environmental problems are an issue
On some platforms we can't startup the TLSProxy due to environmental
problems (e.g. network set up on the build machine). These aren't OpenSSL
problems so we shouldn't treat them as test failures. Just visibly
indicate that we are skipping the test.

We only skip the first time we attempt to start up the proxy. If that works
then everything else should do...if not we should probably investigate and
so report as a failure.

This also removes test_networking...there is a danger that this turns into
a test of user's environmental set up rather than OpenSSL.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-16 16:32:14 +01:00
Matt Caswell
b84e12266f Fix the build and tests following constification of DH, DSA, RSA
Misc fixes following the constification of the DH, DSA and RSA
getters.

Reviewed-by: Stephen Henson <steve@openssl.org>
2016-06-16 13:34:44 +01:00
Andy Polyakov
cc77d0d84a modes/asm/ghashp8-ppc.pl: improve performance by 2.7x.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 23:28:39 +02:00
Andy Polyakov
74daca72a5 test/evptests.txt: add more XTS tests.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 23:19:41 +02:00
Richard Levitte
a8c82fa00f Shorten some symbol names
VMS C doesn't allow symbols longer than 31 characters.  We do the
automatic shortening with the library files, but not otherwise (to
make sure to work the VMS C magic).

For consistency, I shortened other similar symbols in the same manner.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 00:44:29 +02:00
Matt Caswell
c887104f4a Update sslapitest to use the test framework
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-13 17:35:18 +01:00
Matt Caswell
2cb4b5f63a Add some session API tests
This commit adds some session API tests, and in particular tests the
modified behaviour of SSL_set_session() introduced in the last commit. To
do this I have factored out some common code from the asynciotest into a
new ssltestlib.c file. I've also renamed getsettest to sslapitest as this
more closely matches what it now is!

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-13 17:35:18 +01:00
Emilia Kasper
b02929802c SSL test: only write out server2 when testing SNI
The SNI tests introduced a redundant "server2" section into every test
configuration. Copy this automatically from "server" unless testing SNI,
to reduce noise in the generated confs.

Also remove duplicate SSL_TEST_CTX_create (merge conflict error).

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-13 18:31:33 +02:00
Matt Caswell
25b9d11c00 Handle inability to create AFALG socket
Some Linux platforms have a suitably recent kernel to support AFALG, but
apparently you still can't actually create an afalg socket. This extends
the afalg_chk_platform() function to additionally check whether we can
create an AFALG socket. We also amend the afalgtest to not report a
failure to load the engine as a test failure. A failure to load is almost
certainly due to platform environmental issues, and not an OpenSSL problem.

RT 4434

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-13 17:28:40 +01:00
Emilia Kasper
74726750ef Port DTLS version negotiation tests
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-13 16:13:13 +02:00
Emilia Kasper
81fc33c951 Clean up following new SNI tests
- Only send SNI in SNI tests. This allows us to test handshakes without
  the SNI extension as well.
- Move all handshake-specific machinery to handshake_helper.c
- Use enum types to represent the enum everywhere
  (Resorting to plain ints can end in sign mismatch when the enum is
  represented by an unsigned type.)

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-13 16:03:06 +02:00
Rich Salz
a7be5759cf RT3809: basicConstraints is critical
This is really a security bugfix, not enhancement any more.
Everyone knows critical extensions.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-06-13 09:18:22 -04:00
Matt Caswell
73159f403e Fix no-dtls* builds
Most of the no-dtls* builds were failing due to one test which had an
incorrect "skip" condition.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-10 15:53:21 +01:00
Emilia Kasper
1e2012b7ff RT 4242: reject invalid EC point coordinates
We already test in EC_POINT_oct2point that points are on the curve. To
be on the safe side, move this check to
EC_POINT_set_affine_coordinates_* so as to also check point coordinates
received through some other method.

We do not check projective coordinates, though, as
- it's unlikely that applications would be receiving this primarily
  internal representation from untrusted sources, and
- it's possible that the projective setters are used in a setting where
  performance matters.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-09 23:58:20 +02:00
Todd Short
5c753de668 Fix session ticket and SNI
When session tickets are used, it's possible that SNI might swtich the
SSL_CTX on an SSL. Normally, this is not a problem, because the
initial_ctx/session_ctx are used for all session ticket/id processes.

However, when the SNI callback occurs, it's possible that the callback
may update the options in the SSL from the SSL_CTX, and this could
cause SSL_OP_NO_TICKET to be set. If this occurs, then two bad things
can happen:

1. The session ticket TLSEXT may not be written when the ticket expected
flag is set. The state machine transistions to writing the ticket, and
the client responds with an error as its not expecting a ticket.
2. When creating the session ticket, if the ticket key cb returns 0
the crypto/hmac contexts are not initialized, and the code crashes when
trying to encrypt the session ticket.

To fix 1, if the ticket TLSEXT is not written out, clear the expected
ticket flag.
To fix 2, consider a return of 0 from the ticket key cb a recoverable
error, and write a 0 length ticket and continue. The client-side code
can explicitly handle this case.

Fix these two cases, and add unit test code to validate ticket behavior.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1098)
2016-06-09 13:07:51 -04:00
Jeffrey Walton
2a7de0fd5d Fixes to get -ansi working
Various fixes to get the following to compile:

./config no-asm -ansi -D_DEFAULT_SOURCE

RT4479
RT4480

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-08 20:18:04 +01:00
Rich Salz
e417070c9f Add some accessor API's
GH1098: Add X509_get_pathlen() (and a test)
GH1097:  Add SSL_is_dtls() function.

