[Dillo-dev] an experiment using mbed TLS
11 views
Skip to first unread message
eocene
Jun 19, 2016, 4:50:59 PM6/19/16
to dill...@dillo.org
I wanted to see what it would take to use mbed tls with dillo.
I put a copy of the diff at http://www.dillo.org/test/mbedtls.diff
and I mention it here in case someone should want that one day.
That said, it looks like netsurf uses curl, and curl can use any
tls library you care to mention. And I'm pretty sure netsurf does
javascript.
_______________________________________________
Dillo-dev mailing list
Dill...@dillo.org
http://lists.dillo.org/cgi-bin/mailman/listinfo/dillo-dev
Jorge Arellano Cid
Jun 19, 2016, 10:12:06 PM6/19/16
to dill...@dillo.org
Hi,
On Sun, Jun 19, 2016 at 08:48:28PM +0000, eocene wrote:
>
> I wanted to see what it would take to use mbed tls with dillo.
>
> I put a copy of the diff at http://www.dillo.org/test/mbedtls.diff
> and I mention it here in case someone should want that one day.
What's the main point/difference in using mbedtls vs OpenSSL?
> That said, it looks like netsurf uses curl, and curl can use any
> tls library you care to mention. And I'm pretty sure netsurf does
> javascript.
Sorry, I don't get the point here.
--
Cheers
Jorge.-
On Sun, Jun 19, 2016 at 08:48:28PM +0000, eocene wrote:
>
> I wanted to see what it would take to use mbed tls with dillo.
>
> I put a copy of the diff at http://www.dillo.org/test/mbedtls.diff
> and I mention it here in case someone should want that one day.
> That said, it looks like netsurf uses curl, and curl can use any
> tls library you care to mention. And I'm pretty sure netsurf does
> javascript.
--
Cheers
Jorge.-
eocene
Jun 19, 2016, 11:33:51 PM6/19/16
to dill...@dillo.org
> What's the main point/difference in using mbedtls vs OpenSSL?
OpenSSL is such a notorious nightmare--one gets the distinct
impression that the developers have not taken their responsibility
seriously--that I was curious to try a different one that is
supposed to be more comprehensible.
mbed tls had been on my mind as something I might want to try
someday after they implement OCSP stapling, but then I was just in
the mood for it the other day.
As for how practical it would ever be to have this code in the real
dillo someday, I think that comes down to: How good are distributions
at making security updates available for their more obscure packages?
> > That said, it looks like netsurf uses curl, and curl can use any
> > tls library you care to mention. And I'm pretty sure netsurf does
> > javascript.
>
> Sorry, I don't get the point here.
they wanted a small browser that works with mbed tls, dillo might
not be the first choice.
Johannes Hofmann
Jun 20, 2016, 4:13:12 AM6/20/16
to dill...@dillo.org
On Sun, Jun 19, 2016 at 08:48:28PM +0000, eocene wrote:
>
>
> I wanted to see what it would take to use mbed tls with dillo.
>
> I put a copy of the diff at http://www.dillo.org/test/mbedtls.diff
> and I mention it here in case someone should want that one day.
Excellent. I like mbedtls (formerly known as PolarSSL). The code
>
> I put a copy of the diff at http://www.dillo.org/test/mbedtls.diff
> and I mention it here in case someone should want that one day.
looks much saner to me than openssl.
Cheers,
Johannes
eocene
Jun 20, 2016, 1:43:22 PM6/20/16
to dill...@dillo.org
I wrote:
> As for how practical it would ever be to have this code in the real
> dillo someday, I think that comes down to: How good are distributions
> at making security updates available for their more obscure packages?
I realized this is an exceedingly trivial concern when compared with the
> As for how practical it would ever be to have this code in the real
> dillo someday, I think that comes down to: How good are distributions
> at making security updates available for their more obscure packages?
fact that distributions have configured dillo with --enable-ssl for
years despite the state of the old dpi and our all-caps warnings, thereby
causing users to trust something they shouldn't.
Jorge Arellano Cid
Jun 24, 2016, 11:36:44 AM6/24/16
to dill...@dillo.org
On Mon, Jun 20, 2016 at 10:10:54AM +0200, Johannes Hofmann wrote:
> On Sun, Jun 19, 2016 at 08:48:28PM +0000, eocene wrote:
> >
> > I wanted to see what it would take to use mbed tls with dillo.
> >
> > I put a copy of the diff at http://www.dillo.org/test/mbedtls.diff
> > and I mention it here in case someone should want that one day.
