On 28.05.2015, at 01:58, David T. Lewis <lewis at mail.msen.com> wrote:

> Is there any reason *not* to move SqueakSSL-Core-ul.30 from inbox to
> trunk? I know that we are finalizing a release, and also that there
> has been some follow up discussion about parsing certificates in the
> image, but SqueakSSL-Core-ul.30 seems like a harmless and beneficial
> update. So unless there are objections, I would vote to move it to
> trunk now.
> 

Yes, the code does not handle non-SAN-aware plugin-versions.
We have no code for OSX/Windows yet and no VM ships with
a compatible plugin whatsoever. I'd like to postpone this one until
we have 
a) covered all 3 platforms and
b) have at least one binary somewhere.

Best regards
	-Tobias

> Dave
> 
> 
> On Tue, May 26, 2015 at 11:55:42PM +0200, Levente Uzonyi wrote:
>> Hi All,
>> 
>> I've implemented support for reading the domain names from the 
>> certificate's SAN extension[1] in SqueakSSL.
>> The image side code is in the Inbox[2]. It is backwards compatible -- 
>> everything works as before without the VM changes.
>> I've also uploaded the modified files[3][4] for the unix platform, and a 
>> diff[5] (which somehow doesn't include the changes of the .h file).
>> 
>> The VM support code for other platforms are to be done.
>> 
>> These changes fix the failing SqueakSSL test in the Trunk, so I suggest 
>> including the .mcz file in the 4.6 release.
>> 
>> Levente
>> 
>> [1] https://en.wikipedia.org/wiki/SubjectAltName
>> [2] 
>> http://lists.squeakfoundation.org/pipermail/squeak-dev/2015-May/184581.html
>> [3] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL.h
>> [4] http://leves.web.elte.hu/squeak/SqueakSSL/sqUnixOpenSSL.c
>> [5] http://leves.web.elte.hu/squeak/SqueakSSL/diff.txt