Documented.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-08 11:37:06 -04:00
Matt Caswell
4f0c475719 Add empty record tests
The previous commit changed how we handle out-of-context empty records.
This commit adds some tests for the various scenarios. There are three
tests:
1: Check that if we inject an out-of-context empty record then we fail
2: Check that if we inject an in-context empty record then we succeed
3: Check that if we inject too many in-context empty records then we fail.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-07 22:07:36 +01:00
Matt Caswell
f44310e9ce Add a BN_mod_word test()
The previous commit fixed a bug with BN_mod_word() which would have been
caught if we had a test for it. This commit adds one.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-07 21:55:31 +01:00
Matt Caswell
8f09ba471c Add an SSL get/set test
We just do the getters/setter for tlsext_status_type. This could be extended
for others in the future.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-07 17:05:52 +01:00
Richard Levitte
81b538e51e tests: fix the shutting up of the shell
If we're going to redirect STDERR and STDOUT, it's better to do it by
the book.  This fix is a straight copy of examples in the perlfunc
manual.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-06 15:51:35 +02:00
Matt Caswell
5584f65a10 Deprecate the flags that switch off constant time
The flags RSA_FLAG_NO_CONSTTIME, DSA_FLAG_NO_EXP_CONSTTIME and
DH_FLAG_NO_EXP_CONSTTIME which previously provided the ability to switch
off the constant time implementation for RSA, DSA and DH have been made
no-ops and deprecated.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-06 11:09:06 +01:00
Richard Levitte
78e91586fb tests: Shut the shell up unless verbose
In rare cases, the shell we run test programs in may have complaints.
Shut those up unless testing verbosely.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-06-06 10:03:01 +02:00
Viktor Dukhovni
501d53c600 Silence misleading test_abort stderr output
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-05 12:06:02 -04:00
Richard Levitte
e2ec7332c4 Make 25-test_gen.t and 25-test_req.t into one
Since one generates files that the other depends on, there's no
real reason to keep them separate.  Since they were both different
aspects of 'openssl req', the merge ends up in 25-test_req.t.

This also makes cleanup easier.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-04 09:43:26 +02:00
Richard Levitte
c9d2437385 Have some more test recipes clean up after themselves
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-04 09:43:26 +02:00
Richard Levitte
bffb149054 Generate simple build test files
Generate small test programs to check that external programs can be
built with our stuff at a very basic level.

For now, they check that each of our header files can be included
individually without compile failure.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-04 01:22:08 +02:00
Richard Levitte
b38c43f7bc tests: clean up temporary SSL session files.
RT#4557

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-03 15:31:16 +02:00
Emilia Kasper
63936115e8 Update client authentication tests
Port client auth tests to the new framework, add coverage. The old tests
were only testing success, and only for some protocol versions; the new
tests add all protocol versions and various failure modes.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-03 11:59:46 +02:00
Richard Levitte
a182e546c7 Testing symbol presence: also take note of small objects
The S symbol class wasn't checked.

Notified by Sebastian Andrzej Siewior

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-06-02 03:12:04 +02:00
Rich Salz
b8a9af6881 Remove/rename some old files.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-01 11:29:57 -04:00
Rich Salz
44c8a5e2b9 Add final(?) set of copyrights.
Add copyright to missing assembler files.
Add copyrights to missing test/* files.
Add copyrights
Various source and misc files.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-01 11:27:25 -04:00
Rich Salz
6493e4801e RT4337: Crash in DES
Salt must be two ASCII characters.  Add tests to check for that,
and a test to test the checks.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-01 09:28:53 -04:00
Richard Levitte
23049aa52e perl: use the 'if' module to conditionally load File::Glob
Trying to use normal perl conditions to conditionally 'use' a perl
module didn't quite work.  Using the 'if' module to do so does work.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-05-30 11:55:46 +02:00
Andy Polyakov
9785555616 Configure,test/recipes: "pin" glob to File::Glob::glob.
As it turns out default glob's behaviour for quoted argument varies
from version to version, making it impossible to Configure or run
tests in some cases. The reason for quoting globs was to accommodate
source path with spaces in its name, which was treated by default glob
as multiple paths. File::Glob::glob on the other hand doesn't consider
spaces as delimiters and therefore works with unquoted patterns.

[Unfortunaltely File::Glob::glob, being too csh-ly, doesn't work
on VMS, hence the "pinning" is conditional.]

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-29 14:12:35 +02:00
Richard Levitte
ac1a998d04 make sure to put quotes around -config argument, in case of spaces
RT#4486

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-27 17:41:32 +02:00
Richard Levitte
04b7805a86 perl glob: make sure to put quotes around the pattern, in case of spaces
RT#4486

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-27 17:41:32 +02:00
Matt Caswell
46ac07f545 Avoid msys name mangling
If using the msys console then msys attempts to "fix" command line
arguments to convert them from Unix style to Windows style. One of the
things it does is to look for arguments seperated by colons. This it
assumes is a list of file paths, so it replaces the colon with a semi-colon.
This was causing one of our tests to fail when calling the "req" command
line app. We were attempting to create a new DSA key and passing the
argument "dsa:../apps/dsa1024.pem". This is exactly what we intended but
Msys mangles it to "dsa;../apps/dsa1024.pem" and the command fails.
There doesn't seem to be a way to suppress Msys name mangling. Fortunately
we can work around this issue by generating the DSA key in a separate step
by calling "gendsa".

