[gnutls-devel] gnutls-cli OCSP test code for branch 'ocsp2'
Nikos Mavrogiannopoulos
nmav at gnutls.org
Wed Feb 4 10:54:22 CET 2015
On Tue, 2015-02-03 at 12:15 +0100, Tim Ruehsen wrote:
> Hi Nikos,
>
> I finally found a bit of time (sigh).
>
> I rebased ocsp2 on master and added some lines of code to gnutls-cli to check
> RFC6961 (OCSP multi-stapling) status.
>
> I tested with yahoo.com which I now to support OCSP (single-)stapling and had
> a look with wireshark 1.12.1. (Using 'src/gnutls-cli -d2 --ocsp yahoo.com')
>
> gnutls-cli 'Client Hello' has both 'status_request' and 'status_request_v2'
> inside. But Wireshark says 'Malformed Packet' and I am not sure what it
> doesn't like (The 'status_request_v2' has a 'request extension length' of 5.
> Not sure if this is correct.)
The message created was wrong. I've now fixed that. It's nice that
wireshark parses that extension.
regards,
Nikos
More information about the Gnutls-devel
mailing list