wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/test/ssl-tests
History
Matt Caswell f865b08143 Split configuration of TLSv1.3 ciphers from older ciphers 
With the current mechanism, old cipher strings that used to work in 1.1.0,
may inadvertently disable all TLSv1.3 ciphersuites causing connections to
fail. This is confusing for users.

In reality TLSv1.3 are quite different to older ciphers. They are much
simpler and there are only a small number of them so, arguably, they don't
need the same level of control that the older ciphers have.

This change splits the configuration of TLSv1.3 ciphers from older ones.
By default the TLSv1.3 ciphers are on, so you cannot inadvertently disable
them through your existing config.

Fixes #5359

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5392)
2018-03-14 10:15:50 +00:00
..
01-simple.conf Use PSS for simple test so TLS 1.3 handhake is successful. 2017-01-30 13:00:17 +00:00
01-simple.conf.in Use PSS for simple test so TLS 1.3 handhake is successful. 2017-01-30 13:00:17 +00:00
02-protocol-version.conf Split configuration of TLSv1.3 ciphers from older ciphers 2018-03-14 10:15:50 +00:00
02-protocol-version.conf.in
03-custom_verify.conf
03-custom_verify.conf.in
04-client_auth.conf Add Client CA names tests 2017-03-16 18:07:19 +00:00
04-client_auth.conf.in Add SCTP testing for 04-client_auth.conf 2017-04-25 11:13:39 +01:00
05-sni.conf Rename SSL_CTX_set_early_cb to SSL_CTX_set_client_hello_cb. 2017-09-08 13:58:59 -05:00
05-sni.conf.in Rename SSL_CTX_set_early_cb to SSL_CTX_set_client_hello_cb. 2017-09-08 13:58:59 -05:00
06-sni-ticket.conf Session resume broken switching contexts 2017-10-04 10:21:08 +10:00
06-sni-ticket.conf.in Session resume broken switching contexts 2017-10-04 10:21:08 +10:00
07-dtls-protocol-version.conf
07-dtls-protocol-version.conf.in
08-npn.conf Start using the key_share data to derive the PMS 2016-11-16 10:09:46 +00:00
08-npn.conf.in Start using the key_share data to derive the PMS 2016-11-16 10:09:46 +00:00
09-alpn.conf Re-enable ALPN resumption tests where we are using TLSv1.3 2017-01-30 10:18:22 +00:00
09-alpn.conf.in Re-enable ALPN resumption tests where we are using TLSv1.3 2017-01-30 10:18:22 +00:00
10-resumption.conf Enable TLSv1.3 by default 2018-02-07 21:34:18 +00:00
10-resumption.conf.in
11-dtls_resumption.conf
11-dtls_resumption.conf.in
12-ct.conf Add SSL tests for certificates with embedded SCTs 2017-04-12 19:08:57 +02:00
12-ct.conf.in Add SSL tests for certificates with embedded SCTs 2017-04-12 19:08:57 +02:00
13-fragmentation.conf Implement Maximum Fragment Length TLS extension. 2017-11-05 17:46:48 +01:00
13-fragmentation.conf.in Copyright update of more files that have changed this year 2018-01-19 13:34:03 +01:00
14-curves.conf Update tests for TLS Ed448 2018-03-05 11:39:44 +00:00
14-curves.conf.in Update tests for TLS Ed448 2018-03-05 11:39:44 +00:00
15-certstatus.conf
15-certstatus.conf.in
16-certstatus.conf
16-dtls-certstatus.conf
16-dtls-certstatus.conf.in Add SCTP testing to 16-dtls-certstatus.conf 2017-04-25 11:13:39 +01:00
17-renegotiate.conf Fix #2400 Add NO_RENEGOTIATE option 2017-06-06 22:39:41 +01:00
17-renegotiate.conf.in Fix #2400 Add NO_RENEGOTIATE option 2017-06-06 22:39:41 +01:00
18-dtls-renegotiate.conf Fix issue in 18-dtls-renegotiate.conf.in 2017-04-25 11:13:39 +01:00
18-dtls-renegotiate.conf.in Fix issue in 18-dtls-renegotiate.conf.in 2017-04-25 11:13:39 +01:00
19-mac-then-encrypt.conf Add a ciphersuite config sanity check for clients 2017-04-26 14:31:00 +01:00
19-mac-then-encrypt.conf.in Add a ciphersuite config sanity check for clients 2017-04-26 14:31:00 +01:00
20-cert-select.conf Update tests for TLS Ed448 2018-03-05 11:39:44 +00:00
20-cert-select.conf.in Update tests for TLS Ed448 2018-03-05 11:39:44 +00:00
21-key-update.conf Add some KeyUpdate tests 2017-02-17 10:28:01 +00:00
21-key-update.conf.in Add some KeyUpdate tests 2017-02-17 10:28:01 +00:00
22-compression.conf Enable TLSv1.3 by default 2018-02-07 21:34:18 +00:00
22-compression.conf.in Add compression tests 2017-03-02 16:49:28 +00:00
23-srp.conf Add a ciphersuite config sanity check for servers 2017-04-26 14:31:00 +01:00
23-srp.conf.in Add a ciphersuite config sanity check for servers 2017-04-26 14:31:00 +01:00
24-padding.conf TLS1.3 Padding 2017-05-02 09:44:43 +01:00
24-padding.conf.in TLS1.3 Padding 2017-05-02 09:44:43 +01:00
25-cipher.conf Don't expect a POLY1305 ciphersuite when using no-poly1305 2017-12-11 09:41:59 +00:00
25-cipher.conf.in Fix no-chacha 2017-12-11 09:41:59 +00:00
26-tls13_client_auth.conf Add TLSv1.3 post-handshake authentication (PHA) 2018-02-01 17:07:56 +00:00
26-tls13_client_auth.conf.in Add TLSv1.3 post-handshake authentication (PHA) 2018-02-01 17:07:56 +00:00
27-ticket-appdata.conf Session Ticket app data 2018-03-12 10:31:09 +00:00
27-ticket-appdata.conf.in Session Ticket app data 2018-03-12 10:31:09 +00:00
protocol_version.pm Split configuration of TLSv1.3 ciphers from older ciphers 2018-03-14 10:15:50 +00:00
ssltests_base.pm Add and use function test_pem to work out test filenames. 2017-02-17 16:33:12 +00:00