RT#4255

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-27 15:19:03 +01:00
Matt Caswell
ec91f92ddf Silence some "may be uninitialized when used" warning
Clang was complaining about some variables possibly being uninitialized
when used. The warnings are bogus, but clang can't figure that out. This
silences the warnings.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-27 14:59:47 +01:00
Matt Caswell
f8f686ec1c Add a test for printing floating point format specifiers
Previous commits fixed the implementation of the %e and %g format
specifiers as well as other issues. This commit adds a test.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-27 10:25:31 +01:00
Richard Levitte
7030e35d07 build.info files: add quotes around any spec that may contain spaces
RT#4492

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-05-25 11:50:44 +02:00
FdaSilvaYY
e5a5e3f3db Add checks on CRYPTO_set_ex_data return value
Fix possible leak in danetest.c

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-23 13:43:31 +01:00
Rich Salz
6aa36e8e5a Add OpenSSL copyright to .pl files
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-21 08:23:39 -04:00
Matt Caswell
d7295cd6d2 Add an async io test
This adds an async IO test. There are two test runs. The first one does
a normal handshake with lots of async IO events. The second one does the
same but this time breaks up all the written records into multiple records
of one byte in length. We do this all the way up until the CCS.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-05-20 14:39:45 +01:00
Matt Caswell
464175692f Simplify SSL BIO buffering logic
The write BIO for handshake messages is bufferred so that we only write
out to the network when we have a complete flight. There was some
complexity in the buffering logic so that we switched buffering on and
off at various points through out the handshake. The only real reason to
do this was historically it complicated the state machine when you wanted
to flush because you had to traverse through the "flush" state (in order
to cope with NBIO). Where we knew up front that there was only going to
be one message in the flight we switched off buffering to avoid that.

In the new state machine there is no longer a need for a flush state so
it is simpler just to have buffering on for the whole handshake. This
also gives us the added benefit that we can simply call flush after every
flight even if it only has one message in it. This means that BIO authors
can implement their own buffering strategies and not have to be aware of
the state of the SSL object (previously they would have to switch off
their own buffering during the handshake because they could not rely on
a flush being received when they really needed to write data out). This
last point addresses GitHub Issue #322.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-05-20 14:11:11 +01:00
Rich Salz
440e5d805f Copyright consolidation 02/10
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-17 14:20:27 -04:00
Andy Polyakov
ff715da492 test/evp_test.c: exercise in-place encryption.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-05-16 22:26:37 +02:00
Rich Salz
49445f21da Use OPENSSL_hexchar2int
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-16 15:21:10 -04:00
Viktor Dukhovni
5c4328f04f Fold threads.h into crypto.h making API public
Document thread-safe lock creation

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-16 12:16:26 -04:00
Richard Levitte
1563102bbd VMS perl: Fix glob output
In some cases, perl's glob() thinks it needs to return file names with
generation numbers, such as when a file name pattern includes two
periods.  Constructing other file names by simple appending to file
names with generation numbers isn't a good idea, so for the VMS case,
just peal the generation numbers if they are there.
Fortunately, this is easy, as the returned generation number delimiter
will always be a semi-colon.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-13 14:33:41 +02:00
Matt Caswell
5f7267598d Add some additional NewSessionTicket tests
If the server does not send a session ticket extension, it should not then
send the NewSessionTicket message.

If the server sends the session ticket extension, it MUST then send the
NewSessionTicket message.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-05-13 13:04:46 +01:00
Emilia Kasper
a263f320eb Remove proxy tests. Add verify callback tests.
The old proxy tests test the implementation of an application proxy
policy callback defined in the test itself, which is not particularly
useful.

It is, however, useful to test cert verify overrides in
general. Therefore, replace these tests with tests for cert verify
callback behaviour.

Also glob the ssl test inputs on the .in files to catch missing
generated files.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-12 19:02:42 +02:00
Emilia Kasper
5a22cf96a0 Replace cipherlist test
The old cipherlist test in ssltest.c only tests the internal order of
the cipher table, which is pretty useless.

Replace this test with a test that catches inadvertent changes to the
default cipherlist.

Fix run_tests.pl to correctly filter tests that have "list" in their name.

(Also includes a small drive-by fix in .gitignore.)

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-11 18:59:46 +02:00
Viktor Dukhovni
fde2257f05 Fix i2d_X509_AUX, update docs and add tests
When *pp is NULL, don't write garbage, return an unexpected pointer
or leak memory on error.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-05-11 01:46:06 -04:00
Dr. Stephen Henson
be6bdab6f8 Recognise VERBOSE and V as well as HARNESS_VERBOSE
PR#4462

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-09 14:08:25 +01:00
FdaSilvaYY
dccd20d1b5 fix tab-space mixed indentation
No code change

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-09 09:09:55 +01:00
Andy Polyakov
3732f12c66 testlib/OpenSSL/Test.pm: address 5.10 warnings.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-06 09:44:50 +02:00
Andy Polyakov
9a2d2fb338 test/evp_test.c: exercise different combinations of data misalignment.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-05-06 09:41:24 +02:00
Matt Caswell
b273fcc565 Fix the no-tls option
The TLSProxy based tests don't work when TLS is disabled so we shouldn't
run them.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-04 10:20:02 +01:00
Dr. Stephen Henson
2c7fe4dc9a Add ASN.1 INTEGER tests.
Add tests for ASN.1 INTEGER: invalid tag, valid 0, 1, -1 and 0, -1 with
illegal padding.

Also add ASN1_ANY tests for 0, 1 and -1.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-05-03 13:06:15 +01:00
Dr. Stephen Henson
1b96ec1002 add ASN1_INTEGER type to d2i_test
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-05-03 13:06:15 +01:00
Dr. Stephen Henson
106cb95057 Add test for CVE-2016-2018
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-05-03 13:06:15 +01:00
Todd Short
e8408681b3 Secure memory fixes
Fix some of the variables to be (s)size_t, so that more than 1GB of
secure memory can be allocated. The arena has to be a power of 2, and
2GB fails because it ends up being a negative 32-bit signed number.

