WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
15,589 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

32 Commits (2f29ca1092f81f6ac557aa0210ac8dbd3dab15e7)

Author SHA1 Message Date
Elms 12eddee104 scripts: fix tests for out of tree `distcheck` 
Copying or using certs from directory relative to scripts source directory.
 2021-02-08 10:43:31 -08:00
Daniel Pouzzner eeefe043ec scripts/: nix `timeout` wrappers in ocsp-stapling.test and ocsp-stapling2.test, for portability. 2020-12-16 17:31:53 -06:00
Daniel Pouzzner 139b0431cb ocsp-stapling*.test: prefix waited servers with "timeout 60" to avoid deadlock failure modes; grep output from "openssl s_client" in "test interop fail case" for expected error message ("self signed certificate in certificate chain"). 2020-10-28 17:28:05 -05:00
Daniel Pouzzner 94a3f86dcd scripts/ocsp-stapling*.test: check if IPv6 is supported by the installed openssl and nc executables, and if not, don't attempt to wrestle the version. with no IPv6 support, and an --enable-ipv6 wolfssl build, skip the test entirely. also, restore a couple -b (bind-all-interfaces) flags to examples/server/server recipes in case that's useful. 2020-10-28 17:28:05 -05:00
Daniel Pouzzner 7a5cbaa9bc fix scripts/ocsp-stapling*.test to accommodate IPv6 examples/ client/server build. 2020-10-28 17:28:05 -05:00
Sean Parkinson 60b0b0170b TLS OCSP Stapling: MUST staple option 
Can enable OCSP Must Staple option to mean that if the client sends a
request for an OCSP Staple then it must receive a response.
 2020-10-16 09:03:27 +10:00
Daniel Pouzzner 5ed2fe8092 scripts/: more race elimination/mitigation. 2020-09-17 12:03:44 -05:00
Daniel Pouzzner 26901d1cd9 scripts/ocsp-stapling2.test: eliminate races. 2020-09-17 12:03:44 -05:00
Daniel Pouzzner b669f8eeb9 scripts/: tweak scripts/include.am to run ocsp tests before rather than after testsuite and unit.test; revert POSIXish scripts/*.test to use /bin/sh. 2020-09-14 16:06:45 -05:00
Daniel Pouzzner d8dc6be5b9 scripts/ocsp-stapling2.test: try using a static prechecked port for the servers on ready_file5 too. 2020-09-12 01:13:35 -05:00
Daniel Pouzzner 51046d45d3 add bwrapping on all other scripts/*.test except those that make Internet connections, and remove test for setuid bit, as some systems are configured to not require setuid/CAP_NET_ADMIN for CLONE_NEWNET. 2020-09-12 00:20:38 -05:00
Daniel Pouzzner 1e9971f64c scripts/ocsp-stapling*.test: add bwrap attempt at top, to isolate network namespace. 2020-09-11 18:20:27 -05:00
Daniel Pouzzner 8f25456f86 scripts/ocsp-stapling*.test, wolfssl/test.h: refactor scripts/ocsp-stapling*.test for orthogonality and robustness, with retries and early failure detection. also, reduce sleeps in ocsp-stapling-with-ca-as-responder.test to 0.1, matching sleeps in other 2 scripts. finally, in wolfssl/test.h, #ifdef SO_REUSEPORT do that when binding ports, and add optional rendering of errno strings for failed syscalls using err_sys_with_errno() when -DDEBUG_TEST_ERR_SYS_WITH_ERRNO. 2020-09-11 15:30:37 -05:00
David Garske 6a984da53f Fixes and Improvements to OCSP scripts. Fix for OCSP test with IPV6 enabled (use `-b` bind to any on server). Fix to use random port number for the `oscp-stapling.test` script. Reduce delay times in scripts. 2020-08-25 10:55:41 -07:00
Jacob Barthelmeh 0a6b93fda2 add single quotes around -? in test scripts 2020-03-24 22:40:48 -06:00
Eric Blankenhorn b83804cb9d Correct misspellings and typos from codespell tool 2019-12-24 12:29:33 -06:00
Jacob Barthelmeh e4132d32a4 add ocsp test for more code coverage 2019-01-14 13:52:13 -07:00
Jacob Barthelmeh 6ac384793f memory management with OCSP requests 2019-01-14 09:49:50 -07:00
toddouska fc64788092
Merge pull request #1795 from SparkiDev/tls13_no_tls12 
Fixes to work when compiled with TLS 1.3 only
 2018-08-29 16:16:46 -07:00
Sean Parkinson 487c60df78 Fixes to work when compiled with TLS 1.3 only 
TLS 1.3 Early Data can be used with PSK and not session tickets.
If only TLS 1.3 and no session tickets then no resumption.
External sites don't support TLS 1.3 yet.
 2018-08-28 15:37:15 +10:00
Jacob Barthelmeh 46c04cafd3 change grep message for RSA key size with tests 2018-08-24 16:47:37 -06:00
Jacob Barthelmeh c3ab52ed44 key size check on ocsp-stapling2 test 2018-08-15 09:52:43 -06:00
kaleb-himes 280de47d06 Use pzero solutions on servers and clients in addition to ocsp responders 2018-08-10 14:17:17 -06:00
kaleb-himes c288a214b1 give servers time to shut-down after client connection 2018-08-10 11:57:35 -06:00
kaleb-himes 35dbf9a6fe address file restoration issue present when git not available 2018-08-10 10:24:42 -06:00
John Safranek f45dbed8f9 OCSP 
1. Modify the other OCSP Stapling scripts to better manage the OCSP responder.
2. Modify the client's W option to take:
 - 1 for Stapling v1
 - 2 for Stapling v2
 - 3 for Stapling v2 MULTI
3. Modify the client to disallow stapling v2 with TLSv1.3.
 2018-08-02 16:25:38 -07:00
kaleb-himes a178764a8b Portability and self-cleanup changes to ocsp test scripts 2018-08-02 09:47:13 -06:00
Moisés Guimarães 43c234029b adds a call to wolfSSL_CTX_EnableOCSPStapling() on client.c to fix ocspstapling2 tests and removes unnecessary 'kill ' from the test scripts 2017-12-26 22:32:21 -03:00
Moisés Guimarães a9d5dcae58 updates ocsp tests; adds check for OCSP response signed by issuer. 2017-06-21 14:12:12 -07:00
Chris Conlon 45c8ed1436 remove -X from ocsp stapling tests that are not external 2016-08-22 14:18:35 -06:00
Moisés Guimarães db7aab5e37 fixes ocsp stapling tests ignoring CRL 2016-06-17 08:19:57 -03:00
Moisés Guimarães ec9d23a9c3 Merge branch 'csr' 2015-12-28 19:38:04 -03:00