Closed phyatt-corp closed 2 years ago
Merging #210 into master will decrease coverage by
13.59%
. The diff coverage is3.05%
.
@@ Coverage Diff @@
## master #210 +/- ##
==========================================
- Coverage 71.95% 58.35% -13.6%
==========================================
Files 12 14 +2
Lines 542 670 +128
==========================================
+ Hits 390 391 +1
- Misses 152 279 +127
Impacted Files | Coverage Δ | |
---|---|---|
src/x509_crl.jl | 0% <0%> (ø) |
|
src/ssl_windows.jl | 0% <0%> (ø) |
|
src/MbedTLS.jl | 98.03% <100%> (+0.03%) |
:arrow_up: |
src/ssl.jl | 66.82% <100%> (ø) |
:arrow_up: |
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact)
,ø = not affected
,? = missing data
Powered by Codecov. Last update 0eaf7df...4e23b51. Read the comment docs.
Fixes https://github.com/JuliaLang/MbedTLS.jl/issues/200 for Windows.
Recently I had a requirement to support reading certificates out of the Windows root certificate stores ("CA", "AuthRoot", "Root", "TrustedPublisher") instead of the
cacert.pem
file for our Julia application.I added that functionality and made it the default for Windows (see line 135 in MbedTLS.jl), so it would easily get used in HTTP.jl . This could be made the non-default to make this have a smaller impact; also I only worked with x64 windows machines.
It respects the CRLs found in Windows, but doesn't do anything with OCSPs or OCSP Stapling. Also I discovered a
DISALLOWED_FILETIME
property while comparing my certificates found from Windows API calls to the ones listed in the Windows Certificate Manager. (https://github.com/ARMmbed/mbedtls/issues/2914)