Hi,
I've implemented support for TLS SNI[1] for SqueakSSL on unix. I've uploaded the modified source files[2][3], a diff[4], and a prebuilt module[5] (built on Ubuntu 14.04 from the Cog branch). The image side code is also available[6], along with an updated version of the WebClient[7] package, and intermediate packages with various improvements[8]. The image side code works even if the plugin doesn't support TLS SNI, but this version of WebClient won't work with older versions of the SqueakSSL-Core package. Please review the changes, and consider adding them to the corresponding repositories!
Levente
[1] https://en.wikipedia.org/wiki/Server_Name_Indication [2] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL.h [3] http://leves.web.elte.hu/squeak/SqueakSSL/sqUnixOpenSSL.c [4] http://leves.web.elte.hu/squeak/SqueakSSL/diff.txt [5] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL [6] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL-Core-ul.29.mcz [7] http://leves.web.elte.hu/squeak/SqueakSSL/WebClient-Core-ul.98.mcz [8] http://leves.web.elte.hu/squeak/SqueakSSL/
On Thu, Oct 16, 2014 at 01:46:45PM +0200, Levente Uzonyi wrote:
Hi,
I've implemented support for TLS SNI[1] for SqueakSSL on unix. I've uploaded the modified source files[2][3], a diff[4], and a prebuilt module[5] (built on Ubuntu 14.04 from the Cog branch). The image side code is also available[6], along with an updated version of the WebClient[7] package, and intermediate packages with various improvements[8]. The image side code works even if the plugin doesn't support TLS SNI, but this version of WebClient won't work with older versions of the SqueakSSL-Core package. Please review the changes, and consider adding them to the corresponding repositories!
Levente
[1] https://en.wikipedia.org/wiki/Server_Name_Indication [2] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL.h [3] http://leves.web.elte.hu/squeak/SqueakSSL/sqUnixOpenSSL.c [4] http://leves.web.elte.hu/squeak/SqueakSSL/diff.txt [5] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL [6] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL-Core-ul.29.mcz [7] http://leves.web.elte.hu/squeak/SqueakSSL/WebClient-Core-ul.98.mcz [8] http://leves.web.elte.hu/squeak/SqueakSSL/
Thanks Levente,
For the VM plugin, I entered this as Mantis 7824: Add TLS SNI Server Name Indication support to SqueakSSL plugin
http://bugs.squeak.org/view.php?id=7824
Dave
Thanks Dave,
IIRC Cog and Trunk use the same plugin directory, so all changes are shared, including http://bugs.squeak.org/view.php?id=7793 .
Levente
On Thu, 16 Oct 2014, David T. Lewis wrote:
On Thu, Oct 16, 2014 at 01:46:45PM +0200, Levente Uzonyi wrote:
Hi,
I've implemented support for TLS SNI[1] for SqueakSSL on unix. I've uploaded the modified source files[2][3], a diff[4], and a prebuilt module[5] (built on Ubuntu 14.04 from the Cog branch). The image side code is also available[6], along with an updated version of the WebClient[7] package, and intermediate packages with various improvements[8]. The image side code works even if the plugin doesn't support TLS SNI, but this version of WebClient won't work with older versions of the SqueakSSL-Core package. Please review the changes, and consider adding them to the corresponding repositories!
Levente
[1] https://en.wikipedia.org/wiki/Server_Name_Indication [2] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL.h [3] http://leves.web.elte.hu/squeak/SqueakSSL/sqUnixOpenSSL.c [4] http://leves.web.elte.hu/squeak/SqueakSSL/diff.txt [5] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL [6] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL-Core-ul.29.mcz [7] http://leves.web.elte.hu/squeak/SqueakSSL/WebClient-Core-ul.98.mcz [8] http://leves.web.elte.hu/squeak/SqueakSSL/
Thanks Levente,
For the VM plugin, I entered this as Mantis 7824: Add TLS SNI Server Name Indication support to SqueakSSL plugin
http://bugs.squeak.org/view.php?id=7824
Dave
Hi,
On 16.10.2014, at 13:46, Levente Uzonyi leves@elte.hu wrote:
Hi,
I've implemented support for TLS SNI[1] for SqueakSSL on unix. I've uploaded the modified source files[2][3], a diff[4], and a prebuilt module[5] (built on Ubuntu 14.04 from the Cog branch). The image side code is also available[6], along with an updated version of the WebClient[7] package, and intermediate packages with various improvements[8]. The image side code works even if the plugin doesn't support TLS SNI, but this version of WebClient won't work with older versions of the SqueakSSL-Core package. Please review the changes, and consider adding them to the corresponding repositories!