The |too_late| flag is not strictly necessary; it is easy to figure
out if something is secure memory by looking at the arena. As before,
secure memory allocations will not fail, but now they can be freed
correctly. Once initialized, secure memory can still be used, even if
allocations occured before initialization.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-02 12:58:03 -04:00
Matt Caswell
a1f41284d7 Misc tweaks for EBCDIC based on feedback received
Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-04-29 15:04:15 +01:00
Matt Caswell
97a982e2ee Fix the tests to work with EBCDIC
Most of the tests already pass with EBCIDC but a few were trying to
write into read only memory.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-04-29 15:04:15 +01:00
FdaSilvaYY
8483a003bf various spelling fixes
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/952)
2016-04-28 14:22:26 -04:00
Dr. Stephen Henson
9f13d4dd5e add test for CVE-2016-2109
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-23 00:29:04 +01:00
Dr. Stephen Henson
53e409db61 In d2i_test return error for malloc failure.
Bad ASN.1 data should never be able to trigger a malloc failure so return
an error in d2i_test if a malloc failure occurs.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-23 00:29:03 +01:00
Dr. Stephen Henson
48c1e15ceb Extensions to d2i_test.
Using ASN1_ITEM tables in d2i_test: this then uses consistent names and
makes it easier to extend.

Add bio, reencode and compare tests.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-04-22 15:00:36 +01:00
Rich Salz
596d6b7e1c Unified copyright for test recipes
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-22 07:58:47 -04:00
Richard Levitte
3f8f728278 Add a best effort test to check shared library consistency
Our main development platforms are of the Unix family, which doesn't
have the same strictness regarding a shared library being consistent
with the contents of the ld script (.map file, on Linux and Solaris)
as Windows is with the contents of the .def file or VMS is with the
linker symb_vector option.

To eliminate surprises, we therefore need to make sure to check that
the contents of the .map file is matched with the shared library, at
least to check that the shared library isn't missing any symbols that
should be present.

This test isn't absolutely perfect, as it will only check the symbols
that would be present on Linux / Solaris and will therefore miss those
that would only appear on Windows or VMS.  On the other hand, those
platform specific are few and far apart in time, so it's not likely
they will pose a problem.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-04-22 12:55:48 +02:00
Rich Salz
ac3d0e1377 Copyright consolidation; .pm and Configure
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-20 10:40:05 -04:00
Richard Levitte
45c6e23c97 Remove --classic build entirely
The Unix build was the last to retain the classic build scheme.  The
new unified scheme has matured enough, even though some details may
need polishing.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-20 16:04:56 +02:00
Rich Salz
e0a651945c Copyright consolidation: perl files
Add copyright to most .pl files
This does NOT cover any .pl file that has other copyright in it.
Most of those are Andy's but some are public domain.
Fix typo's in some existing files.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-20 09:45:40 -04:00
Rich Salz
14f051a0ae Make string_to_hex/hex_to_string public
Give the API new names, document it.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-18 09:02:11 -04:00
Rich Salz
9021a5dfb3 Rename some lowercase API's
Make OBJ_name_cmp internal
Rename idea_xxx to IDEA_xxx
Rename get_rfc_xxx to BN_get_rfc_xxx
Rename v3_addr and v3_asid functions to X509v3_...

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-18 08:22:00 -04:00
Rich Salz
f0e0fd51fd Make many X509_xxx types opaque.
Make X509_OBJECT, X509_STORE_CTX, X509_STORE, X509_LOOKUP,
and X509_LOOKUP_METHOD opaque.
Remove unused X509_CERT_FILE_CTX

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-04-15 13:21:43 -04:00
Matt Caswell
d90a6beb0e Fix no-stdio and no-autoalginit
no-stdio does not work with the apps. Since the tests also need the apps
it doesn't support that either. Therefore we disable building of both.

no-autoalginit is not compatible with the apps because it requires explicit
loading of the algorithms, and the apps don't do that. Therefore we disable
building the apps for this option. Similarly the tests depend on the apps
so we also disable the tests. Finally the whole point about no-autoalginit
is to avoid excessive executable sizes when doing static linking. Therefore
we disable "shared" if this option is selected.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-14 16:41:03 +01:00
Matt Caswell
627537ddf3 Fix AFALG kernel and headers mismatch problem
During Configure we attempt to check the kernel version of this platform
to see whether we can compile the AFALG engine. If the kernel version
looks recent enough then we enable AFALG. However when we compile
e_afalg.c we check the version of the linux headers. If there is a
mismatch between the linux headers and the currently running kernel then
we don't compile the AFLAG engine and continue. This was causing a link
error.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-14 10:09:31 +01:00
Viktor Dukhovni
5968d11a7a Don't use deprecated CONF_modules_free() in tests
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-14 00:34:11 -04:00
Matt Caswell
36d70ed519 Fix no-tls1_1 and no-tls1_2
The above config options were failing in test_ssl_old.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-13 09:03:56 +01:00
Matt Caswell
2af22b7dd5 Fix the no-tls option
The no-tls option was failing in the tests. This fixes it.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-11 14:29:02 +01:00
Matt Caswell
1595ca029c Fix the no-nextprotoneg option
Misc fixes to get no-nextprotoneg config option working again.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-11 14:22:43 +01:00
Emilia Kasper
50eadf2a24 Fix warnings exposed by clang-3.8
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-10 01:50:32 +02:00
Richard Levitte
578a00048d Don't check the generated ssl-tests configs on VMS
The simple reason is that the pre-generated files are mainly for Unix.
The VMS variants look slightly different, so comparing will always fail.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-04-09 21:44:35 +02:00
Richard Levitte
842a20638a VMS doesn't have directory separators in the same sense as Unix
Don't add / in file specs on VMS.  The directory "separator" is part
of the directory spec.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-04-09 21:44:35 +02:00
Matt Caswell
0aeddcfa61 Make DH opaque
Move the dh_st structure into an internal header file and provide
relevant accessors for the internal fields.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-09 10:10:55 +01:00
Andy Polyakov
02b91dcf1c test/[dane|evp_]test.c: BIO-fy file I/O.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-07 21:09:22 +02:00
Viktor Dukhovni
43341433a8 Suppress CT callback as appropriate
Suppress CT callbacks with aNULL or PSK ciphersuites that involve
no certificates.  Ditto when the certificate chain is validated via
DANE-TA(2) or DANE-EE(3) TLSA records.  Also skip SCT processing
when the chain is fails verification.

