Hi Hubert,
Thanks for the pointer. I'll take a look.
Cykesiopka
On Thu 2015-10-01 10:12 AM, Hubert Kario wrote:
On Sunday 20 September 2015 23:50:56 Cykesiopka wrote:
Hi,
As part of my work on creating tests for
https://bugzilla.mozilla.org/show_bug.cgi?id=883674, I need some way
to control whether or not the NSS server sends the renegotiation
extension.
My current idea is to add a debug only SSL_ option for this (I have no
interest in letting such an option be used in production).
Does this sound like a reasonable solution?
I don't know the code in question, but I'm afraid that it would be
fairly invasive (i.e. couldn't be limited to just selfserv). Adding
debug features to core parts of security software is also not a good
idea (at least IMHO). Finally, this code would have to be built twice so
that it could be actually tested with automated testing.
now, putting a cap of the product developer: if you want to see what
happens with a given TLS implementation or server when the other side
doesn't meet its expectations, it should be fairly easy to extend
tlsfuzzer[1] with this feature (pull requests more than welcome, and I
actually do plan to work on this myself in November).
1 - https://github.com/tomato42/tlsfuzzer
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
