Paul Bakker
1ebc0c592c
Fix typos
2014-05-22 15:47:58 +02:00
Manuel Pégourié-Gonnard
2594859bc6
Add CCM suites to compat.sh (self-op only)
2014-05-22 14:36:02 +02:00
Paul Bakker
17b85cbd69
Merged additional tests and improved code coverage
...
Conflicts:
ChangeLog
2014-04-08 14:38:48 +02:00
Manuel Pégourié-Gonnard
563ad02663
Fix final report in compat.sh
...
Only affect what's printed, the exit code was already correct.
2014-04-08 11:56:35 +02:00
Manuel Pégourié-Gonnard
913030c286
Enable SSLv2 testing if OPENSSL_CMD is set
2014-04-04 16:33:01 +02:00
Manuel Pégourié-Gonnard
e9a9a61c61
Deduplicate suites in compat.sh
2014-03-26 12:58:56 +01:00
Manuel Pégourié-Gonnard
12b8472f2f
Test against GnuTLS for every common ciphersuite
2014-03-26 12:58:54 +01:00
Manuel Pégourié-Gonnard
a1a9f9a639
Allow GnuTLS to be enabled via environment
2014-03-26 12:58:53 +01:00
Manuel Pégourié-Gonnard
e01af4cd37
Tune compat.sh and ssl-opt.sh error reporting
2014-03-26 12:58:48 +01:00
Manuel Pégourié-Gonnard
5de31ecf9c
Don't use dummy CA in compat.sh
2014-03-19 17:43:25 +01:00
Manuel Pégourié-Gonnard
3947d04b24
Fix too aggressive test for gnutls commands
2014-03-14 18:13:53 +01:00
Manuel Pégourié-Gonnard
74faf3c400
Fix usage of environment variables for commands
2014-03-14 08:41:02 +01:00
Manuel Pégourié-Gonnard
84fd6877c6
Use ssl_client2 to terminate ssl_server2
2014-03-14 08:41:02 +01:00
Manuel Pégourié-Gonnard
ba0b8442f0
compat.sh and ssl-opt.sh cosmetics
...
- do not print '0 memory errors' when memcheck was not used
- add commands to the log files
2014-03-14 08:41:02 +01:00
Manuel Pégourié-Gonnard
9edba77c06
Add --exclude and --peers options to compat.sh
2014-03-14 08:41:02 +01:00
Manuel Pégourié-Gonnard
a4371447e4
Start adding GnuTLS client support to compat.sh
2014-03-14 08:41:02 +01:00
Manuel Pégourié-Gonnard
213c67adfc
Adapt to new ssl_client2 default
2014-03-14 08:41:02 +01:00
Manuel Pégourié-Gonnard
5b2d776d2a
GnuTLS in compat.sh: server-side
2014-03-14 08:41:02 +01:00
Manuel Pégourié-Gonnard
3eec60402f
Add memcheck support to compat.sh
2014-03-14 08:41:02 +01:00
Manuel Pégourié-Gonnard
1b149ef746
Use no cert when none is required in compat.sh
2014-03-14 08:41:02 +01:00
Manuel Pégourié-Gonnard
f7a2690561
Make the openssl command configurable in sh tests
2014-03-14 08:41:02 +01:00
Manuel Pégourié-Gonnard
911622d84a
compat.sh: never kill our server
2014-03-14 08:41:02 +01:00
Manuel Pégourié-Gonnard
87ae3031ac
compat.sh: use file output (prep. for valgrind)
2014-03-14 08:41:02 +01:00
Manuel Pégourié-Gonnard
42d195acc1
compat.sh: don't start server if no ciphersuite
2014-03-14 08:41:02 +01:00
Manuel Pégourié-Gonnard
9dea8bd658
Minor compat.sh clean-up
2014-03-14 08:41:01 +01:00
Manuel Pégourié-Gonnard
a9062e96e7
shell scripts: clean up when exiting on signal
2014-03-14 08:41:01 +01:00
Manuel Pégourié-Gonnard
4145b89091
compat.sh cosmetics
2014-03-14 08:41:01 +01:00
Manuel Pégourié-Gonnard
da782c9458
compat.sh: better certificate verification testing
2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
eaadc508fb
New ssl-opt.sh test script
2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
c57e98b5fa
compat.sh: terminate ssl_server2 cleanly
2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
5f593f07f7
compat.sh: rm a useless sleep
2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
95957717f3
compat.sh: source cosmetics
2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
330e4111cb
compat.sh: factor code into run_client() function
2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
304beef2ae
compat.sh: function to start server
2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
9ada01a70c
compat.sh: regroup arguments even more
2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
1b31d7fd97
compat.sh: remove useless server restart
2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
48f196cda5
compat.sh refactoring: group ciphersuite lists
2014-03-14 08:40:59 +01:00
Manuel Pégourié-Gonnard
d941a796be
compat.sh refectoring: regroup argument setting
2014-03-14 08:40:59 +01:00
Paul Bakker
fe40f484fb
Do not print error on missing kill target in compat.sh
2013-12-19 17:47:24 +01:00
Paul Bakker
5a607d26b7
Merged IPv6 support in the NET module
2013-12-17 14:34:19 +01:00
