wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/test/recipes
History
Viktor Dukhovni 43341433a8 Suppress CT callback as appropriate 
Suppress CT callbacks with aNULL or PSK ciphersuites that involve
no certificates.  Ditto when the certificate chain is validated via
DANE-TA(2) or DANE-EE(3) TLSA records.  Also skip SCT processing
when the chain is fails verification.

Move and consolidate CT callbacks from libcrypto to libssl.  We
also simplify the interface to SSL_{,CTX_}_enable_ct() which can
specify either a permissive mode that just collects information or
a strict mode that requires at least one valid SCT or else asks to
abort the connection.

Simplified SCT processing and options in s_client(1) which now has
just a simple pair of "-noct" vs. "-ct" options, the latter enables
the permissive callback so that we can complete the handshake and
report all relevant information.  When printing SCTs, print the
validation status if set and not valid.

Signed-off-by: Rob Percival <robpercival@google.com>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-04-07 14:41:34 -04:00
..
01-test_abort.t Add a test to see that signals are caught as failures 2016-03-18 15:25:23 +01:00
01-test_ordinals.t Change names of ordinals and libs, libeay => libcrypto and ssleay => libssl 2016-03-05 09:02:33 +01:00
05-test_bf.t Simplify very simple test recipes further. 2015-09-07 16:10:58 +02:00
05-test_cast.t Simplify very simple test recipes further. 2015-09-07 16:10:58 +02:00
05-test_des.t Simplify very simple test recipes further. 2015-09-07 16:10:58 +02:00
05-test_hmac.t Fix a few tests that depended on the wrong algorithm check 2015-09-08 02:47:30 +02:00
05-test_idea.t Simplify very simple test recipes further. 2015-09-07 16:10:58 +02:00
05-test_md2.t Simplify very simple test recipes further. 2015-09-07 16:10:58 +02:00
05-test_md4.t Simplify very simple test recipes further. 2015-09-07 16:10:58 +02:00
05-test_md5.t Simplify very simple test recipes further. 2015-09-07 16:10:58 +02:00
05-test_mdc2.t Simplify very simple test recipes further. 2015-09-07 16:10:58 +02:00
05-test_rand.t Simplify very simple test recipes further. 2015-09-07 16:10:58 +02:00
05-test_rc2.t Simplify very simple test recipes further. 2015-09-07 16:10:58 +02:00
05-test_rc4.t Simplify very simple test recipes further. 2015-09-07 16:10:58 +02:00
05-test_rc5.t Simplify very simple test recipes further. 2015-09-07 16:10:58 +02:00
05-test_rmd.t Simplify very simple test recipes further. 2015-09-07 16:10:58 +02:00
05-test_sha1.t Correct sha tests 2015-09-20 02:06:51 +02:00
05-test_sha256.t Correct sha tests 2015-09-20 02:06:51 +02:00
05-test_sha512.t Correct sha tests 2015-09-20 02:06:51 +02:00
05-test_wp.t Correct whirlpool test 2015-09-20 02:06:51 +02:00
10-test_bn.t unified build scheme: adjust test framework for out of source build tree 2016-02-09 11:43:20 +01:00
10-test_exp.t Simplify very simple test recipes further. 2015-09-07 16:10:58 +02:00
15-test_dh.t Simplify very simple test recipes further. 2015-09-07 16:10:58 +02:00
15-test_dsa.t unified build scheme: adjust test framework for out of source build tree 2016-02-09 11:43:20 +01:00
15-test_ec.t unified build scheme: adjust test framework for out of source build tree 2016-02-09 11:43:20 +01:00
15-test_ecdh.t Fix a few tests that depended on the wrong algorithm check 2015-09-08 02:47:30 +02:00
15-test_ecdsa.t Fix a few tests that depended on the wrong algorithm check 2015-09-08 02:47:30 +02:00
15-test_rsa.t unified build scheme: adjust test framework for out of source build tree 2016-02-09 11:43:20 +01:00
20-test_enc.t unified build scheme: adjust test framework for out of source build tree 2016-02-09 11:43:20 +01:00
25-test_crl.t unified build scheme: adjust test framework for out of source build tree 2016-02-09 11:43:20 +01:00
25-test_d2i.t Fix memory leaks in ASN.1 2016-04-04 13:26:06 +02:00
25-test_gen.t unified build scheme: adjust test framework for out of source build tree 2016-02-09 11:43:20 +01:00
