[Cuis-dev] SSL Tests query
kirtai+st at gmail.com
Mon Oct 26 15:55:51 PDT 2020
On 26/10/2020 14:17, Juan Vuletich wrote:
> I guess that code needs some TLC. Networking is not something I'm
> specially into, so I'd really appreciate if you and/or others in the
> community fix it.
Well, I suppose leaping in at the deep end is a way to learn, though
I've very little experience at any of this :)
So far, I've found the following
1. Client side TLS works, I can connect to a remote site and receive
data. Wireshark shows Cuis to be using TLS 1.3 which is a Very Good
Thing. (assuming it's doing it correctly)
2. The comments and tests seem to say that there is no checking of
server TLS certificates on MacOS at all. (No mac so can't test)
3. The certificate is definitely expired. It was made to last one year
so I suspect it was meant to be replaced yearly.
4. Squeak has the same certificate and most of the same test failures
and no one has apparently noticed.
5. [bug?] Transcript doesn't accept #crlf though network streams do
(Breaks WebClient logging)
6. [bug] Transcript does not display CRLF in strings properly. The CR is
shown as a character, but the following LF does nothing (no new line,
text just continues). CRLF is standard line ending for most network
7. [bug] CRLF in Workspace shows double spacing (extra lines). Found by
printIt on WebClient httpGet:
8. [bug?] Concatenating a String with a SmallInteger works in Squeak but
not Cuis. i.e. "'string', 1" fails on Cuis but returns 'string1' on
Squeak. (Breaks SqueakSSL checkCert: method)
9. Three of the tests ping Google, Yahoo and Facebook. They're just
testing TLS connection but I don't like that at all. Also, they receive
403, 400 and timeout errors.
10. Can we rename the package to Network-TLS? :)
I don't know what you want to do with the crlf & concatenation problems.
More information about the Cuis-dev