538a18fde0
[Bug 220380] Add SSL client auth stress tests. Attachment #4 . r=julien
2006-05-20 18:32:08 +00:00
1cfdf61890
Add and use new -2 option for strsclnt to disable SSL2 compatible client
...
hellos, so we can stress test TLS hello extensions. Bug 333559.
r=julien.pierre,rrelyea
2006-04-13 22:43:31 +00:00
779a0beabf
Add new -i (ignore errors) command line option to strsclnt. Strsclnt now
...
stops soon after the first error unless the -i option is given.
Strsclnt and tstclnt now look for an environment variable named
NSS_DEBUG_TIMEOUT, and if present, its value is used as a timeout time
for all socket IO operations. Bug 332348. r=julien.pierre.
2006-04-04 07:31:46 +00:00
39ee00370d
Fix for 330068 . Be more verbose in strsclnt error cases
2006-03-29 22:35:44 +00:00
01fe9ff1bf
Fix for bug 330068 . Increment counter variable atomically. Be more verbose. r=nelson
2006-03-29 05:05:09 +00:00
1477ed4b30
Fix for bug 317856 . uninitialized variable correction. r=wtchang
2006-01-20 22:55:15 +00:00
91408cf272
Fix for bug 317856 . compiler warnings in strsclnt
2006-01-20 00:43:23 +00:00
fff23fc797
Bugzilla Bug 236245: Updated NSS to "ECC Cipher Suites for TLS" draft 12
...
plus upcoming revisions. The patch is contributed by Douglas Stebila
of Sun Labs <douglas@stebila.ca>. r=wtc.
Modified Files:
cmd/selfserv/selfserv.c cmd/strsclnt/strsclnt.c
cmd/tstclnt/tstclnt.c cmd/vfyserv/vfyserv.c lib/ssl/ssl3con.c
lib/ssl/ssl3ecc.c lib/ssl/ssl3prot.h lib/ssl/sslenum.c
lib/ssl/sslimpl.h lib/ssl/sslinfo.c lib/ssl/sslproto.h
lib/ssl/sslsock.c tests/ssl/ecssl.sh tests/ssl/ecsslauth.txt
tests/ssl/ecsslcov.txt tests/ssl/ecsslstress.txt
tests/ssl/ssl.sh
2005-12-14 01:49:40 +00:00
d016e006b8
Bug 305147: add -B (bypass SSL) and -s (disable SSL locking) to server and client commands; add bypass testing to SSL test suite.
2005-09-09 04:50:07 +00:00
d391504d03
Remove fortezza code from libSSL and from the SSL test programs.
...
Stop building fortezza's special software token, and fortezza specific
test programs. Bug 239960. r=rrelyea.
Modified Files:
cmd/manifest.mn cmd/platlibs.mk cmd/SSLsample/server.c
cmd/SSLsample/sslsample.c cmd/modutil/modutil.c
cmd/selfserv/selfserv.c cmd/sslstrength/sslstrength.c
cmd/strsclnt/strsclnt.c cmd/tstclnt/tstclnt.c
cmd/vfyserv/vfyserv.c cmd/vfyserv/vfyutil.c lib/manifest.mn
lib/ssl/nsskea.c lib/ssl/preenc.h lib/ssl/prelib.c
lib/ssl/ssl.h lib/ssl/ssl3con.c lib/ssl/ssl3prot.h
lib/ssl/sslauth.c lib/ssl/sslcon.c lib/ssl/sslenum.c
lib/ssl/sslimpl.h lib/ssl/sslinfo.c lib/ssl/sslproto.h
lib/ssl/sslsecur.c lib/ssl/sslsnce.c lib/ssl/sslsock.c
lib/ssl/sslt.h
2005-08-16 03:42:26 +00:00
5c55935a1d
Fix for bug 292151 . Prevent strsclnt from starting threads for each connection. Allow specifying a ratio of full handshakes . r=nelson
2005-07-25 20:39:14 +00:00
80dfaa9d1b
Fix for 293091 - add double -o option to skip cert verification completely. r=nelson
2005-05-07 04:10:55 +00:00
7d6edc424d
Back out the preceeding fortezza removal patch, which was accidentally
...
applied to the trunk, not to the intended branch.