25-test_pkcs7.t unified build scheme: adjust test framework for out of source build tree 2016-02-09 11:43:20 +01:00
25-test_req.t unified build scheme: adjust test framework for out of source build tree 2016-02-09 11:43:20 +01:00
25-test_sid.t unified build scheme: adjust test framework for out of source build tree 2016-02-09 11:43:20 +01:00
25-test_verify.t Move peer chain security checks into x509_vfy.c 2016-04-03 11:35:35 -04:00
25-test_x509.t unified build scheme: adjust test framework for out of source build tree 2016-02-09 11:43:20 +01:00
30-test_afalg.t Disable afalg when engine is disabled. 2016-03-14 17:03:53 +01:00
30-test_engine.t Change OpenSSL::Test to be an extension of Test::More 2015-09-07 16:10:58 +02:00
30-test_evp.t unified build scheme: adjust test framework for out of source build tree 2016-02-09 11:43:20 +01:00
30-test_evp_extra.t Change OpenSSL::Test to be an extension of Test::More 2015-09-07 16:10:58 +02:00
30-test_pbelu.t Add a recipe for the new pbelu test 2015-09-07 16:10:58 +02:00
40-test_rehash.t GH753: More spelling fix 2016-02-27 10:58:16 -05:00
70-test_clienthello.t Have 70-test_clienthello.t be selective on when it can be run 2016-02-04 10:55:38 +01:00
70-test_packet.t Correct test name 2015-09-07 16:10:58 +02:00
70-test_sslcertstatus.t Fix no-ocsp 2016-04-06 14:57:45 +01:00
70-test_sslextension.t Adapt some test recipes to the newer cmdstr() 2016-04-02 23:13:42 +02:00
70-test_sslsessiontick.t Adapt some test recipes to the newer cmdstr() 2016-04-02 23:13:42 +02:00
70-test_sslskewith0p.t Adapt some test recipes to the newer cmdstr() 2016-04-02 23:13:42 +02:00
70-test_sslvertol.t Adapt some test recipes to the newer cmdstr() 2016-04-02 23:13:42 +02:00
70-test_tlsextms.t Adapt some test recipes to the newer cmdstr() 2016-04-02 23:13:42 +02:00
70-test_verify_extra.t unified build scheme: adjust test framework for out of source build tree 2016-02-09 11:43:20 +01:00
80-test_ca.t Adapt some test recipes to the newer cmdstr() 2016-04-02 23:13:42 +02:00
80-test_cms.t Skip the CMS tests if CMS is disabled 2016-03-21 14:33:40 +00:00
80-test_ct.t When creating directory specs, use srctop_dir rather than srctop_file. 2016-03-12 02:09:05 +01:00
80-test_dane.t unified build scheme: adjust test framework for out of source build tree 2016-02-09 11:43:20 +01:00
80-test_dtlsv1listen.t Add tests for DTLSv1_listen 2016-02-05 20:47:36 +00:00
80-test_ocsp.t Fix no-ocsp 2016-04-06 14:57:45 +01:00
80-test_ssl_new.t Allow generate_ssl_tests.pl to find testlib 2016-04-07 14:48:50 +02:00
80-test_ssl_old.t Suppress CT callback as appropriate 2016-04-07 14:41:34 -04:00
80-test_ssl_test_ctx.t New SSL test framework 2016-04-05 13:44:46 +02:00
80-test_tsa.t Adapt some test recipes to the newer cmdstr() 2016-04-02 23:13:42 +02:00
90-test_async.t Add ASYNC tests 2015-11-20 23:34:35 +00:00
90-test_constant_time.t Simplify very simple test recipes further. 2015-09-07 16:10:58 +02:00
90-test_gmdiff.t Add a recipe for the new gmdiff test 2015-09-07 16:10:58 +02:00
90-test_heartbeat.t Remove TLS heartbeat, disable DTLS heartbeat 2016-02-11 12:57:26 -05:00
90-test_ige.t Simplify very simple test recipes further. 2015-09-07 16:10:58 +02:00
90-test_memleak.t Enable/disable crypto-mdebug just like other features 2016-01-11 02:41:16 +00:00
90-test_networking.t Adapt some test recipes to the newer cmdstr() 2016-04-02 23:13:42 +02:00
90-test_np.t Add a recipe for the new null pointer test 2015-09-07 16:10:59 +02:00
90-test_p5_crpt2.t Simplify very simple test recipes further. 2015-09-07 16:10:58 +02:00
90-test_secmem.t Correct test name 2015-09-07 16:10:58 +02:00
90-test_srp.t Correct srp test 2015-09-20 02:06:51 +02:00
90-test_threads.t Implement new multi-threading API 2016-02-26 10:00:36 +00:00
90-test_v3name.t Simplify very simple test recipes further. 2015-09-07 16:10:58 +02:00
bc.pl Math::BigInt does floored divs, BN_div does truncated div, compensate 2016-03-27 21:39:23 +02:00
tconversion.pl unified build scheme: adjust test framework for out of source build tree 2016-02-09 11:43:20 +01:00