Daniel Pouzzner
|
94a3f86dcd
scripts/ocsp-stapling*.test: check if IPv6 is supported by the installed openssl and nc executables, and if not, don't attempt to wrestle the version. with no IPv6 support, and an --enable-ipv6 wolfssl build, skip the test entirely. also, restore a couple -b (bind-all-interfaces) flags to examples/server/server recipes in case that's useful.
|
4 jaren geleden |
Daniel Pouzzner
|
7a5cbaa9bc
fix scripts/ocsp-stapling*.test to accommodate IPv6 examples/ client/server build.
|
4 jaren geleden |
Sean Parkinson
|
60b0b0170b
TLS OCSP Stapling: MUST staple option
|
4 jaren geleden |
Daniel Pouzzner
|
5ed2fe8092
scripts/: more race elimination/mitigation.
|
4 jaren geleden |
Daniel Pouzzner
|
b669f8eeb9
scripts/: tweak scripts/include.am to run ocsp tests before rather than after testsuite and unit.test; revert POSIXish scripts/*.test to use /bin/sh.
|
4 jaren geleden |
Daniel Pouzzner
|
51046d45d3
add bwrapping on all other scripts/*.test except those that make Internet connections, and remove test for setuid bit, as some systems are configured to not require setuid/CAP_NET_ADMIN for CLONE_NEWNET.
|
4 jaren geleden |
Daniel Pouzzner
|
1e9971f64c
scripts/ocsp-stapling*.test: add bwrap attempt at top, to isolate network namespace.
|
4 jaren geleden |
Daniel Pouzzner
|
8f25456f86
scripts/ocsp-stapling*.test, wolfssl/test.h: refactor scripts/ocsp-stapling*.test for orthogonality and robustness, with retries and early failure detection. also, reduce sleeps in ocsp-stapling-with-ca-as-responder.test to 0.1, matching sleeps in other 2 scripts. finally, in wolfssl/test.h, #ifdef SO_REUSEPORT do that when binding ports, and add optional rendering of errno strings for failed syscalls using err_sys_with_errno() when -DDEBUG_TEST_ERR_SYS_WITH_ERRNO.
|
4 jaren geleden |
David Garske
|
6a984da53f
Fixes and Improvements to OCSP scripts. Fix for OCSP test with IPV6 enabled (use `-b` bind to any on server). Fix to use random port number for the `oscp-stapling.test` script. Reduce delay times in scripts.
|
4 jaren geleden |
kaleb-himes
|
42f3a6d7a4
Put both potential roots for login.live.com into collection for stapling test
|
4 jaren geleden |
Jacob Barthelmeh
|
0a6b93fda2
add single quotes around -? in test scripts
|
4 jaren geleden |
Eric Blankenhorn
|
b83804cb9d
Correct misspellings and typos from codespell tool
|
5 jaren geleden |
Jacob Barthelmeh
|
a00eaeb877
add ocsp stapling test and initialize values
|
5 jaren geleden |
toddouska
|
fc64788092
Merge pull request #1795 from SparkiDev/tls13_no_tls12
|
6 jaren geleden |
Sean Parkinson
|
487c60df78
Fixes to work when compiled with TLS 1.3 only
|
6 jaren geleden |
Jacob Barthelmeh
|
46c04cafd3
change grep message for RSA key size with tests
|
6 jaren geleden |
Jacob Barthelmeh
|
f74406d2c9
check max key size with ocsp stapling test
|
6 jaren geleden |
kaleb-himes
|
280de47d06
Use pzero solutions on servers and clients in addition to ocsp responders
|
6 jaren geleden |
kaleb-himes
|
c288a214b1
give servers time to shut-down after client connection
|
6 jaren geleden |
kaleb-himes
|
35dbf9a6fe
address file restoration issue present when git not available
|
6 jaren geleden |
John Safranek
|
c71f730d67
OSCP
|
6 jaren geleden |
kaleb-himes
|
ddec878152
Disable external tests for OCSP scripts
|
6 jaren geleden |
kaleb-himes
|
a178764a8b
Portability and self-cleanup changes to ocsp test scripts
|
6 jaren geleden |
Sean Parkinson
|
0bf3a89992
TLS 1.3 OCSP Stapling
|
6 jaren geleden |
Moisés Guimarães
|
43c234029b
adds a call to wolfSSL_CTX_EnableOCSPStapling() on client.c to fix ocspstapling2 tests and removes unnecessary 'kill ' from the test scripts
|
7 jaren geleden |
Chris Conlon
|
af00787f80
update root certs for ocsp scripts
|
7 jaren geleden |
Moisés Guimarães
|
a9d5dcae58
updates ocsp tests; adds check for OCSP response signed by issuer.
|
7 jaren geleden |
Chris Conlon
|
45c8ed1436
remove -X from ocsp stapling tests that are not external
|
8 jaren geleden |
Moisés Guimarães
|
db7aab5e37
fixes ocsp stapling tests ignoring CRL
|
8 jaren geleden |
David Garske
|
993972162e
MinGW fixes, server port assigning cleanup and ping test cleanup. Fixes issue with visibility detection with MinGW. The visibility.m4 script was not actually trying to call the hidden function, which caused MinGW to detect improperly that visibility was supported. Fix for bogusFile on Windows build. Fixes to build warnings for unused variable 'res' and signed/unsigned comparison for sizeof min(). Cleanup of the server side port assignment to allow use with Windows/MinGW/Cygwin. If Windows uses new GetRandomPort() function in test.h to get port in in the 49152 - 65535 range. If *nix then uses the tcp_listen returned port. Otherwise uses the default wolfSSLPort. Refactor of the ping test code to use common file and properly handle ping count differences (Windows "-c" vs. *Nix style "-n"). Workaround for MinGW and cyassl/options.h getting file permissions error. Added non-fatal compile warning if using MinGW that "strtok_s" might be missing along with a link to public domain source that can be used.
|
8 jaren geleden |