openssl/test
Emilia Kasper aa474d1fb1 TLS: reject duplicate extensions
Adapted from BoringSSL. Added a test.

The extension parsing code is already attempting to already handle this for
some individual extensions, but it is doing so inconsistently. Duplicate
efforts in individual extension parsing will be cleaned up in a follow-up.

Reviewed-by: Stephen Henson <steve@openssl.org>
2016-02-19 17:24:44 +01:00
..
Attic Remove old testing scripts out of the way. 2015-09-07 16:10:58 +02:00
certs Suppress DANE TLSA reflection when verification fails 2016-02-08 14:46:09 -05:00
ocsp-tests Fix OCSP checking. 2012-12-07 18:47:47 +00:00
recipes TLS: reject duplicate extensions 2016-02-19 17:24:44 +01:00
smime-certs Add X9.42 DH certificate to S/MIME test 2013-08-05 16:23:22 +01:00
testlib/OpenSSL Rethink logging of test recipes 2016-02-12 20:56:46 +01:00
asynctest.c Auto init/deinit libcrypto 2016-02-09 15:11:38 +00:00
bftest.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
bntest.c Clean up the tests for auto-init/de-init 2016-02-09 15:11:38 +00:00
build.info Remove JPAKE 2016-02-17 09:46:10 -05:00
CAss.cnf GH645: Fix typo: ctificates -> certificates 2016-02-09 11:05:22 -05:00
CAssdh.cnf Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
CAssdsa.cnf Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
CAssrsa.cnf Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
casttest.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
CAtsa.cnf Use better defaults for TSA. 2015-11-20 13:40:53 +00:00
clienthellotest.c Clean up the tests for auto-init/de-init 2016-02-09 15:11:38 +00:00
cms-examples.pl Use "cont" consistently in cms-examples.pl 2008-05-01 23:30:06 +00:00
constant_time_test.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
danetest.c Make sure to use unsigned char for is*() functions 2016-02-14 19:31:55 +01:00
danetest.in Suppress DANE TLSA reflection when verification fails 2016-02-08 14:46:09 -05:00
danetest.pem DANE support for X509_verify_cert() 2016-01-07 13:48:59 -05:00
destest.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
dhtest.c Add a test for small subgroup attacks on DH/DHE 2016-01-28 14:41:19 +00:00
dsatest.c Clean up the tests for auto-init/de-init 2016-02-09 15:11:38 +00:00
dtlsv1listentest.c fix warnings on 32 bit builds 2016-02-13 02:29:25 +00:00
dummytest.c Rename some BUF_xxx to OPENSSL_xxx 2015-12-16 16:14:49 -05:00
ecdhtest.c Clean up the tests for auto-init/de-init 2016-02-09 15:11:38 +00:00
ecdsatest.c Clean up the tests for auto-init/de-init 2016-02-09 15:11:38 +00:00
ectest.c Clean up the tests for auto-init/de-init 2016-02-09 15:11:38 +00:00
enginetest.c Clean up the tests for auto-init/de-init 2016-02-09 15:11:38 +00:00
evp_extra_test.c Clean up the tests for auto-init/de-init 2016-02-09 15:11:38 +00:00
evp_test.c Clean up the tests for auto-init/de-init 2016-02-09 15:11:38 +00:00
evptests.txt x86[_64] assembly pack: add ChaCha20 and Poly1305 modules. 2016-02-10 10:31:14 +01:00
exdatatest.c ex_data part 2: doc fixes and CRYPTO_free_ex_index. 2015-12-01 11:48:37 -05:00
exptest.c Clean up the tests for auto-init/de-init 2016-02-09 15:11:38 +00:00
gmdifftest.c Check OPENSSL_gmtime_diff 2015-09-02 23:03:43 -04:00
heartbeat_test.c Remove TLS heartbeat, disable DTLS heartbeat 2016-02-11 12:57:26 -05:00
hmactest.c RT3095: allow NULL key for single-shot HMAC 2016-02-04 13:01:32 +01:00
ideatest.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
igetest.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
Makefile.in Remove all special make depend flags, as well as OPENSSL_DOING_MAKEDEPEND 2016-02-18 23:43:09 +01:00
md2test.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
md4test.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
md5test.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
mdc2test.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
memleaktest.c Update leak test to check return values. 2016-01-11 02:41:16 +00:00
methtest.c Clean up the tests for auto-init/de-init 2016-02-09 15:11:38 +00:00
nptest.c Test for NULL ptr == 0 2015-09-04 14:30:38 -04:00
P1ss.cnf Use 2K RSA and SHA256 in tests 2015-04-20 07:23:04 -04:00
P2ss.cnf Use 2K RSA and SHA256 in tests 2015-04-20 07:23:04 -04:00
p5_crpt2_test.c Rename INIT funtions, deprecate old ones. 2016-02-10 09:37:03 -05:00
packettest.c constify PACKET 2016-02-01 16:21:57 +01:00
pbelutest.c PBE lookup test 2015-09-03 18:37:27 +01:00
pkcs7-1.pem
pkcs7.pem
pkits-test.pl detect and use older PKITS data 2011-12-11 16:39:25 +00:00
r160test.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
randtest.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
rc2test.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
rc4test.c Don't call cpuid in test; done as init. 2016-02-14 16:36:41 -05:00
rc5test.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
README Add documentation for the new testing framework 2015-09-07 16:10:58 +02:00
rmdtest.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
rsa_test.c Clean up the tests for auto-init/de-init 2016-02-09 15:11:38 +00:00
run_tests.pl unified build scheme: adjust test framework for out of source build tree 2016-02-09 11:43:20 +01:00
secmemtest.c Fixup secmemtest for the change of CRYPTO_free() and friends 2016-02-17 12:27:53 +01:00
serverinfo.pem Require ServerInfo PEMs to be named "BEGIN SERVERINFO FOR"... 2013-09-13 19:32:55 -07:00
sha1test.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
sha256t.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
sha512t.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
smcont.txt Add extensive PCKS7 and CMS consistency test script. 2008-03-18 14:37:59 +00:00
srptest.c Clean up the tests for auto-init/de-init 2016-02-09 15:11:38 +00:00
ssltest.c Clean up the tests for auto-init/de-init 2016-02-09 15:11:38 +00:00
Sssdsa.cnf Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
Sssrsa.cnf Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
test.cnf Use 2K RSA and SHA256 in tests 2015-04-20 07:23:04 -04:00
test_aesni test_aesni: harmonize with AES-NI support at EVP layer. 2012-07-15 13:38:51 +00:00
test_padlock Update test/test_padlock script. 2009-04-27 19:04:23 +00:00
test_t4 Add support for SPARC T4 DES opcode. 2013-03-31 14:32:05 +02:00
testcrl.pem
testdsa.pem Add private/public key conversion tests 2015-03-29 03:26:12 +01:00
testdsapub.pem Add private/public key conversion tests 2015-03-29 03:26:12 +01:00
testec-p256.pem Add private/public key conversion tests 2015-03-29 03:26:12 +01:00
testecpub-p256.pem Add private/public key conversion tests 2015-03-29 03:26:12 +01:00
testp7.pem Change PKCS#7 test data to take account of removal of 2000-08-25 01:29:41 +00:00
testreq2.pem
testrsa.pem
testrsapub.pem Add private/public key conversion tests 2015-03-29 03:26:12 +01:00
testsid.pem Remove SSLv2 support 2014-12-04 11:55:03 +01:00
testutil.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
testutil.h Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
testx509.pem
times Updates from 1.0.0-stable branch. 2009-04-20 11:33:12 +00:00
Uss.cnf Create DSA and ECDSA certificates. 2015-09-02 21:22:44 +01:00
v3-cert1.pem
v3-cert2.pem
v3nametest.c NGX-2040 - fix wildcard match on punycode/IDNA DNS names 2016-01-15 14:46:58 -05:00
verify_extra_test.c Clean up the tests for auto-init/de-init 2016-02-09 15:11:38 +00:00
wp_test.c Enable -Wmissing-variable-declarations and 2015-09-11 04:51:55 +01:00