>
> Excellent. I like mbedtls (formerly known as PolarSSL). The code
> looks much saner to me than openssl.
If you both agree it's a better lib than OpenSSL, +1.
> On Sun, Jun 19, 2016 at 08:48:28PM +0000, eocene wrote:
> >
> > I wanted to see what it would take to use mbed tls with dillo.
> >
> > I put a copy of the diff at http://www.dillo.org/test/mbedtls.diff
> > and I mention it here in case someone should want that one day.
>
> Excellent. I like mbedtls (formerly known as PolarSSL). The code
> looks much saner to me than openssl.
--
Cheers
Jorge.-
eocene
Jul 3, 2016, 12:40:12 PM7/3/16
to dill...@dillo.org
Jorge wrote:
> On Mon, Jun 20, 2016 at 10:10:54AM +0200, Johannes Hofmann wrote:
> > On Sun, Jun 19, 2016 at 08:48:28PM +0000, eocene wrote:
> > >
> > > I wanted to see what it would take to use mbed tls with dillo.
> > >
> > > I put a copy of the diff at http://www.dillo.org/test/mbedtls.diff
> > > and I mention it here in case someone should want that one day.
> >
> > Excellent. I like mbedtls (formerly known as PolarSSL). The code
> > looks much saner to me than openssl.
>
> If you both agree it's a better lib than OpenSSL, +1.
All right, then. *commits*
> On Mon, Jun 20, 2016 at 10:10:54AM +0200, Johannes Hofmann wrote:
> > On Sun, Jun 19, 2016 at 08:48:28PM +0000, eocene wrote:
> > >
> > > I wanted to see what it would take to use mbed tls with dillo.
> > >
> > > I put a copy of the diff at http://www.dillo.org/test/mbedtls.diff
> > > and I mention it here in case someone should want that one day.
> >
> > Excellent. I like mbedtls (formerly known as PolarSSL). The code
> > looks much saner to me than openssl.
>
> If you both agree it's a better lib than OpenSSL, +1.
If you need mbed TLS 2.x: https://tls.mbed.org/download
If you watch the MSGs, you'll see I've turned off the certificate chain
printing and instead show a more concise summary at shutdown of which
root certificates were used to verify communication with which servers.
And at startup it'll tell you how many such certificates you are trusting.
By default, I had 174, but I've trimmed them down on this computer to...twenty
at the moment because I never need the ones from certificate authorities in
China, Turkey, Hungary, etc.
Nick Warne
Jul 3, 2016, 2:05:54 PM7/3/16
to dill...@dillo.org
On Sun, 3 Jul 2016 16:37:56 +0000
eocene <eoc...@gmx.com> wrote:
> Jorge wrote:
> > On Mon, Jun 20, 2016 at 10:10:54AM +0200, Johannes Hofmann wrote:
> > > On Sun, Jun 19, 2016 at 08:48:28PM +0000, eocene wrote:
> > > >
> > > > I wanted to see what it would take to use mbed tls with dillo.
> > > >
> > > > I put a copy of the diff at
> > > > http://www.dillo.org/test/mbedtls.diff and I mention it here in
> > > > case someone should want that one day.
> > >
> > > Excellent. I like mbedtls (formerly known as PolarSSL). The code
> > > looks much saner to me than openssl.
> >
> > If you both agree it's a better lib than OpenSSL, +1.
>
> All right, then. *commits*
>
> If you need mbed TLS 2.x: https://tls.mbed.org/download
Ha ha.... that got me. I updated Dillo, and found SSL sites don't
eocene <eoc...@gmx.com> wrote:
> Jorge wrote:
> > On Mon, Jun 20, 2016 at 10:10:54AM +0200, Johannes Hofmann wrote:
> > > On Sun, Jun 19, 2016 at 08:48:28PM +0000, eocene wrote:
> > > >
> > > > I wanted to see what it would take to use mbed tls with dillo.
> > > >
> > > > I put a copy of the diff at
> > > > http://www.dillo.org/test/mbedtls.diff and I mention it here in
> > > > case someone should want that one day.
> > >
> > > Excellent. I like mbedtls (formerly known as PolarSSL). The code
> > > looks much saner to me than openssl.
> >
> > If you both agree it's a better lib than OpenSSL, +1.
>
> All right, then. *commits*
>
> If you need mbed TLS 2.x: https://tls.mbed.org/download
work. So I clicked on the above link... doesn't work as it is SSL :)
Nick
--
Gosh that takes me back... or is it forward? That's the trouble with
time travel, you never can tell."
