[Mono-dev] Integration Tests
Miguel de Icaza
miguel at xamarin.com
Thu Feb 5 14:17:53 UTC 2015
Hello Edward,
I certainly have not run the tests, but I can not speak for others over the
years.
I appreciate the test that you wrote, and I have CCed Alex that is working
on this space now.
Miguel
On Thu, Feb 5, 2015 at 8:45 AM, Edward Ned Harvey (mono) <
edward.harvey.mono at clevertrove.com> wrote:
> > From: Miguel de Icaza [mailto:miguel at xamarin.com]
> >
> > • We are setting up a more comprehensive harness for SSL/TLS tests that
> do
> > not depend on remote servers.
>
> This is much appreciated, thank you very much. There is one thing you
> didn't mention:
>
> As far as I can tell, no mono developer has ever tested the real world use
> case of SslStream.AuthenticateAsServer with an intermediate cert connecting
> to SslStream.AuthenticateAsClient. As far as I can tell, no mono developer
> has ever bothered to run the test I provided in the pull request. The end
> result is that mono's implementation of SslStream.AuthenticateAsServer is
> simply broken, not usable, has never worked, still broken today. I have a
> dirty hacked fork of mono that made it work, but those changes not suitable
> for pull into mono (see: dirty, hacked).
>
> If it helps, I wrote a script that automates the creation of a root CA,
> intermediate, and signing of a server cert, suitable to be used in such a
> test. Even if the script doesn't get run automatically in the build
> process, it's perfectly acceptable to generate certs in advance and
> hard-code them into the tests, as is done in existing pull-request test
> today.
>
> The script is here:
>
> https://github.com/rahvee/MonoSslStreamServerBug/blob/master/certs/junkca.sh
>
> And having used the above script to generate some certs, a hard-coded
> result is stored here:
>
> https://github.com/rahvee/mono/commit/02ae92b34f47779c1962d38ffdcf6e732f10b063#diff-05497f49a91426be05c25bbebc4e3a59R59
>
> There is no reasonable reason to expect it to ever work, if it's not
> tested.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ximian.com/pipermail/mono-devel-list/attachments/20150205/913bb5ab/attachment.html>
More information about the Mono-devel-list
mailing list