Move and consolidate CT callbacks from libcrypto to libssl.  We
also simplify the interface to SSL_{,CTX_}_enable_ct() which can
specify either a permissive mode that just collects information or
a strict mode that requires at least one valid SCT or else asks to
abort the connection.

Simplified SCT processing and options in s_client(1) which now has
just a simple pair of "-noct" vs. "-ct" options, the latter enables
the permissive callback so that we can complete the handshake and
report all relevant information.  When printing SCTs, print the
validation status if set and not valid.

Signed-off-by: Rob Percival <robpercival@google.com>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-04-07 14:41:34 -04:00
Richard Levitte
d1094383df OpenSSL::Test: when moving directory, affect env as well
The environment variables TOP, SRCTOP, BLDTOP, ...  are used to affect
the testing framework.  However, subprocesses may want to use them as
well, and therefore need their values corrected when we move to a
different directory.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-04-07 14:52:01 +02:00
Emilia Kasper
1d352bb192 Allow generate_ssl_tests.pl to find testlib
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-07 14:48:50 +02:00
Richard Levitte
2d5a82570a Better use BIO_snprintf() than snprintf(), in case the later isn't available
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-04-07 13:35:24 +02:00
Richard Levitte
9862e9aa98 Make the RSA structure opaque
Move rsa_st away from public headers.
Add accessor/writer functions for the public RSA data.
Adapt all other source to use the accessors and writers.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-04-06 16:19:17 +02:00
Matt Caswell
3e41ac3528 Fix no-ocsp
Misc fixes for no-ocsp

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-06 14:57:45 +01:00
FdaSilvaYY
f0e1fe7cc3 Add missing mem leak test activation and checks
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-06 06:17:21 -04:00
Emilia Kasper
69853045e1 Rename ssltest -> ssltest_old
ssltest_old.c is deprecated. New tests should use ssl_test.c, and the
recipes in 80-test_ssl_new.t

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-05 17:07:09 +02:00
Emilia Kasper
ababe86b96 testutil: return 1 on success
Require that test methods return 1 on success (not 0). This is more
customary for OpenSSL.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-05 17:05:40 +02:00
Emilia Kasper
453dfd8d5e New SSL test framework
Currently, SSL tests are configured via command-line switches to
ssltest.c. This results in a lot of duplication between ssltest.c and
apps, and a complex setup. ssltest.c is also simply old and needs
maintenance.

Instead, we already have a way to configure SSL servers and clients, so
we leverage that. SSL tests can now be configured from a configuration
file. Test servers and clients are configured using the standard
ssl_conf module. Additional test settings are configured via a test
configuration.

Moreover, since the CONF language involves unnecessary boilerplate, the
test conf itself is generated from a shorter Perl syntax.

The generated testcase files are checked in to the repo to make
it easier to verify that the intended test cases are in fact run; and to
simplify debugging failures.

To demonstrate the approach, min/max protocol tests are converted to the
new format. This change also fixes MinProtocol and MaxProtocol
handling. It was previously requested that an SSL_CTX have both the
server and client flags set for these commands; this clearly can never work.

Guide to this PR:
 - test/ssl_test.c - test framework
 - test/ssl_test_ctx.* - test configuration structure
 - test/handshake_helper.* - new SSL test handshaking code
 - test/ssl-tests/ - test configurations
 - test/generate_ssl_tests.pl - script for generating CONF-style test
   configurations from perl inputs

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-05 13:44:46 +02:00
Rich Salz
e771eea6d8 Revert "various spelling fixes"
This reverts commit 620d540bd4.
It wasn't reviewed.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-04 16:11:43 -04:00
FdaSilvaYY
620d540bd4 various spelling fixes
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-04 15:06:32 -04:00
Emilia Kasper
1400f013e1 Fix memory leaks in ASN.1
These leaks affect 1.1.0 dev branch only; introduced around commit
f93ad22f6a

Found with LibFuzzer

Reviewed-by: Ben Laurie <ben@openssl.org>
2016-04-04 13:26:06 +02:00
Viktor Dukhovni
fbb82a60dc Move peer chain security checks into x509_vfy.c
A new X509_VERIFY_PARAM_set_auth_level() function sets the
authentication security level.  For verification of SSL peers, this
is automatically set from the SSL security level.  Otherwise, for
now, the authentication security level remains at (effectively) 0
by default.

The new "-auth_level" verify(1) option is available in all the
command-line tools that support the standard verify(1) options.

New verify(1) tests added to check enforcement of chain signature
and public key security levels.  Also added new tests of enforcement
of the verify_depth limit.

Updated documentation.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-04-03 11:35:35 -04:00
Matt Caswell
6e9fa57c6d Make DSA_METHOD opaque
Move the dsa_method structure out of the public header file, and provide
getter and setter functions for creating and modifying custom DSA_METHODs.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-04-03 00:23:56 +01:00
Matt Caswell
1258396d73 Make the DSA structure opaque
Move the dsa_st structure out of the public header file. Add some accessor
functions to enable access to the internal fields, and update all internal
usage to use the new functions.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-04-03 00:23:56 +01:00
Richard Levitte
25c78440d2 Adapt some test recipes to the newer cmdstr()
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-02 23:13:42 +02:00
Richard Levitte
cb2ceb18f2 Enhance OpenSSL::Test::cmdstr to give cmd string variants
Within OpenSSL::Test, all commands end up existing in two variants,
one that has redirections that are needed internally to work well
together with the test harness, and one without those redirections.

