cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: WolfSSL version problems

From: Ray Satiro via curl-library <curl-library_at_cool.haxx.se>
Date: Thu, 26 Mar 2015 15:25:04 -0400

On 3/26/2015 1:49 PM, Gisle Vanem wrote:
> CyaSSL was renamed to WolfSSL some time ago. Libcurl and
> vtls/cyassl.c seems to suffer from this. I got the message:
>
> * CyaSSL <3.3.0 cannot be configured to use TLS 1.0-1.2, TLS 1.0
> is used exclusively
>
> because of this:
> #if (LIBCYASSL_VERSION_HEX >= 0x03003000) /* 3.3.0 */
>
> My CyaSSL/version.h has only:
> #define LIBWOLFSSL_VERSION_HEX 0x03004004

There's supposed to be backwards compatibility with CyaSSL. I didn't
have that problem when I wrote it. What commits do you have checked out?
I just tested with wolfSSL master 0f42163 2015-03-26 and curl master
559e2cc 2015-03-26 and it was fine. My wolfSSL repo cyassl/version.h has:
#define LIBCYASSL_VERSION_HEX LIBWOLFSSL_VERSION_HEX

> But there are more problems. With:
> curl -v https://www.ssllabs.com/ssltest/viewMyClient.html
>
> I get:
> * subject alt name(s) or common name do not match "www.ssllabs.com"
>
> I see no problem with the CERT from a trace to www.ssllabs.com.
> Or in Google Chrome. Adding a '-k' helps though.

Yup I can confirm here. I have the same problem with www.howsmyssl.com

alt names:
DNS Name: www.howsmyssl.com
DNS Name: howsmytls.com
DNS Name: www.howsmytls.com
DNS Name: howsmyssl.com
Though I can do the CN like curl -v https://howsmyssl.com -H "Host:
www.howsmyssl.com"

I'll check it out.

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2015-03-26