summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* configure.ac: Check for ProteanOS root certs dirPatrick McDermott2020-08-091-1/+2
|
* configure.ac: Update copyright yearsPatrick McDermott2020-08-091-2/+2
|
* build, s_client: Support certificates filePatrick McDermott2020-08-082-18/+36
|
* s_client: Enable wolfSSL debug msgs if not quietPatrick McDermott2020-08-071-1/+6
|
* NEWS, configure.ac: Set version to 1.0.0Patrick McDermott2020-08-052-2/+2
|
* scripts/announce-release.sh: Update URL in sigPatrick McDermott2020-07-201-1/+1
|
* tests/badssl.sh: Drop sha1-intermediatePatrick McDermott2020-07-201-2/+1
| | | | | | This subdomain is defunct with an expired certificate: https://github.com/chromium/badssl.com/pull/445
* tests/badssl.sh: badssl.com certs are expiringPatrick McDermott2020-07-201-2/+6
|
* tests/badssl.sh: Organize outputPatrick McDermott2020-07-201-3/+5
|
* Rename package and executable to wolfutilPatrick McDermott2020-07-2010-52/+52
|
* Makefile.am: Generate ChangeLogPatrick McDermott2019-10-011-0/+10
|
* Makefile.am: Fix copyright yearsPatrick McDermott2019-09-301-1/+1
|
* Update copyright noticesPatrick McDermott2019-09-058-7/+8
| | | | | | Copyrights in my contributions to this package were transferred to Libiquity LLC by a contract executed 2019-09-04. And as of this writing, this package has not yet been published.
* s_client: Don't save wolfSSL_get_error() valuePatrick McDermott2019-08-041-2/+1
|
* s_client: Merge assignment and conditionalPatrick McDermott2019-08-041-2/+1
| | | | No change to binary, just bumming one line of source code.
* s_client: Merge more conditionalsPatrick McDermott2019-08-041-15/+11
|
* s_client: Make a NULL condition explicitPatrick McDermott2019-08-041-1/+1
|
* s_client: Don't manually enable curvesPatrick McDermott2019-08-031-96/+0
| | | | They're apparently already enabled.
* README: Wrap at 72 columns, not 80Patrick McDermott2019-08-031-13/+13
|
* Rename executable to wolfsslPatrick McDermott2019-08-036-14/+14
|
* README: Stronger by default than openssl s_clientPatrick McDermott2019-08-031-0/+13
|
* s_client: Use wolfSSL DN check code, not extra APIPatrick McDermott2019-08-032-19/+4
| | | | | | And drop --enable-opensslextra option recommendation in README. Also, check SNI name, not host name.
* README: Recommend a strong wolfSSL configurationPatrick McDermott2019-08-031-0/+20
|
* build: Add Organization header to announcementsPatrick McDermott2019-08-021-0/+1
|
* build: Set GIT_DIR earlier in announce scriptPatrick McDermott2019-08-011-2/+2
|
* MD5SUMS, SHA256SUMS: Exclude from GitPatrick McDermott2019-08-011-0/+2
|
* build: Support announcing first versionPatrick McDermott2019-08-011-4/+6
|
* build: Add release targetPatrick McDermott2019-08-012-1/+180
|
* build: Save user CFLAGSPatrick McDermott2019-08-011-1/+2
|
* tests/aux/json.sh: Fix continue not in a loopPatrick McDermott2019-08-011-1/+1
| | | | | | | | | | | | Fixes the following error with Bash: [...]/tests/aux/json.sh: line 144: continue: only meaningful in a `for', `while', or `until' loop json.sh: syntax: /given_cipher_suites/1 json.sh: syntax: / json.sh: syntax: / Oddly, Dash treats continue outside a loop as return, which is undefined behavior.
* tests/howsmyssl.sh: New test scriptPatrick McDermott2019-08-012-1/+69
|
* tests/aux/json.sh: New filePatrick McDermott2019-08-012-1/+404
|
* build: Include debugging symbols in Git buildsPatrick McDermott2019-07-311-2/+5
|
* build: Fix stray printf format specifierPatrick McDermott2019-07-311-1/+1
|
* Revert "build: Disable address sanitization by default"Patrick McDermott2019-07-312-1/+43
| | | | This reverts commit 0c9789c85ca4542697fbfae82f1ed412ab2b2dbe.
* build: Search several possible CA certificate pathsPatrick McDermott2019-07-311-12/+26
|
* build: Make CA root certificates path configurablePatrick McDermott2019-07-312-2/+41
| | | | | Use of installed CA root certificates can also be disabled entirely, but that just breaks everything.
* build: Drop GCC version check for warningsPatrick McDermott2019-07-301-2/+1
| | | | I think this was a copy/paste accident.
