| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
And drop --enable-opensslextra option recommendation in README.
Also, check SNI name, not host name.
|
|
|
|
|
| |
Use of installed CA root certificates can also be disabled entirely, but
that just breaks everything.
|
|
|
|
|
|
|
| |
This reverts commit 6cd7b5568ce306de755bc8fff3488feedf161901.
It seems a call to either wolfSSL_Rehandshake() or
wolfSSL_SecureResume() is necessary, as in wolfSSL's example client.
|
|
|
|
|
|
|
|
| |
Although this causes a SIGSEGV in wolfSSL_X509_check_host():
#0 0x00007ffff7babca2 in wolfSSL_X509_check_host () from /usr/local/lib/libwolfssl.so.19
#1 0x0000555555555d3f in s_client (argc=0, argv=0x7fffffffe3b8) at src/s_client.c:382
#2 0x000055555555545a in main (argc=6, argv=0x7fffffffe388) at src/main.c:42
|
| |
|
|
|
|
|
| |
Revocation methods are apparently used in the order in which they're
enabled.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For some reason this causes the expiry test to fail:
FAIL: tests/badssl.sh 1 - not expired
PASS: tests/badssl.sh 2 - not wrong.host
PASS: tests/badssl.sh 3 - not self-signed
PASS: tests/badssl.sh 4 - not untrusted-root
PASS: tests/badssl.sh 5 - not revoked
PASS: tests/badssl.sh 6 - no-common-name
FAIL: tests/badssl.sh 7 - no-subject
PASS: tests/badssl.sh 8 - not incomplete-chain
XFAIL: tests/badssl.sh 9 - not sha1-intermediate # TODO
PASS: tests/badssl.sh 10 - sha256
PASS: tests/badssl.sh 11 - sha384
PASS: tests/badssl.sh 12 - sha512
PASS: tests/badssl.sh 13 - not 1000-sans
PASS: tests/badssl.sh 14 - not 10000-sans
PASS: tests/badssl.sh 15 - ecc256
PASS: tests/badssl.sh 16 - ecc384
PASS: tests/badssl.sh 17 - rsa2048
PASS: tests/badssl.sh 18 - rsa4096
PASS: tests/badssl.sh 19 - not rsa8192
PASS: tests/badssl.sh 20 - extended-validation
PASS: tests/badssl.sh 21 - not http
PASS: tests/badssl.sh 22 - not cbc
PASS: tests/badssl.sh 23 - not rc4-md5
PASS: tests/badssl.sh 24 - not rc4
PASS: tests/badssl.sh 25 - not 3des
PASS: tests/badssl.sh 26 - not null
XFAIL: tests/badssl.sh 27 - not mozilla-old # TODO
PASS: tests/badssl.sh 28 - mozilla-intermediate
PASS: tests/badssl.sh 29 - mozilla-modern
PASS: tests/badssl.sh 30 - not dh480
PASS: tests/badssl.sh 31 - not dh512
PASS: tests/badssl.sh 32 - not dh1024
PASS: tests/badssl.sh 33 - dh2048
XFAIL: tests/badssl.sh 34 - not dh-small-subgroup # TODO
PASS: tests/badssl.sh 35 - not dh-compsite
PASS: tests/badssl.sh 36 - not static-rsa
PASS: tests/badssl.sh 37 - not tls-v1-0
PASS: tests/badssl.sh 38 - not tls-v1-1
PASS: tests/badssl.sh 39 - tls-v1-2
============================================================================
Testsuite summary for Unofficial wolfSSL Utility 0.1.0
(33-gb52e29a-dirty)
============================================================================
# TOTAL: 39
# PASS: 34
# SKIP: 0
# XFAIL: 3
# FAIL: 2
# XPASS: 0
# ERROR: 0
============================================================================
See ./test-suite.log
Please report to mailto:patrick.mcdermott@libiquity.com
============================================================================
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This saves 80 bytes in .text and 24 bytes in .rodata:
wolfssl-util: file format elf64-x86-64
Sections:
Idx Name Size VMA LMA File off Algn
0 .interp 0000001c 0000000000000238 0000000000000238 00000238 2**0
CONTENTS, ALLOC, LOAD, READONLY, DATA