2005-04-06 21:35:45 +00:00
17a1f014fd
Remove fortezza support from libSSL and related commands. Bug 239960.
...
ON PERFORMANCE_HACKS_BRANCH. r=rrelyea.
2005-04-06 19:43:19 +00:00
fc043a3854
initialize variable
2004-10-07 03:57:19 +00:00
ed405e7ea1
Remove unused variables
2004-10-07 03:56:37 +00:00
3634d4d94b
Bug 236613: change to MPL/LGPL/GPL tri-license.
2004-04-25 15:03:26 +00:00
4868d7e8c2
Bugzilla bug 225373: the return value of CERT_NameToAscii must be freed
...
with PORT_Free.
Modified Files:
cmd/lib/secutil.c cmd/selfserv/selfserv.c
cmd/signver/pk7print.c cmd/strsclnt/strsclnt.c
cmd/tstclnt/tstclnt.c lib/certdb/cert.h
2003-11-13 16:10:45 +00:00
52f15c0d08
Resolves bug 206971 - selfserv should OptimizeSpeed (use NSS_Initialize).
...
Both selfserv and strsclnt no longer OptimizeSpace. Moved SECMOD_DB
defines from nssinit.c to nss.h, make it availble for public use with
NSS_Initialize().
2003-05-30 17:25:13 +00:00
a4d31ce381
Add -3 and -T options, with same meaning as in tstclnt and selfserv,
...
disabling SSL3 and TLS respectively. With this change, the QA stress
tests that say they're testing SSL3 or TLS can finally test what they
claim they are testing.
2003-05-30 05:35:52 +00:00
481bd9b8d6
Fix for bug 204015 - make strsclnt reuse token after it is unplugged . r=nelsonb
2003-05-15 17:09:19 +00:00
3f52ba47c1
Changes to enable ECC over characteristic 2^m fields.
...
Contribution from Vipul Gupta <Vipul.Gupta@Sun.COM>
Modified Files:
nss/cmd/strsclnt/strsclnt.c nss/lib/cryptohi/seckey.c
nss/lib/freebl/blapit.h nss/lib/freebl/ec.c
nss/lib/freebl/manifest.mn nss/lib/freebl/mpi/Makefile
nss/lib/softoken/ecdecode.c nss/lib/softoken/pkcs11.c
nss/lib/ssl/ssl3con.c nss/lib/util/secoid.c
nss/lib/util/secoidt.h
2003-03-29 00:18:30 +00:00
3cfd1da0cc
Bug 145029: fixed compiler warnings (mostly "xxx might be used
...
uninitialized").
2003-01-17 02:49:11 +00:00
209f994fd3
Need to call SSL_ClearSessionCache before calling NSS_Shutdown.
2003-01-08 21:40:52 +00:00
1b239a8ed0
checking return value of NSS_Shutdown. Bug 171263
2003-01-07 22:31:36 +00:00
e179fe8904
Fix 164126: makefile build error.
...
Change the NSS module name from "security" to "nss".
2002-09-06 16:38:56 +00:00
a9ff4e3f4d
fix a cert reference leak in strsclnt
2002-04-15 14:24:15 +00:00
515ed51a75
Add cross-platform (WinCE) support.
2002-04-04 00:00:27 +00:00
a56e787c34
clean up certs & keys for purify
2002-02-15 20:50:47 +00:00
6312ec5441
Add code to test new SSL_LocalCertificate() function on first connection,
...
or on every connection if -vv option is used. Bug 78959.
Also, the nickname "none" can now be used to prevent performing client
authentication without having to use an invalid password.
2001-11-09 05:43:06 +00:00
9740e66d2f
Reimplement SSL_GetChannelInfo. Add new function SSL_GetCipherSuiteInfo().
...
Also, implement new ciphersuite preference order. Bug 78959.
2001-11-02 04:24:28 +00:00
cbf52380ab
Correct the test for length of data in SSL channel info struct.
2001-09-26 04:22:55 +00:00
c9558281fc
Add support for new TLS AES ciphersuites. Bug 87021.
2001-09-21 03:09:32 +00:00
943a907b01
Use new function SSL_GetChannelInfo(). Bugzilla bug 78959.
