Plus r1844425 which simplifies TestRequest.pm since IO::Socket::SSL has
a working getline().
Am 20.10.2018 um 09:59 schrieb Rainer Jung:
I now also added r1844396 to allow setting the CA for peer cert
verification and used it in echo.t and nttp-like.t to unbreak their ssl
testing (r1844397).
Am 20.10.2018 um 13:26 schrieb Christophe JAILLET:
Le 20/10/2018 à 11:00, Rainer Jung a écrit :
Am 20.10.2018 um 10:27 schrieb Christophe JAILLET:
Le 20/10/2018 à 09:56, Rainer Jung a écrit :
Am 20.10.2018 um 09:39 schrieb Christophe JAILLET:
Le 20/10/2018 à 06:28, Rainer Jung a écrit :
Am
Le 20/10/2018 à 11:00, Rainer Jung a écrit :
Am 20.10.2018 um 10:27 schrieb Christophe JAILLET:
Le 20/10/2018 à 09:56, Rainer Jung a écrit :
Am 20.10.2018 um 09:39 schrieb Christophe JAILLET:
Le 20/10/2018 à 06:28, Rainer Jung a écrit :
Am 19.10.2018 um 23:31 schrieb Yann Ylavic:
Could not
Am 20.10.2018 um 10:27 schrieb Christophe JAILLET:
Le 20/10/2018 à 09:56, Rainer Jung a écrit :
Am 20.10.2018 um 09:39 schrieb Christophe JAILLET:
Le 20/10/2018 à 06:28, Rainer Jung a écrit :
Am 19.10.2018 um 23:31 schrieb Yann Ylavic:
Could not make the test suite framework work with 1.1.1
Le 20/10/2018 à 09:56, Rainer Jung a écrit :
Hi,
Am 20.10.2018 um 09:39 schrieb Christophe JAILLET:
Le 20/10/2018 à 06:28, Rainer Jung a écrit :
Am 19.10.2018 um 23:31 schrieb Yann Ylavic:
Could not make the test suite framework work with 1.1.1 (cpan -u
didn't help).
Although the ssl tests
I now also added r1844396 to allow setting the CA for peer cert
verification and used it in echo.t and nttp-like.t to unbreak their ssl
testing (r1844397).
I didn't find more uses of the raw sockets.
Regards,
Rainer
Am 20.10.2018 um 08:47 schrieb Rainer Jung:
To make the raw TLS socket
Hi,
Am 20.10.2018 um 09:39 schrieb Christophe JAILLET:
Le 20/10/2018 à 06:28, Rainer Jung a écrit :
Am 19.10.2018 um 23:31 schrieb Yann Ylavic:
Could not make the test suite framework work with 1.1.1 (cpan -u
didn't help).
Although the ssl tests report SUCCESS, httpd actually timeouts on
Le 20/10/2018 à 06:28, Rainer Jung a écrit :
Am 19.10.2018 um 23:31 schrieb Yann Ylavic:
Could not make the test suite framework work with 1.1.1 (cpan -u
didn't help).
Although the ssl tests report SUCCESS, httpd actually timeouts on
SSL_peek() (as already reported).
Indeed I checked my test
+1
FreeBSD 11.2-RELEASE-p4 amd64
openssl111-1.1.1_1
perl5-5.28.0
php72-7.2.11
Tested both prefork and event MPM
--
Dennis
To make the raw TLS socket tests work I added r1844393. Both, r1844389
and r1844393 are part of the /perl/Apache-Test/trunk/ external which
gets pulled into our test framework.
Regards,
Rainer
Am 20.10.2018 um 06:28 schrieb Rainer Jung:
Am 19.10.2018 um 23:31 schrieb Yann Ylavic:
Could not
Test t/security/CVE-2009-3555.t (hardening against MITM
SSL-renegotiation) fails in 2.4.37 when actually using TLS 1.3.
It is not that easy to use TLS 1.3 for this test. The test uses a raw
SSL socket created by Net::SSL, but that module is outdated and does not
support TLS 1.3.
I patched
After Yann's mail I double checked and fixed my setup to actually use
TLS 1.3 in the test suite when OpenSSL 1.1.1 is available.
I now see a new OCSP test failure, namely test 3 (revoked certificate).
The revocation is correctly detected
[Sat Oct 20 06:14:46.492343 2018] [ssl:error] [pid
12 matches
Mail list logo