1 .note.ABI-tag 00000020 0000000000000254 0000000000000254 00000254 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA
2 .note.gnu.build-id 00000024 0000000000000274 0000000000000274 00000274 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA
3 .gnu.hash 0000003c 0000000000000298 0000000000000298 00000298 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
4 .dynsym 00000450 00000000000002d8 00000000000002d8 000002d8 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
5 .dynstr 000002ab 0000000000000728 0000000000000728 00000728 2**0
CONTENTS, ALLOC, LOAD, READONLY, DATA
6 .gnu.version 0000005c 00000000000009d4 00000000000009d4 000009d4 2**1
CONTENTS, ALLOC, LOAD, READONLY, DATA
7 .gnu.version_r 00000020 0000000000000a30 0000000000000a30 00000a30 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
8 .rela.dyn 00000108 0000000000000a50 0000000000000a50 00000a50 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
9 .rela.plt 00000318 0000000000000b58 0000000000000b58 00000b58 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
10 .init 00000017 0000000000000e70 0000000000000e70 00000e70 2**2
CONTENTS, ALLOC, LOAD, READONLY, CODE
11 .plt 00000220 0000000000000e90 0000000000000e90 00000e90 2**4
CONTENTS, ALLOC, LOAD, READONLY, CODE
12 .plt.got 00000008 00000000000010b0 00000000000010b0 000010b0 2**3
CONTENTS, ALLOC, LOAD, READONLY, CODE
- 13 .text 00000792 00000000000010c0 00000000000010c0 000010c0 2**4
+ 13 .text 00000742 00000000000010c0 00000000000010c0 000010c0 2**4
CONTENTS, ALLOC, LOAD, READONLY, CODE
- 14 .fini 00000009 0000000000001854 0000000000001854 00001854 2**2
+ 14 .fini 00000009 0000000000001804 0000000000001804 00001804 2**2
CONTENTS, ALLOC, LOAD, READONLY, CODE
- 15 .rodata 000001a6 0000000000001860 0000000000001860 00001860 2**3
+ 15 .rodata 0000018e 0000000000001810 0000000000001810 00001810 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
- 16 .eh_frame_hdr 00000044 0000000000001a08 0000000000001a08 00001a08 2**2
+ 16 .eh_frame_hdr 00000044 00000000000019a0 00000000000019a0 000019a0 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA
- 17 .eh_frame 00000184 0000000000001a50 0000000000001a50 00001a50 2**3
+ 17 .eh_frame 00000184 00000000000019e8 00000000000019e8 000019e8 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
18 .init_array 00000008 0000000000201dc8 0000000000201dc8 00001dc8 2**3
CONTENTS, ALLOC, LOAD, DATA
19 .fini_array 00000008 0000000000201dd0 0000000000201dd0 00001dd0 2**3
CONTENTS, ALLOC, LOAD, DATA
20 .jcr 00000008 0000000000201dd8 0000000000201dd8 00001dd8 2**3
CONTENTS, ALLOC, LOAD, DATA
21 .dynamic 000001f0 0000000000201de0 0000000000201de0 00001de0 2**3
CONTENTS, ALLOC, LOAD, DATA
22 .got 00000030 0000000000201fd0 0000000000201fd0 00001fd0 2**3
CONTENTS, ALLOC, LOAD, DATA
23 .got.plt 00000120 0000000000202000 0000000000202000 00002000 2**3
CONTENTS, ALLOC, LOAD, DATA
24 .data 00000018 0000000000202120 0000000000202120 00002120 2**3
CONTENTS, ALLOC, LOAD, DATA
25 .bss 00000010 0000000000202140 0000000000202140 00002138 2**5
ALLOC
26 .comment 00000026 0000000000000000 0000000000000000 00002138 2**0
CONTENTS, READONLY
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As many source lines as this removes, here's the binary size difference:
wolfssl-util: file format elf64-x86-64
Sections:
Idx Name Size VMA LMA File off Algn
0 .interp 0000001c 0000000000000238 0000000000000238 00000238 2**0
CONTENTS, ALLOC, LOAD, READONLY, DATA
