Commit graph

15 commits

Author SHA1 Message Date
Matt Caswell
3e41ac3528 Fix no-ocsp
Misc fixes for no-ocsp

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-06 14:57:45 +01:00
Richard Levitte
25c78440d2 Adapt some test recipes to the newer cmdstr()
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-02 23:13:42 +02:00
Matt Caswell
f9e5503412 Fix no-sock
Misc fixes for no-sock

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-21 16:33:59 +00:00
Richard Levitte
a717738b45 Don't define OPENSSL_ENGINES in test recipes, do it in Makefiles instead
In most builds, we can assume that engines live in the build tree
subdirectory "engines".  This was hard coded into the tests that use
the engine ossltest.

However, that hard coding is tedious, it would need to be done in
every test recipe, and it's an incorrect assumption in some cases.

This change has us play it safe and let the build files tell the
testing framework where the engines are.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-03-17 10:10:59 +01:00
Richard Levitte
2d32d3be15 Don't run the TLSProxy based tests in native Windows
There are issues binding listening ports.  This may be analyzed more
thoroughly later on.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-09 11:22:07 +01:00
Richard Levitte
19ab579060 Use $disabled{"dynamic-engine"} internally
We were kinda sorta using a mix of $disabled{"static-engine" and
$disabled{"dynamic-engine"} in Configure.  Let's avoid confusion,
choose one of them and stick to it.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-22 14:38:31 +01:00
Richard Levitte
2dd400bd43 Run the TLSProxy based tests as long as dynamic engines are built.
They depend on this feature because they use the engine ossltest,
which is only available as a dynamic engine.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-20 16:51:31 +01:00
Emilia Kasper
aa474d1fb1 TLS: reject duplicate extensions
Adapted from BoringSSL. Added a test.

The extension parsing code is already attempting to already handle this for
some individual extensions, but it is doing so inconsistently. Duplicate
efforts in individual extension parsing will be cleaned up in a follow-up.

Reviewed-by: Stephen Henson <steve@openssl.org>
2016-02-19 17:24:44 +01:00
Richard Levitte
b44b935e39 Let all TLSProxy based tests display debug text conditionally
If the environment variable HARNESS_ACTIVE isn't defined or
HARNESS_VERBOSE is defined, it's probable that lots of output is
desired.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-12 20:56:46 +01:00
Richard Levitte
42e0ccdfe8 unified build scheme: adjust test framework for out of source build tree
To be able to run tests when we've built in a directory other than
the source tree, the testing framework needs a few adjustments.

test/testlib/OpenSSL/Test.pm needs to know where it can find
shlib_wrap.sh, and a number of other tests need to be told a different
place to find engines than what they may be able to figure out on
their own.  Relying to $TOP is not enough, $SRCTOP and $BLDTOP can be
used as an alternative.

As part of this change, top_file and top_dir are removed and
srctop_file, bldtop_file, srctop_dir and bldtop_dir take their place.

Reviewed-by: Ben Laurie <ben@openssl.org>
2016-02-09 11:43:20 +01:00
Richard Levitte
90d48e5ea0 Use the new OpenSSL::Test::Utils routines.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-26 09:53:36 +01:00
Richard Levitte
83365051f5 Make tests use configdata.pm rather than parsing Makefile
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-25 17:53:55 +01:00
Richard Levitte
3f22ed2fcf The TLSProxy tests can't run if no-engine has been configured
Make sure they detect that.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-17 00:25:44 +01:00
Richard Levitte
60f9f1e1c8 VMS perl doesn't implement fork(), so don't run the TLSProxy tests there
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-13 19:00:14 +01:00
Matt Caswell
ef96e4a28f Add test for missing CertificateStatus message
If the client sends a status_request extension in the ClientHello
and the server responds with a status_request extension in the
ServerHello then normally the server will also later send a
CertificateStatus message. However this message is *optional* even
if the extensions were sent. This adds a test to ensure that if
the extensions are sent then we can still omit the message.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2015-12-27 21:59:04 +00:00