Depending on what the result is going to be used for, the caller may
want one for or the other, so we give them the possibility.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-02 23:13:42 +02:00
Andy Polyakov
1fab06a665 crypto/blake2: make lowest-level function handle multiple blocks..
This minimizes inter-block overhead. Performance gain naturally
varies from case to case, up to 10% was spotted so far. There is
one thing to recognize, given same circumstances gain would be
higher faster computational part is. Or in other words biggest
improvement coefficient would have been observed with assembly.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-31 21:34:00 +02:00
Richard Levitte
349232d149 OpenSSL::Test: have cmdstr() return the true command.
On the other hand, have run() display the display variant.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-31 19:54:37 +02:00
Richard Levitte
d8a52304ae When looking for executables, don't forget the extension
Because some operating systems have executable extensions, typically
".exe", we need to append it when looking for files in test() and
app() (or rather, their subroutines).

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-31 19:54:37 +02:00
Richard Levitte
3eefcea116 When verbosity is requested, OpenSSL::Test::run() displays the command
It displays the command's exit code as well.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-03-30 18:44:18 +02:00
Richard Levitte
fbd361eaf8 Have OpenSsl..Test::app() and friends look for file in source as well
If the command file that app(), test(), perlapp(9 and perltest() are
looking for doesn't exist in the build tree, look for it in the source
tree as well.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-03-30 18:44:18 +02:00
Richard Levitte
7d9b2d53a2 Since OpenSSL::Test redirects stderr to /dev/null, don't do so in 80-test_ca.t
Since OpenSSL::Test only redirects stderr to /dev/null when being run
through non-verbose test harness, this change allows the stderr output
to be displayed when verbosity is requested.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-03-30 18:44:18 +02:00
Richard Levitte
b8fcd4f079 Add the option 'interpreter_args' to perlapps() and perltest()
The intention with that option is to allow extra flags to the perl
interpreter itself.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-03-30 18:44:18 +02:00
Viktor Dukhovni
4d9e33acb2 Require intermediate CAs to have basicConstraints CA:true.
Previously, it was sufficient to have certSign in keyUsage when the
basicConstraints extension was missing.  That is still accepted in
a trust anchor, but is no longer accepted in an intermediate CA.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-29 20:54:34 -04:00
Kurt Roeckx
b7dffce017 Add session reuse tests.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

MR: #2452
2016-03-27 23:59:04 +02:00
Richard Levitte
ce84456ddf Math::BigInt does floored divs, BN_div does truncated div, compensate
According to documentation, perl's Math::BigInt does floored division,
i.e. the bdiv function does 1 / -4 = -1.  OpenSSL's BN_div, as well as
bc, do truncated division, i.e. 1 / -4 = 0.

We need to compensate for that difference in test/recipes/bc.pl to
make sure to verify the bntest results under its own conditions, by
dividing the absolute values of the given numbers and fixup the
result's negativity afterwards.

Closes RT#4485

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-03-27 21:39:23 +02:00
Matt Caswell
f9e5503412 Fix no-sock
Misc fixes for no-sock

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-21 16:33:59 +00:00
Matt Caswell
83bd31da23 Fix no-scrypt
Fix the evp tests when no-scrypt is used.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-21 14:36:22 +00:00
Matt Caswell
18cb0221b9 Skip the CMS tests if CMS is disabled
This fixes the no-cms compile time option.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-03-21 14:33:40 +00:00
Matt Caswell
83ae8124de Fix no-dsa
Misc fixes for no-dsa.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-21 14:28:56 +00:00
Richard Levitte
007c80eae4 Remove the remainder of util/mk1mf.pl and companion scripts
This removes all scripts that deal with MINFO as well, since that's
only used by mk1mf.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-03-21 11:02:00 +01:00
Todd Short
0351baae36 Fix ALPN - more fixes
* Clear proposed, along with selected, before looking at ClientHello
* Add test case for above
* Clear NPN seen after selecting ALPN on server
* Minor documentation updates

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-20 21:09:32 -04:00
Richard Levitte
bec5e4ae0d Don't perform tsa tests if configured "no-ts"
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-19 01:25:37 +01:00
Matt Caswell
96bea0002b Fix no-des
Numerous fixes for no-des.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-18 17:07:11 +00:00
Matt Caswell
b4a3aeebd9 Fix no-cmac
There were a couple of CMAC references without OPENSSL_NO_CMAC guards.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-18 17:07:11 +00:00
Richard Levitte
ef33d13185 Add a test to see that signals are caught as failures
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-03-18 15:25:23 +01:00
Richard Levitte
2ef157afb9 Make OpenSSL::Test::run() sensitive to signals
$? in perl gets the status value from wait(2), which is a word with
the exit code in the upper half and the number of a raised signal in
the lower half.  OpenSSL::Test::run() ignored the signal half up until
now.

With this change, we recalculate an exit code the same way the Unix
shells do, using this formula:

    ($? & 0x7f) ? ($? & 0x7f)|0x80 : ($? >> 8);

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-03-18 15:25:23 +01:00
Matt Caswell
bb4cc75b1e Fix no-rc2 in the CMS test
The CMS test uses some RC2 keys which should be skipped if the RC2 is
disabled.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-18 12:09:27 +00:00
Rich Salz
1fbab1dc6f Remove Netware and OS/2
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-17 17:06:57 -04:00
Richard Levitte
a717738b45 Don't define OPENSSL_ENGINES in test recipes, do it in Makefiles instead
In most builds, we can assume that engines live in the build tree
subdirectory "engines".  This was hard coded into the tests that use
the engine ossltest.