1 .note.ABI-tag 00000020 0000000000000254 0000000000000254 00000254 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA
2 .note.gnu.build-id 00000024 0000000000000274 0000000000000274 00000274 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA
3 .gnu.hash 0000003c 0000000000000298 0000000000000298 00000298 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
4 .dynsym 00000450 00000000000002d8 00000000000002d8 000002d8 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
5 .dynstr 000002ab 0000000000000728 0000000000000728 00000728 2**0
CONTENTS, ALLOC, LOAD, READONLY, DATA
6 .gnu.version 0000005c 00000000000009d4 00000000000009d4 000009d4 2**1
CONTENTS, ALLOC, LOAD, READONLY, DATA
7 .gnu.version_r 00000020 0000000000000a30 0000000000000a30 00000a30 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
8 .rela.dyn 00000108 0000000000000a50 0000000000000a50 00000a50 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
9 .rela.plt 00000318 0000000000000b58 0000000000000b58 00000b58 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
10 .init 00000017 0000000000000e70 0000000000000e70 00000e70 2**2
CONTENTS, ALLOC, LOAD, READONLY, CODE
11 .plt 00000220 0000000000000e90 0000000000000e90 00000e90 2**4
CONTENTS, ALLOC, LOAD, READONLY, CODE
12 .plt.got 00000008 00000000000010b0 00000000000010b0 000010b0 2**3
CONTENTS, ALLOC, LOAD, READONLY, CODE
- 13 .text 00000782 00000000000010c0 00000000000010c0 000010c0 2**4
+ 13 .text 00000792 00000000000010c0 00000000000010c0 000010c0 2**4
CONTENTS, ALLOC, LOAD, READONLY, CODE
- 14 .fini 00000009 0000000000001844 0000000000001844 00001844 2**2
+ 14 .fini 00000009 0000000000001854 0000000000001854 00001854 2**2
CONTENTS, ALLOC, LOAD, READONLY, CODE
- 15 .rodata 000001a6 0000000000001850 0000000000001850 00001850 2**3
+ 15 .rodata 000001a6 0000000000001860 0000000000001860 00001860 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
- 16 .eh_frame_hdr 00000044 00000000000019f8 00000000000019f8 000019f8 2**2
+ 16 .eh_frame_hdr 00000044 0000000000001a08 0000000000001a08 00001a08 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA
- 17 .eh_frame 00000184 0000000000001a40 0000000000001a40 00001a40 2**3
+ 17 .eh_frame 00000184 0000000000001a50 0000000000001a50 00001a50 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
18 .init_array 00000008 0000000000201dc8 0000000000201dc8 00001dc8 2**3
CONTENTS, ALLOC, LOAD, DATA
19 .fini_array 00000008 0000000000201dd0 0000000000201dd0 00001dd0 2**3
CONTENTS, ALLOC, LOAD, DATA
20 .jcr 00000008 0000000000201dd8 0000000000201dd8 00001dd8 2**3
CONTENTS, ALLOC, LOAD, DATA
21 .dynamic 000001f0 0000000000201de0 0000000000201de0 00001de0 2**3
CONTENTS, ALLOC, LOAD, DATA
22 .got 00000030 0000000000201fd0 0000000000201fd0 00001fd0 2**3
CONTENTS, ALLOC, LOAD, DATA
23 .got.plt 00000120 0000000000202000 0000000000202000 00002000 2**3
CONTENTS, ALLOC, LOAD, DATA
24 .data 00000018 0000000000202120 0000000000202120 00002120 2**3
CONTENTS, ALLOC, LOAD, DATA
25 .bss 00000010 0000000000202140 0000000000202140 00002138 2**5
ALLOC
26 .comment 00000026 0000000000000000 0000000000000000 00002138 2**0
CONTENTS, READONLY
16 more bytes in the .text section. Oh well.
|
|
|
|
| |
wolfSSL doesn't do this automatically?!
|
|
|
|
| |
And update tests/badssl.sh results.
|
| |
|
|
|
|
|
| |
wolfSSL's error reporting and debugging messages were of no help in
debugging this.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|