-- Doctor Who "Androids of Tara"
Nick Warne
Jul 3, 2016, 2:40:25 PM7/3/16
to dill...@dillo.org
On Sun, 3 Jul 2016 19:03:42 +0100
Nick Warne <ni...@linicks.net> wrote:
> On Sun, 3 Jul 2016 16:37:56 +0000
> eocene <eoc...@gmx.com> wrote:
>
> > Jorge wrote:
> > > On Mon, Jun 20, 2016 at 10:10:54AM +0200, Johannes Hofmann
> > > wrote:
> > > > On Sun, Jun 19, 2016 at 08:48:28PM +0000, eocene wrote:
> > > > >
> > > > > I wanted to see what it would take to use mbed tls with dillo.
> > > > >
> > > > > I put a copy of the diff at
> > > > > http://www.dillo.org/test/mbedtls.diff and I mention it here
> > > > > in case someone should want that one day.
> > > >
> > > > Excellent. I like mbedtls (formerly known as PolarSSL). The code
> > > > looks much saner to me than openssl.
> > >
> > > If you both agree it's a better lib than OpenSSL, +1.
> >
> > All right, then. *commits*
> >
> > If you need mbed TLS 2.x: https://tls.mbed.org/download
>
> Ha ha.... that got me. I updated Dillo, and found SSL sites don't
> work. So I clicked on the above link... doesn't work as it is SSL :)
OK, what do I need to do to build this after an hour of head scratching:
Nick Warne <ni...@linicks.net> wrote:
> On Sun, 3 Jul 2016 16:37:56 +0000
> eocene <eoc...@gmx.com> wrote:
>
> > Jorge wrote:
> > > On Mon, Jun 20, 2016 at 10:10:54AM +0200, Johannes Hofmann
> > > wrote:
> > > > On Sun, Jun 19, 2016 at 08:48:28PM +0000, eocene wrote:
> > > > >
> > > > > I wanted to see what it would take to use mbed tls with dillo.
> > > > >
> > > > > I put a copy of the diff at
> > > > > http://www.dillo.org/test/mbedtls.diff and I mention it here
> > > > > in case someone should want that one day.
> > > >
> > > > Excellent. I like mbedtls (formerly known as PolarSSL). The code
> > > > looks much saner to me than openssl.
> > >
> > > If you both agree it's a better lib than OpenSSL, +1.
> >
> > All right, then. *commits*
> >
> > If you need mbed TLS 2.x: https://tls.mbed.org/download
>
> Ha ha.... that got me. I updated Dillo, and found SSL sites don't
> work. So I clicked on the above link... doesn't work as it is SSL :)
checking mbedtls/ssl.h usability... no
checking mbedtls/ssl.h presence... yes
configure: WARNING: mbedtls/ssl.h: present but cannot be compiled
configure: WARNING: mbedtls/ssl.h: check for missing prerequisite
headers? configure: WARNING: mbedtls/ssl.h: see the Autoconf
documentation configure: WARNING: mbedtls/ssl.h: section "Present
But Cannot Be Compiled" configure: WARNING: mbedtls/ssl.h: proceeding
with the compiler's result checking for mbedtls/ssl.h... no
configure: WARNING: *** mbed TLS 2 not found. Disabling SSL/HTTPS/TLS
support. ***
Thanks,
eocene
Jul 3, 2016, 4:09:19 PM7/3/16
to dill...@dillo.org
Nick wrote:
> OK, what do I need to do to build this after an hour of head scratching:
>
> checking mbedtls/ssl.h usability... no
> checking mbedtls/ssl.h presence... yes
> configure: WARNING: mbedtls/ssl.h: present but cannot be compiled
> configure: WARNING: mbedtls/ssl.h: check for missing prerequisite
> headers? configure: WARNING: mbedtls/ssl.h: see the Autoconf
> documentation configure: WARNING: mbedtls/ssl.h: section "Present
> But Cannot Be Compiled" configure: WARNING: mbedtls/ssl.h: proceeding
> with the compiler's result checking for mbedtls/ssl.h... no
> configure: WARNING: *** mbed TLS 2 not found. Disabling SSL/HTTPS/TLS
> support. ***
IIRC, Jeremy was the closest we had to an autoconf expert, but he hasn't
> OK, what do I need to do to build this after an hour of head scratching:
>
> checking mbedtls/ssl.h usability... no
> checking mbedtls/ssl.h presence... yes
> configure: WARNING: mbedtls/ssl.h: present but cannot be compiled
> configure: WARNING: mbedtls/ssl.h: check for missing prerequisite
> headers? configure: WARNING: mbedtls/ssl.h: see the Autoconf
> documentation configure: WARNING: mbedtls/ssl.h: section "Present
> But Cannot Be Compiled" configure: WARNING: mbedtls/ssl.h: proceeding
> with the compiler's result checking for mbedtls/ssl.h... no
> configure: WARNING: *** mbed TLS 2 not found. Disabling SSL/HTTPS/TLS
> support. ***
been around.