How to add recipes
==================

For any test that you want to perform, you write a script located in
test/recipes/, named {nn}-test_{name}.t, where {nn} is a two digit number and
{name} is a unique name of your choice.

Please note that if a test involves a new testing executable, you will need to
do some additions in test/Makefile.  More on this later.


Naming convetions
=================

A test executable is named test/{name}test.c

A test recipe is named test/recipes/{nn}-test_{name}.t, where {nn} is a two
digit number and {name} is a unique name of your choice.

The number {nn} is (somewhat loosely) grouped as follows:

05  individual symmetric cipher algorithms
10  math (bignum)
15  individual asymmetric cipher algorithms
20  openssl enc
25  certificate forms, generation and verification
30  engine and evp
70  PACKET layer
80  "larger" protocols (CA, CMS, OCSP, SSL, TSA)
90  misc


A recipe that just runs a test executable
=========================================

A script that just runs a program looks like this:

    #! /usr/bin/perl
    
    use OpenSSL::Test::Simple;
    
    simple_test("test_{name}", "{name}test", "{name}");

{name} is the unique name you have chosen for your test.

The second argument to `simple_test' is the test executable, and `simple_test'
expects it to be located in test/

For documentation on OpenSSL::Test::Simple, do
`perldoc test/testlib/OpenSSL/Test/Simple.pm'.


A recipe that runs a more complex test
======================================

For more complex tests, you will need to read up on Test::More and
OpenSSL::Test.  Test::More is normally preinstalled, do `man Test::More' for
documentation.  For OpenSSL::Test, do `perldoc test/testlib/OpenSSL/Test.pm'.

A script to start from could be this:

    #! /usr/bin/perl
    
    use strict;
    use warnings;
    use OpenSSL::Test;
    
    setup("test_{name}");
    
    plan tests => 2;                # The number of tests being performed
    
    ok(test1, "test1");
    ok(test2, "test1");
    
    sub test1
    {
        # test feature 1
    }
    
    sub test2
    {
        # test feature 2
    }
    

Changes to test/Makefile
========================

Whenever a new test involves a new test executable you need to do the
following (at all times, replace {NAME} and {name} with the name of your
test):

* among the variables for test executables at the beginning, add a line like
  this:

    {NAME}TEST= {name}test

* add `$({NAME}TEST)$(EXE_EXT)' to the assignment of EXE:

* add `$({NAME}TEST).o' to the assignment of OBJ:

* add `$({NAME}TEST).c' to the assignment of SRC:

* add the following lines for building the executable:

    $({NAME}TEST)$(EXE_EXT): $({NAME}TEST).o $(DLIBCRYPTO)
           @target=$({NAME}TEST); $(BUILD_CMD)