Manuel Pégourié-Gonnard
c9baa873ca
Force server to IPv4 in compat.s
2013-12-17 14:10:58 +01:00
Manuel Pégourié-Gonnard
0759d369e6
Fix ciphersuite selection in compat.sh
2013-12-17 11:50:52 +01:00
Manuel Pégourié-Gonnard
31a2325810
Add ECDH_ECDSA suites to compat.sh
2013-12-17 11:32:31 +01:00
Manuel Pégourié-Gonnard
07b54e06da
Fix EC suites version requirements in compat.sh
2013-12-17 11:32:31 +01:00
Manuel Pégourié-Gonnard
452f6ba1a6
compat.sh cleanups
2013-12-17 11:26:59 +01:00
Manuel Pégourié-Gonnard
c6f03faeaf
Update compat.sh ciphersuite versions
2013-11-26 14:29:13 +01:00
Manuel Pégourié-Gonnard
65ea372f9b
Rm unsupported suites (export) from compat.sh
2013-10-25 18:44:07 +02:00
Manuel Pégourié-Gonnard
8d01eea7af
Add Camellia-GCM ciphersuites
2013-10-25 16:46:05 +02:00
Manuel Pégourié-Gonnard
eebb5ad6cc
Add RSA-PSK and ECDHE-PSK suites to compat.sh
2013-10-15 12:27:22 +02:00
Manuel Pégourié-Gonnard
eb1714e9c8
Fix certs/psk arguments in compat.sh
2013-09-20 12:44:08 +02:00
Manuel Pégourié-Gonnard
d331319a38
Check -m option in compat.sh
2013-09-18 14:34:32 +02:00
Manuel Pégourié-Gonnard
70064fd721
compat.sh: report results
2013-08-27 22:21:22 +02:00
Manuel Pégourié-Gonnard
7ebaf376f9
Add ECDSA suites to compat.sh
2013-08-27 22:21:22 +02:00
Manuel Pégourié-Gonnard
dfc8d5accc
Small adjustments in compat.sh
2013-08-27 22:21:22 +02:00
Manuel Pégourié-Gonnard
9791a4043e
Refactor compat.sh to prepare for ECDSA
2013-08-27 22:21:22 +02:00
Paul Bakker
0f2f0bfc87
CAMELLIA-based PSK and DHE-PSK ciphersuites added
2013-07-26 15:04:03 +02:00
Paul Bakker
524691c0a0
Added --modes option to tests/compat.sh
2013-07-25 17:01:20 +02:00
Paul Bakker
accd4eb665
compat.sh now has -f command-line option to filter used ciphersuites
2013-07-19 14:51:31 +02:00
Paul Bakker
89fe7f4388
compat.sh modified to support new ssl_server2 and ssl_client2
...
capabilities
2013-06-29 18:35:41 +02:00
Paul Bakker
40afb4ba13
Added PSK GCM, SHA256 and SHA384 ciphers from RFC5487
2013-04-19 22:03:30 +02:00
Paul Bakker
a1bf92ddb4
Added PSK NULL ciphers from RFC4785
2013-04-19 20:47:26 +02:00
Paul Bakker
48f7a5d724
DHE-PSK based ciphersuite support added and cleaner key exchange based
...
code selection
The base RFC 4279 DHE-PSK ciphersuites are now supported and added.
The SSL code cuts out code not relevant for defined key exchange methods
2013-04-19 20:47:26 +02:00
Paul Bakker
7e5e7ca205
Added PSK ciphersuite tests to compat.sh
2013-04-18 23:12:34 +02:00
Paul Bakker
abfdfbfd46
Removed duplicate value from compat.sh ciphersuite list
2013-04-08 14:07:43 +02:00
Paul Bakker
27714b1aa1
Added Camellia ECDHE-based CBC ciphersuites
...
Added TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 and
TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384
2013-04-07 23:07:12 +02:00
Paul Bakker
a54e493bc0
Added ECDHE-based SHA256 and SHA384 ciphersuites
...
Added TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 and
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ciphersuites
2013-03-20 15:31:54 +01:00
Paul Bakker
41c83d3f67
Added Ephemeral Elliptic Curve Diffie Hellman ciphersuites to SSL/TLS
...
Made all modifications to include Ephemeral Elliptic Curve Diffie
Hellman ciphersuites into the existing SSL/TLS modules. All basic
handling of the ECDHE-ciphersuites (TLS_ECDHE_RSA_WITH_NULL_SHA,
TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA)
has been included.
2013-03-20 14:39:14 +01:00
Paul Bakker
1eeceaeac8
More expansive testing
2012-11-23 14:25:34 +01:00
Paul Bakker
645ce3a2b4
- Moved ciphersuite naming scheme to IANA reserved names
2012-10-31 12:32:41 +00:00
Paul Bakker
0c93d126bc
- Ability to define openssl at top
...
- Also add SHA256 ciphersuites in non-tls 1.2 modes
2012-09-13 14:26:09 +00:00
Paul Bakker
ca4ab49158
- Added GCM ciphersuites to TLS implementation
2012-04-18 14:23:57 +00:00
Paul Bakker
10cd225962
- Added support for the SHA256 ciphersuites of AES and Camellia
2012-04-12 21:26:34 +00:00
Paul Bakker
398cb514e2
- Allow to test for multiple modes
2012-04-10 08:22:31 +00:00
Paul Bakker
fab5c829e7
- Added support for NULL cipher (POLARSSL_CIPHER_NULL_CIPHER) and weak ciphersuites (POLARSSL_ENABLE_WEAK_CIPHERSUITES). They are disabled by default!
2012-02-06 16:45:10 +00:00