Is anything interesting in the mbedtls region of the config.log file?
I don't remember ever seeing quite that sort of set of warnings out
of autoconf before.
eocene
Jul 3, 2016, 4:36:32 PM7/3/16
to dill...@dillo.org
I wrote:
> Nick wrote:
> > OK, what do I need to do to build this after an hour of head scratching:
> >
> > checking mbedtls/ssl.h usability... no
> > checking mbedtls/ssl.h presence... yes
> > configure: WARNING: mbedtls/ssl.h: present but cannot be compiled
> > configure: WARNING: mbedtls/ssl.h: check for missing prerequisite
> > headers? configure: WARNING: mbedtls/ssl.h: see the Autoconf
> > documentation configure: WARNING: mbedtls/ssl.h: section "Present
> > But Cannot Be Compiled" configure: WARNING: mbedtls/ssl.h: proceeding
> > with the compiler's result checking for mbedtls/ssl.h... no
> > configure: WARNING: *** mbed TLS 2 not found. Disabling SSL/HTTPS/TLS
> > support. ***
>
> IIRC, Jeremy was the closest we had to an autoconf expert, but he hasn't
> been around.
>
> Is anything interesting in the mbedtls region of the config.log file?
>
> I don't remember ever seeing quite that sort of set of warnings out
> of autoconf before.
I was able to reproduce the problem by uninstalling mbed tls and then
> Nick wrote:
> > OK, what do I need to do to build this after an hour of head scratching:
> >
> > checking mbedtls/ssl.h usability... no
> > checking mbedtls/ssl.h presence... yes
> > configure: WARNING: mbedtls/ssl.h: present but cannot be compiled
> > configure: WARNING: mbedtls/ssl.h: check for missing prerequisite
> > headers? configure: WARNING: mbedtls/ssl.h: see the Autoconf
> > documentation configure: WARNING: mbedtls/ssl.h: section "Present
> > But Cannot Be Compiled" configure: WARNING: mbedtls/ssl.h: proceeding
> > with the compiler's result checking for mbedtls/ssl.h... no
> > configure: WARNING: *** mbed TLS 2 not found. Disabling SSL/HTTPS/TLS
> > support. ***
>
> IIRC, Jeremy was the closest we had to an autoconf expert, but he hasn't
> been around.
>
> Is anything interesting in the mbedtls region of the config.log file?
>
> I don't remember ever seeing quite that sort of set of warnings out
> of autoconf before.
pointing to it during configuration with CPPFLAGS to the include dir
and LDFLAGS to the lib dir.
Making the attached changes makes it succeed, although I've only
gotten just that far at the moment and haven't looked into whether
it's an error on their part or what...
eocene
Jul 3, 2016, 5:11:45 PM7/3/16
to dill...@dillo.org
Nick Warne
Jul 4, 2016, 1:11:08 AM7/4/16
to dill...@dillo.org
On Sun, 3 Jul 2016 21:09:40 +0000
eocene <eoc...@gmx.com> wrote:
> I wrote:
> > I wrote:
> > > Nick wrote:
> > > > OK, what do I need to do to build this after an hour of head
> > > > scratching:
eocene <eoc...@gmx.com> wrote:
> I wrote:
> > I wrote:
> > > Nick wrote:
> > > > OK, what do I need to do to build this after an hour of head
> > > > scratching:
> > Making the attached changes makes it succeed, although I've only
> > gotten just that far at the moment and haven't looked into whether
> > it's an error on their part or what...
>
> Their bug: https://github.com/ARMmbed/mbedtls/issues/522
Good catch - all builds fine now - thanks,
> > gotten just that far at the moment and haven't looked into whether
> > it's an error on their part or what...
>
> Their bug: https://github.com/ARMmbed/mbedtls/issues/522
Nick
--
Gosh that takes me back... or is it forward? That's the trouble with
time travel, you never can tell."