However, that hard coding is tedious, it would need to be done in
every test recipe, and it's an incorrect assumption in some cases.

This change has us play it safe and let the build files tell the
testing framework where the engines are.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-03-17 10:10:59 +01:00
Rich Salz
748f254657 Sort cipher-list at runtime.
Reduces #ifdef complexity.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-03-16 22:21:25 -04:00
Matt Caswell
c521edc3a1 Some platforms provide getcontext() but it does not work
Some platforms claim to be POSIX but their getcontext() implementation
does not work. Therefore we update the ASYNC_is_capable() function to test
for this.

RT#4366

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-16 18:12:56 +01:00
Matt Caswell
5427976d9e Fix a TLSProxy race condition
TLSProxy starts s_server and specifies the number of client connects
it should expect. After that s_server is supposed to close down
automatically. However, if another test is then run then TLSProxy
will start a new instance of s_server. If the previous instance
hasn't closed down yet then the new instance can fail to bind to
the socket.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-15 23:46:50 +00:00
fbroda
08538fc0a5 General verify options to openssl ts
This commit adds the general verify options of ocsp, verify,
cms, etc. to the openssl timestamping app as suggested by
Stephen N. Henson in [openssl.org #4287]. The conflicting
"-policy" option of "openssl ts" has been renamed to
"-tspolicy". Documentation and tests have been updated.

CAVE: This will break code, which currently uses the "-policy"
option.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-15 18:42:53 +01:00
Emilia Kasper
c91a0a8343 Disable afalg when engine is disabled.
Also make it possible to disable afalg separately.

we still need to update config again

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-14 17:03:53 +01:00
Rich Salz
6f58da8811 Fix build break; add function declaration
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-11 20:36:33 -05:00
Richard Levitte
0a705cef0c When creating directory specs, use srctop_dir rather than srctop_file.
While insignificant on Unix like systems, this is significant on
systems like VMS.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-03-12 02:09:05 +01:00
Richard Levitte
239b84e592 Because bn_expand2 is declared non-static, it must not be static
That doesn't change even to make a dummy to hide its unavailability.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-12 01:13:18 +01:00
Kurt Roeckx
208527a75d Review comments
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-11 10:39:10 -05:00
Bill Cox
2d0b441267 Add blake2 support.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-11 10:39:10 -05:00
Rob Percival
b536958205 Surround ctx_set_ctlog_list_file() with #ifndef OPENSSL_NO_CT
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-11 09:05:46 -05:00
Matt Caswell
ad87a3dc2c Suppress CT warnings in test_ssl
Running test_ssl with HARNESS_VERBOSE results in lots of spurious warnings
about an inability to load the CT config file. This fixes it.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-11 13:52:26 +00:00
Richard Levitte
39dbb990a0 Avoid getting unresolved referense to bn_expand2 in test/bntest.c
Issue identified on Solaris by Erik Forsberg <erik@efca.com>

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-11 14:48:26 +01:00
Rob Percival
8359b57f27 check reviewer --reviewer=emilia
Remove 'log' field from SCT and related accessors

In order to still have access to an SCT's CTLOG when calling SCT_print,
SSL_CTX_get0_ctlog_store has been added.

Improved documentation for some CT functions in openssl/ssl.h.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-10 14:53:04 -05:00
Matt Caswell
0f1d814c23 No need to call EVP_CIPHER_CTX_init after EVP_CIPHER_CTX_new
The afalgtest was unnecessarily initing an EVP_CIPHER_CTX. It is not
needed and is deprecated.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-10 09:18:50 +00:00
Kurt Roeckx
885e601d97 Use version flexible method instead of fixed version
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

MR: #1824
2016-03-09 19:39:54 +01:00
Kurt Roeckx
0d5301aff9 Use minimum and maximum protocol version instead of version fixed methods
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

MR: #1824
2016-03-09 19:38:56 +01:00
Kurt Roeckx
1fc7d6664a Fix usage of OPENSSL_NO_*_METHOD
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

MR: #1824
2016-03-09 19:38:18 +01:00
Richard Levitte
67336ea400 Make ct_dir and certs_dir static in test/ct_test.c
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-03-09 17:58:02 +01:00
Richard Levitte
1bee9d6b6c Fix ct_test to not assume it's in the source directory
ct_test assumed it's run in the source directory and failed when built
elsewhere.  It still defaults to that, but can be told another story
with the environment variables CT_DIR and CERTS_DIR.

Test recipe updated to match.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-09 11:35:18 -05:00
Rob Percival
dc919c6935 Make SCT literals into const variables in ct_test.c
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-09 11:34:48 -05:00
Rob Percival
14db9bbd71 Removes SCT_LIST_set_source and SCT_LIST_set0_logs
Both of these functions can easily be implemented by callers instead.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-09 11:34:48 -05:00
Rob Percival
5c081a8f74 Remove unnecessary call to SCT_set1_extensions(sct, "", 0) in ct_test.c
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-09 11:34:48 -05:00
Rob Percival
9c812014c8 Use SCT_VERSION_V1 in place of literal 0 in ct_test.c
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-09 11:34:48 -05:00
Rob Percival
5da65ef23c Extensive application of __owur to CT functions that return a boolean
Also improves some documentation of those functions.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-09 11:34:48 -05:00
Richard Levitte
467bbe090b CT test can't run without EC, so skip it on that algo as well
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-03-09 17:13:23 +01:00
Richard Levitte
c469a9a81e Fix ct_test to not assume it's in the source directory
ct_test assumed it's run in the source directory and failed when built
elsewhere.  It still defaults to that, but can be told another story
with the environment variables CT_DIR and CERTS_DIR.