2001-09-18 02:02:05 +00:00
7c39f6468b
Bugzilla: 81706. strsclnt exit code
2001-05-24 16:44:25 +00:00
f5d55452bc
64970 stress tests don't fail when selfserver is gone
...
Added -q argument (quit after about 60 seconds waiting for selfserv).
2001-04-24 23:02:34 +00:00
b4e192dc29
Fix leak of cert reference in cert authentication callback functions.
2001-03-30 00:40:24 +00:00
7dcf6f9722
Make SSL API consistent in using SECStatus as return value for functions
...
that return only values in that enumeration. Bug 68097. R&A = relyea.
Modified Files:
lib/ssl/ssl.h lib/ssl/sslauth.c lib/ssl/sslsecur.c
lib/ssl/sslsnce.c lib/ssl/sslsock.c cmd/selfserv/selfserv.c
cmd/strsclnt/strsclnt.c
2001-02-09 00:32:14 +00:00
9c6844617f
Changes suggested by Wan-Teh.
2001-02-08 01:32:32 +00:00
c216172478
Add new -D command line option to suppress TCP Nagle delays.
...
This is used to verify the fix for bug 67898.
2001-02-07 01:50:46 +00:00
14c87961d5
Add implementation of SSL_RSA_WITH_RC4_128_SHA SSL3 cipher suite,
...
which is not enabled by default. Bug 59795.
2001-01-13 02:05:15 +00:00
793dba6814
Stop using deprecated SSL functions. Convert them to the supported ones.
2001-01-06 02:40:02 +00:00
1311ab52d4
Changes to deal with exporting data from Windows DLLs.
...
SECHashObjects[] is no longer exported.
New function HASH_GetHashObject returns pointer to selected const object.
SSL statistics are now in a structure whose address is obtained via a
call to SSL_GetStatistics().
On NT, the new symbol NSS_USE_STATIC_LIBS must be declared in programs
that use the static SSL library.
Also, propagate "const" declaration for SECHashObjects.
2001-01-05 01:38:26 +00:00
351f30a205
Bugzilla: 64132. NSS lock instrumentation
2001-01-03 19:51:22 +00:00
c76148218a
Add a new -t option to specify the maximum number of threads, and hence
...
the maximum number of simultaneous connections. Default is now 8.
values < 1 or > 32 are ignored. Also, increase the minimum delay interval
for retrying failed connections from 10 to 50 milliseconds, and increase
it exponentially if/as more retries are required. These changes have
made the stress tests finish considerably faster, and have improved the
consistency from run to run. Previously runs times varies by 2:1 or more.
2000-12-07 05:34:50 +00:00
1b19b2d3b6
An enhancement to the new -N feature. When -N is selected, do NOT wait
...
for the first https request to finish before launching all the others.
2000-10-13 01:25:44 +00:00
1f1201dd3d
Add new -N option. N means "No session reuse." -N disables the client
...
session cache, forcing all SSL handshakes to be FULL RSA handshakes.
2000-10-13 00:47:57 +00:00
34c1f51a9d
All output messages from strsclnt now begin with the string "strsclnt: ".
...
This makes it easier to separate mixed client and server output.
2000-10-10 02:10:25 +00:00
c916074eb3
3 Changes:
...
- Test SSL2 (not SSL3) when only SSL2 ciphers have been chosen.
- Use a different metric for determining when multiple full handshakes
have been done with SSL2. (Can't use SSL3's counters for that purpose.)
- When PR_Connect returns a "connection reset by peer" error, silently
retry the operation with a new socket.
2000-10-05 04:11:31 +00:00
37f88721c8
Fix bug 54956, and cleanup some other things. Warning reduction.
2000-10-03 00:36:53 +00:00
alexei.volkov.bugs%sun.com
nelson%bolyard.com
julien.pierre.bugs%sun.com
wtchang%redhat.com
saul.edwards%sun.com
nelsonb%netscape.com
gerv%gerv.net
wchang0222%aol.com
kirk.erickson%sun.com
jpierre%netscape.com
wtc%netscape.com
bishakhabanerjee%netscape.com
nicolson%netscape.com
ian.mcgreer%sun.com
larryh%netscape.com
kirke%netscape.com