-- Doctor Who "Androids of Tara"
Nick Warne
Jul 4, 2016, 12:31:35 PM7/4/16
to dill...@dillo.org
On Mon, 4 Jul 2016 06:08:58 +0100
Nick Warne <ni...@linicks.net> wrote:
> On Sun, 3 Jul 2016 21:09:40 +0000
> eocene <eoc...@gmx.com> wrote:
>
> > I wrote:
> > > I wrote:
> > > > Nick wrote:
> > > > > OK, what do I need to do to build this after an hour of head
> > > > > scratching:
> > > Making the attached changes makes it succeed, although I've only
> > > gotten just that far at the moment and haven't looked into whether
> > > it's an error on their part or what...
> >
> > Their bug: https://github.com/ARMmbed/mbedtls/issues/522
>
> Good catch - all builds fine now - thanks,
A bit premature here. I quickly ran ./configure before work and
Nick Warne <ni...@linicks.net> wrote:
> On Sun, 3 Jul 2016 21:09:40 +0000
> eocene <eoc...@gmx.com> wrote:
>
> > I wrote:
> > > I wrote:
> > > > Nick wrote:
> > > > > OK, what do I need to do to build this after an hour of head
> > > > > scratching:
> > > Making the attached changes makes it succeed, although I've only
> > > gotten just that far at the moment and haven't looked into whether
> > > it's an error on their part or what...
> >
> > Their bug: https://github.com/ARMmbed/mbedtls/issues/522
>
> Good catch - all builds fine now - thanks,
configure worked OK. But tonight, run make, my linker bombed out with:
/usr/lib/gcc/i486-slackware-linux/4.8.2/../../../../i486-slackware-linux/bin/ld:
cannot find
-libmbedtls /usr/lib/gcc/i486-slackware-linux/4.8.2/../../../../i486-slackware-linux/bin/ld:
cannot find
-libmbedx509 /usr/lib/gcc/i486-slackware-linux/4.8.2/../../../../i486-slackware-linux/bin/ld:
cannot find -libmbedcrypto
Strange, as ldconfig -v reveals:
/usr/local/lib:
libmbedcrypto.so.0 -> libmbedcrypto.so.2.3.0
libmbedtls.so.10 -> libmbedtls.so.2.3.0
libmbedx509.so.0 -> libmbedx509.so.2.3.0
Anyway, an hour of investing, it turns out the linker flags are
incorrect - changing in configure fixed it up:
if test "x$ssl_ok" = "xyes"; then
LIBSSL_LIBS="-libmbedtls -libmbedx509 -libmbedcrypto"
Should be -lmbedtls, -lmbedx509 and -lmbedcrypto
All really does build fine now :)
mbedtls seems to work well - seems a tad quicker too.
eocene
Jul 4, 2016, 1:04:01 PM7/4/16
to dill...@dillo.org
Nick wrote:
> A bit premature here. I quickly ran ./configure before work and
> configure worked OK. But tonight, run make, my linker bombed out with:
>
> /usr/lib/gcc/i486-slackware-linux/4.8.2/../../../../i486-slackware-linux/bin/ld:
> cannot find
> -libmbedtls /usr/lib/gcc/i486-slackware-linux/4.8.2/../../../../i486-slackware-linux/bin/ld:
> cannot find
> -libmbedx509 /usr/lib/gcc/i486-slackware-linux/4.8.2/../../../../i486-slackware-linux/bin/ld:
> cannot find -libmbedcrypto
>
> Strange, as ldconfig -v reveals:
>
> /usr/local/lib:
> libmbedcrypto.so.0 -> libmbedcrypto.so.2.3.0
> libmbedtls.so.10 -> libmbedtls.so.2.3.0
> libmbedx509.so.0 -> libmbedx509.so.2.3.0
>
> Anyway, an hour of investing, it turns out the linker flags are
> incorrect - changing in configure fixed it up:
>
> if test "x$ssl_ok" = "xyes"; then
> LIBSSL_LIBS="-libmbedtls -libmbedx509 -libmbedcrypto"
>
> Should be -lmbedtls, -lmbedx509 and -lmbedcrypto
>
> All really does build fine now :)
>
> mbedtls seems to work well - seems a tad quicker too.
