Hitch #6235
Merged
Hitch #6235
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kareem-wolfssl
assigned JacobBarthelmeh and julek-wolfssl and unassigned kareem-wolfssl
julek-wolfssl
requested changes
Apr 14, 2023
JacobBarthelmeh
previously approved these changes
Apr 17, 2023
kareem-wolfssl
force-pushed
the
hitch
branch
11 times, most recently
from
229c5a0
to
cf0e1b4
Compare
kareem-wolfssl
assigned JacobBarthelmeh and julek-wolfssl and unassigned kareem-wolfssl
|
Changes since last review: |
julek-wolfssl
requested changes
Jul 7, 2023
julek-wolfssl
previously approved these changes
Jul 10, 2023
Add support for cipher aliases DHE, EDH and EECDH. Add define SSL_CTRL_GET_CHAIN_CERTS to help hitch and other programs detect SSL_CTX_get0_chain_certs is supported. Add wolfSSL_get_locking_callback. Allow using ECDHE+RSA cipher suites when ECDHE alias is used while in OpenSSL compatibility mode. Add more alerts for hitch. SSL_CM should use the CTX's x509_store_pt if available. Add support for SSL_CERT_FILE and SSL_CERT_DIR. Load default OpenSSL TLS 1.3 ciphers when using OPENSSL_COMPATIBLE_DEFAULTS. Use wolfSSL_sk_X509_new_null to allocate WOLFSSL_STACK in wolfSSL_CTX_get_extra_chain_certs. Previous approach of malloc'ing without setting type/memsetting was leading to a segfault. Add --enable-hitch. hitch: Add unit tests for new APIs, fix a couple of issues uncovered by unit testing. Correct behavior of wolfSSL_BIO_set_mem_buf for BIO_CLOSE/NOCLOSE and update unit test accordingly. Add Github action test for hitch.
julek-wolfssl
approved these changes
Jul 10, 2023
dgarske
approved these changes
Jul 10, 2023
4 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Add support for hitch to wolfSSL.
Testing
Tested using hitch's test suite. All but three tests passing. Three tests have known issues which will not be fixed for this support (missing NPN support, not outputting certs as "TRUSTED CERTIFICATE", not supporting TLS 1.3 ciphersuites by default without explicitly enabling them).
Checklist