From 7b1f6967c8380bd1d5b543499986ba96b2b7ab5f Mon Sep 17 00:00:00 2001 From: John Safranek Date: Thu, 1 Mar 2018 11:57:12 -0800 Subject: [PATCH 1/2] added another CA to the wolfssl website ca file --- certs/wolfssl-website-ca.pem | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/certs/wolfssl-website-ca.pem b/certs/wolfssl-website-ca.pem index ee4d6c445..807637021 100644 --- a/certs/wolfssl-website-ca.pem +++ b/certs/wolfssl-website-ca.pem @@ -44,3 +44,27 @@ Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ= -----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh +MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE +YWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3 +MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFRo +ZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28gRGFkZHkgQ2xhc3Mg +MiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQADggEN +ADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCA +PVYYYwhv2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6w +wdhFJ2+qN1j3hybX2C32qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXi +EqITLdiOr18SPaAIBQi2XKVlOARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWoriMY +avx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZEewo+ +YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0OBBYEFNLE +sNKR1EwRcbNhyz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h +/t2oatTjoWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5 +IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmlj +YXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD +ggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wimPQoZ+YeAEW5p5JYXMP80kWNy +OO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKtI3lpjbi2Tc7P +TMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ +HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER +dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf +ReYNnyicsbkqWletNw+vHX/bvZ8= +-----END CERTIFICATE----- From ecb2463bbed31f3494f317e7007d3ff21d951e6e Mon Sep 17 00:00:00 2001 From: John Safranek Date: Thu, 1 Mar 2018 15:22:38 -0800 Subject: [PATCH 2/2] modify the client external test list to skip the test case when aes and aes-gcm are disabled --- examples/client/client.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/examples/client/client.c b/examples/client/client.c index 3c010a869..bd2f2d14c 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -1358,6 +1358,15 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) done += 1; #endif + /* For the external test, if we disable AES, GoDaddy will reject the + * connection. They only currently support AES suites, RC4 and 3DES + * suites. With AES disabled we only offer PolyChacha suites. */ + #if defined(NO_AES) && !defined(HAVE_AESGCM) + if (!XSTRNCMP(domain, "www.wolfssl.com", 15)) { + done += 1; + } + #endif + if (done) { printf("external test can't be run in this mode");