* build: Disable address sanitization by defaultPatrick McDermott2019-07-302-43/+1
|
* README: Use name "wolfssl-util" in first sentencePatrick McDermott2019-07-301-4/+4
|
* README: SSL is disabled by default by wolfSSLPatrick McDermott2019-07-301-3/+3
| | | | And not enabled at all by wolfssl-util.
* NEWS: I forgot articlePatrick McDermott2019-07-301-2/+2
|
* build: Drop vestige of GettextPatrick McDermott2019-07-301-1/+1
|
* Revert "s_client: Enable secure renegotiation"Patrick McDermott2019-07-301-7/+1
| | | | | | | This reverts commit 6cd7b5568ce306de755bc8fff3488feedf161901. It seems a call to either wolfSSL_Rehandshake() or wolfSSL_SecureResume() is necessary, as in wolfSSL's example client.
* s_client: Enable secure renegotiationPatrick McDermott2019-07-301-1/+7
| | | | | | | | Although this causes a SIGSEGV in wolfSSL_X509_check_host(): #0 0x00007ffff7babca2 in wolfSSL_X509_check_host () from /usr/local/lib/libwolfssl.so.19 #1 0x0000555555555d3f in s_client (argc=0, argv=0x7fffffffe3b8) at src/s_client.c:382 #2 0x000055555555545a in main (argc=6, argv=0x7fffffffe388) at src/main.c:42
* s_client: Enable OCSP staplingPatrick McDermott2019-07-301-0/+11
|
* Revert "tests/ocsp-stapling.sh: New test script"Patrick McDermott2019-07-302-39/+1
| | | | | | | | This reverts commit 990942046a013e4eab23499cd32218bf046791aa. Apparently, even with OCSP stapling, wolfSSL still performs CRL and OCSP lookups. Is there a way to disable CRL and OCSP when a stapled OCSP response is found in the handshake?
* tests/ocsp-stapling.sh: New test scriptPatrick McDermott2019-07-302-1/+39
|
* s_client: Enable OCSP before CRLPatrick McDermott2019-07-301-4/+4
| | | | | Revocation methods are apparently used in the order in which they're enabled.
* s_client: Require HAVE_CRL_IO for CRLPatrick McDermott2019-07-301-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For some reason this causes the expiry test to fail: FAIL: tests/badssl.sh 1 - not expired PASS: tests/badssl.sh 2 - not wrong.host PASS: tests/badssl.sh 3 - not self-signed PASS: tests/badssl.sh 4 - not untrusted-root PASS: tests/badssl.sh 5 - not revoked PASS: tests/badssl.sh 6 - no-common-name FAIL: tests/badssl.sh 7 - no-subject PASS: tests/badssl.sh 8 - not incomplete-chain XFAIL: tests/badssl.sh 9 - not sha1-intermediate # TODO PASS: tests/badssl.sh 10 - sha256 PASS: tests/badssl.sh 11 - sha384 PASS: tests/badssl.sh 12 - sha512 PASS: tests/badssl.sh 13 - not 1000-sans PASS: tests/badssl.sh 14 - not 10000-sans PASS: tests/badssl.sh 15 - ecc256 PASS: tests/badssl.sh 16 - ecc384 PASS: tests/badssl.sh 17 - rsa2048 PASS: tests/badssl.sh 18 - rsa4096 PASS: tests/badssl.sh 19 - not rsa8192 PASS: tests/badssl.sh 20 - extended-validation PASS: tests/badssl.sh 21 - not http PASS: tests/badssl.sh 22 - not cbc PASS: tests/badssl.sh 23 - not rc4-md5 PASS: tests/badssl.sh 24 - not rc4 PASS: tests/badssl.sh 25 - not 3des PASS: tests/badssl.sh 26 - not null XFAIL: tests/badssl.sh 27 - not mozilla-old # TODO PASS: tests/badssl.sh 28 - mozilla-intermediate PASS: tests/badssl.sh 29 - mozilla-modern PASS: tests/badssl.sh 30 - not dh480 PASS: tests/badssl.sh 31 - not dh512 PASS: tests/badssl.sh 32 - not dh1024 PASS: tests/badssl.sh 33 - dh2048 XFAIL: tests/badssl.sh 34 - not dh-small-subgroup # TODO PASS: tests/badssl.sh 35 - not dh-compsite PASS: tests/badssl.sh 36 - not static-rsa PASS: tests/badssl.sh 37 - not tls-v1-0 PASS: tests/badssl.sh 38 - not tls-v1-1 PASS: tests/badssl.sh 39 - tls-v1-2 ============================================================================ Testsuite summary for Unofficial wolfSSL Utility 0.1.0 (33-gb52e29a-dirty) ============================================================================ # TOTAL: 39 # PASS: 34 # SKIP: 0 # XFAIL: 3 # FAIL: 2 # XPASS: 0 # ERROR: 0 ============================================================================ See ./test-suite.log Please report to mailto:patrick.mcdermott@libiquity.com ============================================================================