Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove NULLs in s2n_kex #4293

Merged
merged 4 commits into from
Nov 20, 2023
Merged

Remove NULLs in s2n_kex #4293

merged 4 commits into from
Nov 20, 2023

Conversation

lrstewart
Copy link
Contributor

Description of changes:

Small change to not use "NULL" as the TLS1.3 key exchange method.

Using NULL for the TLS1.3 kex leads to some annoying branching when checking whether a cipher suite has perfect forward secrecy. We have to comment "NULL means TLS1.3, which is always ephemeral" everywhere we want to check kex->is_ephemeral.

NULLs can also mean that a bug results in a seg fault instead of just an error.

Testing:

Existing tests pass. I also reviewed everywhere is_ephemeral, server_key_recv_read_data, and server_key_recv_parse_data is used to make sure there's no unintended and untested side effects of removing the NULL (like, intentional branching on the NULL). Everything looks fine.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@github-actions github-actions bot added the s2n-core team label Nov 16, 2023
@lrstewart lrstewart marked this pull request as ready for review November 16, 2023 04:13
jmayclin
jmayclin approved these changes Nov 16, 2023
View reviewed changes
Copy link
Contributor

@jmayclin jmayclin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yay for fewer NULLs!

jmayclin
jmayclin reviewed Nov 16, 2023
View reviewed changes
tls/s2n_kex.c Outdated Show resolved Hide resolved
@lrstewart lrstewart requested a review from jmayclin November 17, 2023 00:04
@lrstewart lrstewart requested a review from maddeleine November 17, 2023 23:04
@lrstewart lrstewart enabled auto-merge (squash) November 20, 2023 20:30
@lrstewart lrstewart merged commit 2482844 into aws:main Nov 20, 2023
27 checks passed
@lrstewart lrstewart deleted the kex_cleanup branch November 20, 2023 21:52
@BrewTestBot BrewTestBot mentioned this pull request Dec 6, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@maddeleine maddeleine maddeleine approved these changes

@jmayclin jmayclin jmayclin approved these changes

Assignees
No one assigned
Labels
s2n-core team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@lrstewart @jmayclin @maddeleine