Levente
[1] https://en.wikipedia.org/wiki/Server_Name_Indication [2] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL.h [3] http://leves.web.elte.hu/squeak/SqueakSSL/sqUnixOpenSSL.c [4] http://leves.web.elte.hu/squeak/SqueakSSL/diff.txt [5] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL [6] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL-Core-ul.29.mcz [7] http://leves.web.elte.hu/squeak/SqueakSSL/WebClient-Core-ul.98.mcz [8] http://leves.web.elte.hu/squeak/SqueakSSL/
I have things for OSX i think. Can someone confirm?
Best -Tobias
On Fri, Apr 10, 2015 at 02:17:45AM +0200, Tobias Pape wrote:
Hi,
On 16.10.2014, at 13:46, Levente Uzonyi leves@elte.hu wrote:
Hi,
I've implemented support for TLS SNI[1] for SqueakSSL on unix. I've uploaded the modified source files[2][3], a diff[4], and a prebuilt module[5] (built on Ubuntu 14.04 from the Cog branch). The image side code is also available[6], along with an updated version of the WebClient[7] package, and intermediate packages with various improvements[8]. The image side code works even if the plugin doesn't support TLS SNI, but this version of WebClient won't work with older versions of the SqueakSSL-Core package. Please review the changes, and consider adding them to the corresponding repositories!
Levente
[1] https://en.wikipedia.org/wiki/Server_Name_Indication [2] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL.h [3] http://leves.web.elte.hu/squeak/SqueakSSL/sqUnixOpenSSL.c [4] http://leves.web.elte.hu/squeak/SqueakSSL/diff.txt [5] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL [6] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL-Core-ul.29.mcz [7] http://leves.web.elte.hu/squeak/SqueakSSL/WebClient-Core-ul.98.mcz [8] http://leves.web.elte.hu/squeak/SqueakSSL/
I have things for OSX i think. Can someone confirm?
Best -Tobias
I added this to http://bugs.squeak.org/view.php?id=7824
Dave
Here's a Mac bundle, if someone is interested
On 10.04.2015, at 03:02, David T. Lewis lewis@mail.msen.com wrote:
On Fri, Apr 10, 2015 at 02:17:45AM +0200, Tobias Pape wrote:
Hi,
On 16.10.2014, at 13:46, Levente Uzonyi leves@elte.hu wrote:
Hi,
I've implemented support for TLS SNI[1] for SqueakSSL on unix. I've uploaded the modified source files[2][3], a diff[4], and a prebuilt module[5] (built on Ubuntu 14.04 from the Cog branch). The image side code is also available[6], along with an updated version of the WebClient[7] package, and intermediate packages with various improvements[8]. The image side code works even if the plugin doesn't support TLS SNI, but this version of WebClient won't work with older versions of the SqueakSSL-Core package. Please review the changes, and consider adding them to the corresponding repositories!
Levente
[1] https://en.wikipedia.org/wiki/Server_Name_Indication [2] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL.h [3] http://leves.web.elte.hu/squeak/SqueakSSL/sqUnixOpenSSL.c [4] http://leves.web.elte.hu/squeak/SqueakSSL/diff.txt [5] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL [6] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL-Core-ul.29.mcz [7] http://leves.web.elte.hu/squeak/SqueakSSL/WebClient-Core-ul.98.mcz [8] http://leves.web.elte.hu/squeak/SqueakSSL/
I have things for OSX i think. Can someone confirm?
Best -Tobias
I added this to http://bugs.squeak.org/view.php?id=7824
Dave
I'm sure there's interest, because websites with wildcard certificates (which means most large websites) don't work without the SNI extension.
I read through your code, and it looks good to me. The "if(" -> "if (" rewrite was a bit annoying though. Maybe you should CC th vm-dev list, or just ping Eliot to get it into the Cog branch.
