[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] Implement --pinnedpubkey option to pin public keys
From: |
Tim Ruehsen |
Subject: |
Re: [Bug-wget] Implement --pinnedpubkey option to pin public keys |
Date: |
Mon, 11 Apr 2016 16:38:44 +0200 |
User-agent: |
KMail/4.14.10 (Linux/4.4.0-1-amd64; KDE/4.14.14; x86_64; ; ) |
Hi Travis,
with the latest fixes of the test suite, everything works smoothly here (just
had to remove the now obsolete TEST_NAME from your tests).
I extended your commit messages and pushed the patches.
Thanks for your work !
Tim
On Monday 04 April 2016 12:28:47 moparisthebest wrote:
> Hi all,
>
> I have now implemented tests for --pinnedpubkey, the first patch is
> unchanged from last time, the second patch has all the new test code.
>
> They all pass as long as I export SSL_TESTS as an environmental variable
> (otherwise they are skipped), I see there is code in Makefile.am that
> supposedly does that, but it's not working for me, likely because I'm
> doing something wrong...
>
> Let me know if there is anything else I can do.
>
> Thanks,
> Travis
>
> On 03/18/2016 02:10 AM, moparisthebest wrote:
> > Hi Tim,
> >
> > I've implemented your suggestions below, except the python tests, and
> > rebased on top of current HEAD, attached is the patch.
> >
> > The documentation in testenv/ says the test server doesn't support
> > https, which would be needed for this test. Has anyone started work on
> > that? Or would it be acceptable to just use socat or stunnel or similar
> > in front of the current test server?
> >
> > Thanks much,
> > Travis
> >
> > On 03/15/2016 07:50 AM, Tim Ruehsen wrote:
> >> Hi Travis,
> >>
> >> thanks for poking. I started testing... just a few more points.
> >>
> >> In wg_pin_peer_pubkey(), what is this loop do {...} while(0) about ?
> >> I looks like it is not supposed to loop (if it would, we had resource
> >> leaks). Maybe you can remove it and instead of 'break: do a 'goto
> >> end/cleanup/out' !?
> >>
> >> Please consider to use wget_read_file / wget_read_file_free() for reading
> >> the contents of a file. It also allows for stdin ('-' at the command
> >> line) which makes the new option a bit more consistent with Wget's CLI
> >> standards.
> >>
> >> Do you plan to create a python test (see testenv/) ?
> >>
> >> Regards, Tim
signature.asc
Description: This is a digitally signed message part.