Test recipe updated to match.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-03-09 17:13:23 +01:00
Matt Caswell
2e52e7df51 Remove the old threading API
All OpenSSL code has now been transferred to use the new threading API,
so the old one is no longer used and can be removed. We provide some compat
macros for removed functions which are all no-ops.

There is now no longer a need to set locking callbacks!!

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-09 12:41:39 +00:00
Richard Levitte
2d32d3be15 Don't run the TLSProxy based tests in native Windows
There are issues binding listening ports.  This may be analyzed more
thoroughly later on.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-09 11:22:07 +01:00
Matt Caswell
bfd53c32cd Ensure CRYPTO_mem_leaks is the last thing we do
CRYPTO_mem_leaks de-inits the library, so we must not do anything
interesting after we've used it!

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-09 01:14:57 +00:00
Matt Caswell
f58cee8fb4 Fix memory leak in ssltest
The new Rand usage of Thread API exposed a bug in ssltest. ssltest "cheats"
and uses internal headers to directly call functions that normally you
wouldn't be able to do. This means that auto-init doesn't happen, and
therefore auto-deinit doesn't happen either, meaning that the new rand locks
don't get cleaned up properly.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-09 01:14:57 +00:00
Alessandro Ghedini
16203f7b71 Convert CRYPTO_LOCK_SSL_* to new multi-threading API
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 18:48:38 -05:00
Matt Caswell
b2d6aed499 Fix error in ssltest
Compiling ssltest with some compilers using --strict-warnings results in
complaints about an unused result.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-03-08 22:55:21 +00:00
Rich Salz
b76998b86c Fix build; ssltest
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-08 09:48:13 -05:00
Todd Short
817cd0d52f GH787: Fix ALPN
* Perform ALPN after the SNI callback; the SSL_CTX may change due to
  that processing
* Add flags to indicate that we actually sent ALPN, to properly error
  out if unexpectedly received.
* clean up ssl3_free() no need to explicitly clear when doing memset
* document ALPN functions

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-03-08 09:03:05 -05:00
Rob Percival
2b2b96847d Minor update to includes and documentation for ct_test.c
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-07 14:45:49 -05:00
Rob Percival
11c8bc42f7 Remove OPENSSL_NO_UNIT_TEST guard from ct_test.c
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-07 14:45:49 -05:00
Rob Percival
147e54a77e Fixes memory leaks in CT code
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-07 14:44:04 -05:00
Richard Levitte
fa657fc8df Make OpenSSL::Test::setup() a bit more forgiving
It was unexpected that OpenSSL::Test::setup() should be called twice
by the same recipe.  However, that may happen if a recipe combines
OpenSSL::Test and OpenSSL::Test::Simple, which can be a sensible thing
to do.  Therefore, we now allow it.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-07 19:04:28 +01:00
Billy Brumley
0543603abf documentation and duplicate goto statements
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-07 12:20:42 -05:00
Billy Brumley
a67788c17e move ifdef statements
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-07 12:20:42 -05:00
Billy Brumley
61f6774e9a NIST SP800-56A co-factor ECDH KATs
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-07 12:20:42 -05:00
Matt Caswell
a193388811 Fix some clang warnings
The af_alg engine and associated test were creating warnings when compiled
with clang. This fixes it.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-07 13:36:17 +00:00
Matt Caswell
e2524943ce Fix minor errors in the afalg test
The new afalg test should have a copyright date of 2016. Also an
incorrect buffer was being sent to EVP_CipherFinal_ex when
decrypting.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-07 13:36:17 +00:00
clucey
d245844010 Adding afalg test
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-03-07 13:36:17 +00:00
Richard Levitte
6928b6171a Change names of ordinals and libs, libeay => libcrypto and ssleay => libssl
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-05 09:02:33 +01:00
Rob Percival
dd696a55a2 Extends s_client to allow a basic CT policy to be enabled
Reviewed-by: Ben Laurie <ben@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-04 10:50:10 -05:00
Rob Percival
ed29e82ade Adds CT validation to SSL connections
Disabled by default, but can be enabled by setting the
ct_validation_callback on a SSL or SSL_CTX.

Reviewed-by: Ben Laurie <ben@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-04 10:50:10 -05:00
Alessandro Ghedini
aacfb134be GH355: Implement HKDF
This patch implements the HMAC-based Extract-and-Expand Key Derivation
Function (HKDF) as defined in RFC 5869.

It is required to implement the QUIC and TLS 1.3 protocols (among others).

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-03-03 18:21:20 -05:00
Emilia Kasper
062178678f Refactor ClientHello extension parsing
1) Simplify code with better PACKET methods.

2) Make broken SNI parsing explicit. SNI was intended to be extensible
to new name types but RFC 4366 defined the syntax inextensibly, and
OpenSSL has never parsed SNI in a way that would allow adding a new name
type. RFC 6066 fixed the definition but due to broken implementations
being widespread, it appears impossible to ever extend SNI.

3) Annotate resumption behaviour. OpenSSL doesn't currently handle all
extensions correctly upon resumption. Annotate for further clean-up.

4) Send an alert on ALPN protocol mismatch.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-03-03 13:53:26 +01:00
Dr. Stephen Henson
7d04be79db Generalise KDF test in evp_test.c
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-02 20:57:32 +00:00
Dr. Stephen Henson
2ff9e7432d Convert PRF tests to use Ctrl
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-02 20:57:32 +00:00
Dr. Stephen Henson
23a9808c4c Add Ctrl keyword to KDF test in evp_test
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-02 20:57:32 +00:00
Rob Percival
7d054e5ab2 CT policy validation
Specifies a callback that will, in the future, be used by the SSL code to
decide whether to abort a connection on Certificate Transparency grounds.

Reviewed-by: Ben Laurie <ben@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-01 20:03:25 +00:00