Levente
On Fri, 10 Apr 2015, Tobias Pape wrote:
Here's a Mac bundle, if someone is interested
On 10.04.2015, at 03:02, David T. Lewis lewis@mail.msen.com wrote:
On Fri, Apr 10, 2015 at 02:17:45AM +0200, Tobias Pape wrote:
Hi,
On 16.10.2014, at 13:46, Levente Uzonyi leves@elte.hu wrote:
Hi,
I've implemented support for TLS SNI[1] for SqueakSSL on unix. I've uploaded the modified source files[2][3], a diff[4], and a prebuilt module[5] (built on Ubuntu 14.04 from the Cog branch). The image side code is also available[6], along with an updated version of the WebClient[7] package, and intermediate packages with various improvements[8]. The image side code works even if the plugin doesn't support TLS SNI, but this version of WebClient won't work with older versions of the SqueakSSL-Core package. Please review the changes, and consider adding them to the corresponding repositories!
Levente
[1] https://en.wikipedia.org/wiki/Server_Name_Indication [2] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL.h [3] http://leves.web.elte.hu/squeak/SqueakSSL/sqUnixOpenSSL.c [4] http://leves.web.elte.hu/squeak/SqueakSSL/diff.txt [5] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL [6] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL-Core-ul.29.mcz [7] http://leves.web.elte.hu/squeak/SqueakSSL/WebClient-Core-ul.98.mcz [8] http://leves.web.elte.hu/squeak/SqueakSSL/
I have things for OSX i think. Can someone confirm?
Best -Tobias
I added this to http://bugs.squeak.org/view.php?id=7824
Dave
Hey
On 10.04.2015, at 15:33, Levente Uzonyi leves@elte.hu wrote:
I'm sure there's interest, because websites with wildcard certificates (which means most large websites) don't work without the SNI extension.
I read through your code, and it looks good to me. The "if(" -> "if (" rewrite was a bit annoying though.
Sorry :/
Maybe you should CC th vm-dev list, or just ping Eliot to get it into the Cog branch.
Ok, hello vm-dev. I also attached a new version of sqMacSSL.c, I made a small protocol selection error before.
Sadly, I cannot attach it to the mantis bug due to a "duplicate file" error.
Best -Tobias
Levente
On Fri, 10 Apr 2015, Tobias Pape wrote:
Here's a Mac bundle, if someone is interested
On 10.04.2015, at 03:02, David T. Lewis lewis@mail.msen.com wrote:
On Fri, Apr 10, 2015 at 02:17:45AM +0200, Tobias Pape wrote:
Hi,
On 16.10.2014, at 13:46, Levente Uzonyi leves@elte.hu wrote:
Hi,
I've implemented support for TLS SNI[1] for SqueakSSL on unix. I've uploaded the modified source files[2][3], a diff[4], and a prebuilt module[5] (built on Ubuntu 14.04 from the Cog branch). The image side code is also available[6], along with an updated version of the WebClient[7] package, and intermediate packages with various improvements[8]. The image side code works even if the plugin doesn't support TLS SNI, but this version of WebClient won't work with older versions of the SqueakSSL-Core package. Please review the changes, and consider adding them to the corresponding repositories!
Levente
[1] https://en.wikipedia.org/wiki/Server_Name_Indication [2] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL.h [3] http://leves.web.elte.hu/squeak/SqueakSSL/sqUnixOpenSSL.c [4] http://leves.web.elte.hu/squeak/SqueakSSL/diff.txt [5] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL [6] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL-Core-ul.29.mcz [7] http://leves.web.elte.hu/squeak/SqueakSSL/WebClient-Core-ul.98.mcz [8] http://leves.web.elte.hu/squeak/SqueakSSL/
I have things for OSX i think. Can someone confirm?
Best -Tobias
I added this to http://bugs.squeak.org/view.php?id=7824
Dave
Hi again,
On 15.04.2015, at 10:47, Tobias Pape Das.Linux@gmx.de wrote:
Hey
On 10.04.2015, at 15:33, Levente Uzonyi leves@elte.hu wrote:
I'm sure there's interest, because websites with wildcard certificates (which means most large websites) don't work without the SNI extension.
I read through your code, and it looks good to me. The "if(" -> "if (" rewrite was a bit annoying though.
Sorry :/
Maybe you should CC th vm-dev list, or just ping Eliot to get it into the Cog branch.
Ok, hello vm-dev. I also attached a new version of sqMacSSL.c, I made a small protocol selection error before.
Sadly, I cannot attach it to the mantis bug due to a "duplicate file" error.
Same deal, different little change. Best regards -Tobias
squeak-dev@lists.squeakfoundation.org