| Age | Commit message (Collapse) | Author |
|---|
|
OpenSSL doesn't seem to report error locations in the same way as
before, which broke one of our tests.
Fixes bug 40170; bugfix on 0.2.8.1-alpha.
|
|
This patch lifts the `tor_tls_cert_matches_key()` tests out of the
OpenSSL specific TLS test suite and moves it into the generic TLS test
suite that is executed for both OpenSSL and NSS.
This patch is largely a code movement, but we had to rewrite parts of
the test to avoid using OpenSSL specific data-types (such as `X509 *`)
and replace it with the generic Tor abstraction type
(`tor_x509_cert_impl_t *`).
This patch is part of the fix for TROVE-2020-001.
See: https://bugs.torproject.org/33119
|
|
|
|
|
|
Since this is an "intrusive" test, it only shows up for openssl <1.1
This is a bugfix on 0.3.5.x; bug not in any released Tor.
|
|
Bugfix on 0.3.5.x; bugfix not on any released Tor.
|
|
|
|
|
|
|
|
Everything that might have used it, uses tor_tls_cert_is_valid() instead.
|
|
This function was supposed to implement a half-duplex mode for our
TLS connections. However, nothing in Tor actually uses it (besides
some unit tests), and the implementation looks really questionable
to me. It's probably best to remove it. We can add a tested one
later if we need one in the future.
|
|
|
|
Also, add a stubbed-out nss version of the modules. The tests won't
pass with NSS yet since the NSS modules don't do anything.
This is a good patch to read with --color-moved.
|
