[Cuis-dev] SSL Tests query

[Douglas Brebner]

On 26/10/2020 14:17, Juan Vuletich wrote:
> I guess that code needs some TLC. Networking is not something I'm 
> specially into, so I'd really appreciate if you and/or others in the 
> community fix it.
>
Well, I suppose leaping in at the deep end is a way to learn, though 
I've very little experience at any of this :)


So far, I've found the following

1. Client side TLS works, I can connect to a remote site and receive 
data. Wireshark shows Cuis to be using TLS 1.3 which is a Very Good 
Thing. (assuming it's doing it correctly)

2. The comments and tests seem to say that there is no checking of 
server TLS certificates on MacOS at all. (No mac so can't test)

3. The certificate is definitely expired. It was made to last one year 
so I suspect it was meant to be replaced yearly.

4. Squeak has the same certificate and most of the same test failures 
and no one has apparently noticed.

5. [bug?] Transcript doesn't accept #crlf though network streams do 
(Breaks WebClient logging)

6. [bug] Transcript does not display CRLF in strings properly. The CR is 
shown as a character, but the following LF does nothing (no new line, 
text just continues). CRLF is standard line ending for most network 
protocols.

7. [bug] CRLF in Workspace shows double spacing (extra lines). Found by 
printIt on WebClient httpGet:

8. [bug?] Concatenating a String with a SmallInteger works in Squeak but 
not Cuis. i.e. "'string', 1" fails on Cuis but returns 'string1' on 
Squeak. (Breaks SqueakSSL checkCert: method)

9. Three of the tests ping Google, Yahoo and Facebook. They're just 
testing TLS connection but I don't like that at all. Also, they receive 
403, 400 and timeout errors.

10. Can we rename the package to Network-TLS? :)


I don't know what you want to do with the crlf & concatenation problems.