Backport 2.28: Test TLS 1.2 builds with each encryption type #6394
Conversation
Signed-off-by: Przemek Stekiel <[email protected]>
Both functions are used when MBEDTLS_SSL_SOME_SUITES_USE_MAC is defined not MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC. Signed-off-by: Przemek Stekiel <[email protected]>
…DTLS_SSL_SESSION_TICKETS) Signed-off-by: Przemek Stekiel <[email protected]>
It is done to have MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH macro available (used in tests) Signed-off-by: Przemek Stekiel <[email protected]>
Signed-off-by: Przemek Stekiel <[email protected]>
…MODES_USE_MAC Signed-off-by: Przemek Stekiel <[email protected]>
This is done to make configuration consistent with upstream and get rid of warnings. ssl_ticket.c:254:17: warning: implicit declaration of function ‘mbedtls_cipher_auth_encrypt_ext’ Signed-off-by: Przemek Stekiel <[email protected]>
Test calls functions that require MBEDTLS_CIPHER_MODE_AEAD. Signed-off-by: Przemek Stekiel <[email protected]>
Test was failing with error: unknown ciphersuite: 'TLS-RSA-WITH-AES-128-GCM-SHA256' Signed-off-by: Przemek Stekiel <[email protected]>
Signed-off-by: Przemek Stekiel <[email protected]>
mprse
added
needs-review
I think it would simplify review if you could give a list of the differences. I see 10 commits here vs 19 in the main PR, so apparently the differences were quite significant. |
|
PS: I added the PR to the unified board - this is a gentle reminder to do it in the future when you open a PR :) |
Sorry for that. I usually add it to project.
From commit 169554c are the extra changes that had to be done (excluding changelog entry). |
There was a problem hiding this comment.
I did not find any new issues apart from those mentioned by @mpg already, although I would suggest some changelog rewording:
- Fix bugs and missing dependencies when building and testing configurations with only one encryption type enabled in TLS 1.2.
|
I didn't want to nit-pick on the ChangeLog wording as I was otherwise happy with the main PR, but since it now looks like rework is needed after all, I agree with Andrzej's suggestion for improvement. |
AndrzejKurek
added
needs-work
and removed
needs-review
Signed-off-by: Przemek Stekiel <[email protected]>
Signed-off-by: Przemek Stekiel <[email protected]>
Signed-off-by: Przemek Stekiel <[email protected]>
Signed-off-by: Przemek Stekiel <[email protected]>
…st function" This reverts commit 802353c. Signed-off-by: Przemek Stekiel <[email protected]>
mprse
force-pushed
the
enc_types_2_28_backport
branch
from
f88cb84 to
0d72141
Compare
|
I have synchronized backport with main PR and reverted both changes requested by @mpg. |
mprse
added
needs-review
CI looks happy! Well, it reflects my experience working on dependency issues: there are so many things interacting with each other and small changes can cause such a mountain of failures that it's easy to loose track of what exactly was necessary to fix what. That's why we have reviews, looking at things calmly after the dust settled, and why it's important when we review to ask ourselves "why is this the right thing to do" rather than just "if it passes CI I guess it's right". |
mpg
added
approved
Description
Resolves #6313
This is backport of #6374.
It is not 1 to 1 backport as default configuration and macros are slightly different.
Status
READY