I don't know where you got the
> A bit premature here. I quickly ran ./configure before work and
> configure worked OK. But tonight, run make, my linker bombed out with:
>
> /usr/lib/gcc/i486-slackware-linux/4.8.2/../../../../i486-slackware-linux/bin/ld:
> cannot find
> -libmbedtls /usr/lib/gcc/i486-slackware-linux/4.8.2/../../../../i486-slackware-linux/bin/ld:
> cannot find
> -libmbedx509 /usr/lib/gcc/i486-slackware-linux/4.8.2/../../../../i486-slackware-linux/bin/ld:
> cannot find -libmbedcrypto
>
> Strange, as ldconfig -v reveals:
>
> /usr/local/lib:
> libmbedcrypto.so.0 -> libmbedcrypto.so.2.3.0
> libmbedtls.so.10 -> libmbedtls.so.2.3.0
> libmbedx509.so.0 -> libmbedx509.so.2.3.0
>
> Anyway, an hour of investing, it turns out the linker flags are
> incorrect - changing in configure fixed it up:
>
> if test "x$ssl_ok" = "xyes"; then
> LIBSSL_LIBS="-libmbedtls -libmbedx509 -libmbedcrypto"
>
> Should be -lmbedtls, -lmbedx509 and -lmbedcrypto
>
> All really does build fine now :)
>
> mbedtls seems to work well - seems a tad quicker too.
"-libmbedtls -libmbedx509 -libmbedcrypto" from.
Mine has "-lmbedtls -lmbedx509 -lmbedcrypto",
and it says "-lmbedtls -lmbedx509 -lmbedcrypto when
I double-check on hg.dillo.org.
Nick Warne
Jul 4, 2016, 1:22:51 PM7/4/16
to dill...@dillo.org
On Mon, 4 Jul 2016 17:01:39 +0000
eocene <eoc...@gmx.com> wrote:
> Nick wrote:
>
> > Should be -lmbedtls, -lmbedx509 and -lmbedcrypto
> >
> > All really does build fine now :)
> >
> > mbedtls seems to work well - seems a tad quicker too.
>
> I don't know where you got the
> "-libmbedtls -libmbedx509 -libmbedcrypto" from.
> Mine has "-lmbedtls -lmbedx509 -lmbedcrypto",
> and it says "-lmbedtls -lmbedx509 -lmbedcrypto when
> I double-check on hg.dillo.org.
Ummm. You are right. Maybe I was messing around late last night with
the earlier error message - I can't remember now :)
Sorry for the noise - all builds and works fine.
Nick
--
Gosh that takes me back... or is it forward? That's the trouble with
time travel, you never can tell."
-- Doctor Who "Androids of Tara"
eocene <eoc...@gmx.com> wrote:
> Nick wrote:
>
> > Should be -lmbedtls, -lmbedx509 and -lmbedcrypto
> >
> > All really does build fine now :)
> >
> > mbedtls seems to work well - seems a tad quicker too.
>
> I don't know where you got the
> "-libmbedtls -libmbedx509 -libmbedcrypto" from.
> Mine has "-lmbedtls -lmbedx509 -lmbedcrypto",
> and it says "-lmbedtls -lmbedx509 -lmbedcrypto when
> I double-check on hg.dillo.org.
the earlier error message - I can't remember now :)
Sorry for the noise - all builds and works fine.
Nick
--
Gosh that takes me back... or is it forward? That's the trouble with
time travel, you never can tell."
-- Doctor Who "Androids of Tara"
Martin Atukunda
Jul 8, 2016, 4:29:38 PM7/8/16
to Nick Warne, dill...@dillo.org
Hi dillo-dev,
Dillo builds just fine on mucosa, especially after I `brew install mbedtls`
Problem is that, at start up, it reports
Trusting 0 TLS certificates.
Any idea how I can install some? It's odd browsing about without https these days.
Cheers,
eocene
Jul 8, 2016, 5:35:06 PM7/8/16
to dill...@dillo.org
Martin wrote:
> Dillo builds just fine on mucosa, especially after I `brew install mbedtls`
>
> Problem is that, at start up, it reports
> Trusting 0 TLS certificates.
>
> Any idea how I can install some? It's odd browsing about without https
> these days.
Did it work with 3.0.5 or the development branch before the
> Dillo builds just fine on mucosa, especially after I `brew install mbedtls`
>
> Problem is that, at start up, it reports
> Trusting 0 TLS certificates.
>
> Any idea how I can install some? It's odd browsing about without https
> these days.
recent change? (Wouldn't expect it to.)
Johannes reported success on osx, but I don't know what's customary for
getting certificates there...
I presume https is "working" but forces you to click on dialogs...?
Reply all
Reply to author
Forward
0 new messages