Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

init sssd support #7781

Merged
merged 4 commits into from
Aug 22, 2024
Merged

init sssd support #7781

merged 4 commits into from
Aug 22, 2024

Conversation

julek-wolfssl
Copy link
Member

@julek-wolfssl julek-wolfssl commented Jul 23, 2024
edited
Loading

  • Refactor OCSP to separate IO callback
  • wolfSSL_BIO_reset: fix return
  • CheckCertCRL_ex: return CRL_CERT_DATE_ERR instead of ASN_AFTER_DATE_E
  • CheckCertCRL_ex: return most relevant error code
  • i2d/d2i APIs: correct parameters handling and return codes
  • Custom ASN1 structures: major refactor to make it much more versatile
  • Use WOLFSSL_ASSERT_SIZEOF_GE where applicable
  • wolfSSL_EVP_SignFinal: implement ecc
  • wolfSSL_EVP_VerifyFinal: implement ecc
  • OBJ_NAME_do_all: bring closer to OpenSSL functionality
  • Correct return of *_push api
  • Implement:
    • OCSP_REQ_CTX API
    • d2i_ECPKParameters
    • wolfSSL_sk_insert
    • OCSP_parse_url
    • X509_STORE_set1_param
    • X509_get0_subject_key_id
    • X509_OBJECT_retrieve_by_subject
    • OCSP_sendreq_nbio

@julek-wolfssl julek-wolfssl self-assigned this Jul 23, 2024
@julek-wolfssl julek-wolfssl requested a review from douzzer July 23, 2024 17:11
@julek-wolfssl julek-wolfssl mentioned this pull request Jul 23, 2024
Merged
@julek-wolfssl julek-wolfssl force-pushed the sssd branch 2 times, most recently from 2945d70 to e0eba75 Compare July 24, 2024 10:31
@julek-wolfssl julek-wolfssl marked this pull request as draft July 26, 2024 11:54
@julek-wolfssl julek-wolfssl force-pushed the sssd branch 9 times, most recently from 40ea097 to bc128d8 Compare August 12, 2024 17:07
julek-wolfssl added a commit to julek-wolfssl/osp that referenced this pull request Aug 13, 2024
@julek-wolfssl
Fix test_ssl.py
d4519fa 
Test functionality added in wolfSSL/wolfssl#7781
@julek-wolfssl julek-wolfssl mentioned this pull request Aug 13, 2024
Merged
@julek-wolfssl julek-wolfssl force-pushed the sssd branch 2 times, most recently from 4b512c2 to 0bba711 Compare August 13, 2024 15:38
@julek-wolfssl julek-wolfssl marked this pull request as ready for review August 13, 2024 16:16
@julek-wolfssl
Copy link
Member Author

Python test failure: they are failing since we are adding othername support in the compat layer here. The python port tests pass with this patch: wolfSSL/osp#201.

@douzzer
Copy link
Contributor

douzzer commented Aug 15, 2024
edited by julek-wolfssl
Loading

retest this please.

julek-wolfssl and others added 2 commits August 16, 2024 17:22
@julek-wolfssl
init sssd support
a6a40de 
- Refactor OCSP to separate IO callback
- wolfSSL_BIO_reset: fix return
- CheckCertCRL_ex: return CRL_CERT_DATE_ERR instead of ASN_AFTER_DATE_E
- CheckCertCRL_ex: return most relevant error code
- i2d/d2i APIs: correct parameters handling and return codes
- Custom ASN1 structures: major refactor to make it much more versatile
- Use WOLFSSL_ASSERT_SIZEOF_GE where applicable
- wolfSSL_EVP_SignFinal: implement ecc
- wolfSSL_EVP_VerifyFinal: implement ecc
- OBJ_NAME_do_all: bring closer to OpenSSL functionality
- Correct return of *_push api
- Implement:
  - OCSP_REQ_CTX API
  - d2i_ECPKParameters
  - wolfSSL_sk_insert
  - OCSP_parse_url
  - X509_STORE_set1_param
  - X509_get0_subject_key_id
  - X509_OBJECT_retrieve_by_subject
  - OCSP_sendreq_nbio
@douzzer @julek-wolfssl
Analyzer fixes
b693127
douzzer
douzzer requested changes Aug 19, 2024
View reviewed changes
Copy link
Contributor

@douzzer douzzer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

comments from partial review -- more to come.

wolfcrypt/src/asn.c Show resolved Hide resolved
wolfssl/openssl/asn1.h Outdated Show resolved Hide resolved
wolfssl/wolfcrypt/types.h Outdated Show resolved Hide resolved
wolfssl/wolfio.h Show resolved Hide resolved
@julek-wolfssl julek-wolfssl mentioned this pull request Aug 19, 2024
Merged
@douzzer douzzer assigned julek-wolfssl and unassigned douzzer and wolfSSL-Bot Aug 20, 2024
@julek-wolfssl julek-wolfssl requested a review from douzzer August 20, 2024 13:43
douzzer
douzzer approved these changes Aug 22, 2024
View reviewed changes
Copy link
Contributor

@douzzer douzzer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

solid addition.

by my count, 3 of the new APIs lack unit test coverage, neither direct nor indirect:

ASN1_TYPE_get
ASN1_item_d2i
d2i_ECPKParameters

but not worth holding up the merge.

@douzzer douzzer merged commit 1a0bf42 into wolfSSL:master Aug 22, 2024
127 checks passed
@LinuxJedi LinuxJedi mentioned this pull request Dec 12, 2024
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@douzzer douzzer douzzer approved these changes

Assignees

@douzzer douzzer

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@julek-wolfssl @douzzer @wolfSSL-Bot