On Thu, 28 May 2015, Tobias Pape wrote:

>
> On 28.05.2015, at 01:58, David T. Lewis <lewis at mail.msen.com> wrote:
>
>> Is there any reason *not* to move SqueakSSL-Core-ul.30 from inbox to
>> trunk? I know that we are finalizing a release, and also that there
>> has been some follow up discussion about parsing certificates in the
>> image, but SqueakSSL-Core-ul.30 seems like a harmless and beneficial
>> update. So unless there are objections, I would vote to move it to
>> trunk now.
>>
>
> Yes, the code does not handle non-SAN-aware plugin-versions.

"The image side code is in the Inbox[2]. It is backwards compatible -- 
everything works as before without the VM changes."

Did you experience any problems with backwards compatibility?

Levente

> We have no code for OSX/Windows yet and no VM ships with
> a compatible plugin whatsoever. I'd like to postpone this one until
> we have
> a) covered all 3 platforms and
> b) have at least one binary somewhere.
>
> Best regards
> 	-Tobias
>
>> Dave
>>
>>
>> On Tue, May 26, 2015 at 11:55:42PM +0200, Levente Uzonyi wrote:
>>> Hi All,
>>>
>>> I've implemented support for reading the domain names from the
>>> certificate's SAN extension[1] in SqueakSSL.
>>> The image side code is in the Inbox[2]. It is backwards compatible --
>>> everything works as before without the VM changes.
>>> I've also uploaded the modified files[3][4] for the unix platform, and a
>>> diff[5] (which somehow doesn't include the changes of the .h file).
>>>
>>> The VM support code for other platforms are to be done.
>>>
>>> These changes fix the failing SqueakSSL test in the Trunk, so I suggest
>>> including the .mcz file in the 4.6 release.
>>>
>>> Levente
>>>
>>> [1] https://en.wikipedia.org/wiki/SubjectAltName
>>> [2]
>>> http://lists.squeakfoundation.org/pipermail/squeak-dev/2015-May/184581.html
>>> [3] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL.h
>>> [4] http://leves.web.elte.hu/squeak/SqueakSSL/sqUnixOpenSSL.c
>>> [5] http://leves.web.elte.hu/squeak/SqueakSSL/diff.txt
>
>
>
>