From 989f7bc6f5ff72deeb73ace3939836ae8c9e7814 Mon Sep 17 00:00:00 2001 From: Alessandro Passaro Date: Mon, 2 Dec 2024 09:15:27 +0000 Subject: [PATCH] Update CRT submodules to latest releases (#1177) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Update the CRT libraries to the latest releases. In particular, include: * Amazon S3 introduces support for AWS Dedicated Local Zones. ([awslabs/aws-c-s3#465](https://github.com/awslabs/aws-c-s3/pull/465))
Full CRT changelog: ``` Submodule mountpoint-s3-crt-sys/crt/aws-c-auth 48d647bf..3982bd75: > Update CMake to 3.9 (#255) Submodule mountpoint-s3-crt-sys/crt/aws-c-cal 2cb1d2ea..fbbe2612: > RSA PKCS1.5 SHA1 signing (#201) > chore: Modified bug issue template to add checkbox to report potential regression. (#199) > Update CMake to 3.9 (#200) Submodule mountpoint-s3-crt-sys/crt/aws-c-common f58e807d..be8ed873: > Fix test that made no sense (#1172) > Update CBMC proof tooling to latest releases (#1164) > Forward CMake variables to prebuilding dependencies (#1161) > Remove reliance on hardcoded user in ci (#1170) > Doc fix for cbor (#1171) > switch c compiler check to different cmake variable (#1169) > disable visibility hidden on old gcc (#1167) > fix empty xml node handling (#1168) > Unlink shutdown callback from ref count (#1166) > check if numa available or not before loading numa functions (#1163) > chore: Modified bug issue template to add checkbox to report potential regression. (#1151) > Update CMake to 3.9 (#1159) > Support Swift CXX Interop (#1160) Submodule mountpoint-s3-crt-sys/crt/aws-c-compression f36d0167..c6c1191e: > Update CMake to 3.9 (#70) Submodule mountpoint-s3-crt-sys/crt/aws-c-http 6068653e..fc3eded2: > Update for event loop API changes (#491) > Add cxx support (#490) > chore: Modified bug issue template to add checkbox to report potential regression. (#486) > Update CMake to 3.9 (#489) > Tweak error message for AWS_ERROR_HTTP_RESPONSE_FIRST_BYTE_TIMEOUT (#488) Submodule mountpoint-s3-crt-sys/crt/aws-c-io e3637404..fcb38c80: > Add an Option to disable retries (#694) > Update checksum based on previous PR changes (#695) > Add ML-KEM Support (#693) > Event loop public api (#691) > Add cxx support (#689) > Fix s2n cleanup (#687) > chore: Modified bug issue template to add checkbox to report potential regression. (#671) > Update CMake to 3.9 (#686) Submodule mountpoint-s3-crt-sys/crt/aws-c-s3 16701501..45894ed3: > Amazon S3 introduces support for AWS Dedicated Local Zones (#465) > Support trailing checksum with no signing (#459) > support if-none-match for upload (#462) > Use proper public event loop group API (#460) > chore: Modified bug issue template to add checkbox to report potential regression. (#452) > Update CMake to 3.9 (#458) > Support header checksum (#454) Submodule mountpoint-s3-crt-sys/crt/aws-c-sdkutils 4658412a..ce09f797: > Add cxx support (#48) > chore: Modified bug issue template to add checkbox to report potential regression. (#45) > Update CMake to 3.9 (#47) Submodule mountpoint-s3-crt-sys/crt/aws-checksums ce04ab00..3e4101b9: > fix predefines for bswap for old compilers (#99) > CRC big endian support (#97) > chore: Modified bug issue template to add checkbox to report potential regression. (#95) > Update CMake to 3.9 (#98) Submodule mountpoint-s3-crt-sys/crt/aws-lc 8b2ebfcf..59828538: > Prepare for v1.40.0 release (#2019) > [EC] Use s2n-bignum point doubling for P-384 and P-521 (#2011) > Document TLS Server Renegotiation Behavior (#2018) > Fail FIPS rsa_keygen_pubexp on change (#2016) > Adding -verify and expanding -x509 options for our OpenSSL tool (#1951) > Upstream merge 2024-11-11 (#1985) > Implement PKCS7_encrypt and PKC7_decrypt (#1996) > [EC] Unify scalar_mul_public for ec_nistp curves (#2004) > Adding the OpenSSL s_client tool (#1959) > Add Clang 19 to CI (#1998) > [EC] Unify scalar_mul_base point for ec_nistp curves (#2003) > Add internal APIs for ML-DSA (#1999) > Test cleanup (#2000) > Minor improvement to DSA (ASN1) + DSA Tests (#1990) > Implement PKCS7_dataInit and PKCS7_dataFinal (#1816) > Addition of generic NIST-DSA PKEY and ASN1 to support ML-DSA (#1963) > Expose a bit of lhash/conf for Ruby (#1987) > Allow ASN1_get_object to parse indefinite and universal (#1994) > Added CRL tool to CLI (#1976) > Prepare release AWS-LC v1.39.0 (#1995) > Revert "Replace CONF's internal representation with something more typesafe" (#1986) > Add Cyrus-SASL to our CI (#1988) > Cleanup test File utilities (#1989) > Account for cipher auth with multiple cert slots (#1956) > Allocate 16k scratch on heap (#1991) > Add CRYPTO_sysrand benchmarks to speed.cc (#1978) > Update PQREADME to add link to the KEM readme file (#1973) > Avoid compiler warning (#1981) > Ruby Support - More EVP_PKEY_DSA (#1954) > Upstream merge 2024-10-23 (#1955) > CI gcc-4.8 - use 4.8.5 tag (#1980) > Fix sess_hits counter on the server (#1974) > Support Finished-based APIs for TLS 1.3 (#1952) > Fix i2d behavior for i2d_SSL_SESSION (#1966) > fix `-Wcast-function-type` build issues (#1972) > Prepare v1.38.0 release (#1975) > Expose AES_cfb1_encrypt and AES_cfb8_encrypt (#1967) > EDDSA PCT (#1968) > ML-KEM keygen Pairwise Consistency Test (#1964) > Coverity Fix Null Check (#1965) > Actually add support for SSL_get_server/peer_tmp_key (#1945) > Also test w/ gcc 4.8 (#1962) > Fixes for Coverity Alerts (#1960) > Add support for POINT_CONVERSION_HYBRID (#1936) > Ruby Support - DSA custom md (#1953) > Add PKCS7-internal BIO_f_md (#1886) > Add PKCS7-internal BIO_f_cipher (#1836) > Expand support for EVP_PKEY_HMAC (#1933) > Support encode or decode ∞ like OpenSSL (#1930) > Fix FIPS.md typo (#1950) > Missing functionality + Adding Nmap to our CI (#1915) > HKDF, HKDF_expand, and PBKDF Truncated SHA2-512 (#1946) > bump mysql CI to 9.1.0 (#1939) > PQ README (#1932) > Add p4p, bump up time (#1943) > Remove retries on PCT failure in EC and RSA key generation. (#1938) > Remove old Intel CPU types (#1942) > Upstream merge 2024 10 17 (#1934) > DH paramgen callback (#1928) > Add null check in dh testing (#1937) > Use illegal_parameter instead of decode_error for invalid key shares (#1923) > Also prune SSM documents from ec2-test-framework (#1925) > Marshalling/Unmarshalling DH public keys (#1916) > 800-131Ar1: length of the key-derivation key shall be at least 112 bits. (#1924) > Prepare 1.37.0 release (#1927) > Add 2024 FIPS and fix build issues on older arm FIPS (#1920) > Align X509 PARTIAL_CHAIN behavior with 1.1.1 (#1917) > P161732527 coverity cleanup (#1918) > build: fix pkgconfig files (#1913) > Avoid allocating EVP_PKEY on size checks (#1911) > Add EC_GROUP mutablility to custom curves (#1881) > Implement more EVP_PKEY_DH functionality (#1880) > ML-DSA parameter refactor (#1910) > Update FIPS docs w/ certs (#1900) > Handle Windows not supporting static array dimension (#1912) > Remove duplicate s2n-bignum prefix include option (#1909) > Add support for EVP_PKEY_CTX callback functions (#1905) > P159598331 coverity cleanup (#1908) > Add Alpine-Linux-x86 to GitHub Actions CI (#1753) > Upstream merge 2024 09 16 (#1862) > Update Dilithium from crystals upstream (#1894) > Create mutable EC_GROUP API for OpenSSL compatibility (#1860) > ML-KEM FIPS 203 destruction of intermediate values (#1883) > Remove special s2n-bignum symbol handling sauce from build (#1903) Submodule mountpoint-s3-crt-sys/crt/s2n-tls ffe0bf42..493b7716: > feat: Reworking cleanup behavior (#4871) > chore: broaden use of flaky mark (#4865) > chore: configure dependabot (#4861) > fix: fix open AF_INET sockets in s2n_self_talk_ktls_test.c (#4852) > chore: update github PR template (#4885) > feat: add new security policy `20241106` (#4874) > chore: remove unused benchmarks (#4869) > ci: Clean dup source tree for CRT (#4882) > ci: remove www.mozilla.com from well-known to unblock CI (#4880) > fix: move prelude inclusion as PRIVATE (#4876) > build: add s2n_prelude.h to consolidate defines (#4465) > chore: bindings release 0.3.6 (#4867) > doc: fix incorrect README references (#4863) > fix: typo in comment of s2n_self_talk_tls13_test (#4864) > fix: close all /dev/urandom open fds (#4835) > docs: update fips documentation to specify supported libcrypto (#4857) > fix(bindings): correct poll_flush implementation (#4859) > feat: Adds cleanup_final (#4853) > test(bindings): Consolidate test pems (#4858) > chore: bindings release 0.3.5 (#4860) > chore: grant duvet action more permissions (#4854) > (feat): Adds certificate match metrics API (#4844) > chore: Fix failing OIDC workflows; cleanup unused actions (#4848) > chore(GHA): Update duvet arguments (#4850) > chore: remove unused compile definition (#4815) > Add new MLKEM TLS Policies (#4830) > fix: fix opened AF_UNIX sockets that didn't call s2n_io_pair_close (#4833) > bindings: pin openssl crate to 0.10.66 (#4849) > chore: flip 2 GHAs to use short lived creds. (#4839) > fix: fix s2n_io_pair_close_one_end (#4841) > ci: Re-enable asan and ubsan for fuzz tests (#4840) > fix: some open AF_UNIX sockets in forked child processes (#4834) > Update FIPS rules for ML-KEM (#4829) > ci: update ubuntu versions (#4828) > Add initial support for MLKEM768 (without any new Security Policies) (#4816) > chore: Adds print statements to help debug s2n_dynamic_load_test (#4836) > ci: add more libcryptos for fuzz batch & follow cmake idioms (#4795) > feature: bump cert authorities max size to 20kb (#4832) > ci: Add ubuntu24 with a new cmake buildspec (#4824) > Add ML-KEM Feature Probe and Test (#4823) > docs: update stateful resumption doc (#4818) > chore: remove make fuzz and AFL fuzz (#4808) ```
--- By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and I agree to the terms of the [Developer Certificate of Origin (DCO)](https://developercertificate.org/). Signed-off-by: Alessandro Passaro --- mountpoint-s3-client/CHANGELOG.md | 2 ++ mountpoint-s3-crt-sys/crt/aws-c-auth | 2 +- mountpoint-s3-crt-sys/crt/aws-c-cal | 2 +- mountpoint-s3-crt-sys/crt/aws-c-common | 2 +- mountpoint-s3-crt-sys/crt/aws-c-compression | 2 +- mountpoint-s3-crt-sys/crt/aws-c-http | 2 +- mountpoint-s3-crt-sys/crt/aws-c-io | 2 +- mountpoint-s3-crt-sys/crt/aws-c-s3 | 2 +- mountpoint-s3-crt-sys/crt/aws-c-sdkutils | 2 +- mountpoint-s3-crt-sys/crt/aws-checksums | 2 +- mountpoint-s3-crt-sys/crt/aws-lc | 2 +- mountpoint-s3-crt-sys/crt/s2n-tls | 2 +- 12 files changed, 13 insertions(+), 11 deletions(-) diff --git a/mountpoint-s3-client/CHANGELOG.md b/mountpoint-s3-client/CHANGELOG.md index fc654a69e..f7e4afa07 100644 --- a/mountpoint-s3-client/CHANGELOG.md +++ b/mountpoint-s3-client/CHANGELOG.md @@ -18,6 +18,8 @@ ([#1086](https://github.com/awslabs/mountpoint-s3/pull/1086)) * Allow to specify any of the supported checksum algorithms when uploading objects with `put_object_single`. ([#1157](https://github.com/awslabs/mountpoint-s3/pull/1157)) +* Amazon S3 introduces support for AWS Dedicated Local Zones. + ([awslabs/aws-c-s3#465](https://github.com/awslabs/aws-c-s3/pull/465)) ### Breaking changes diff --git a/mountpoint-s3-crt-sys/crt/aws-c-auth b/mountpoint-s3-crt-sys/crt/aws-c-auth index 48d647bf4..3982bd75f 160000 --- a/mountpoint-s3-crt-sys/crt/aws-c-auth +++ b/mountpoint-s3-crt-sys/crt/aws-c-auth @@ -1 +1 @@ -Subproject commit 48d647bf43f8872e4dc5ec6343b0c5974195fbdd +Subproject commit 3982bd75fea74efd8f9b462b27fedd4599db4f53 diff --git a/mountpoint-s3-crt-sys/crt/aws-c-cal b/mountpoint-s3-crt-sys/crt/aws-c-cal index 2cb1d2eac..fbbe2612a 160000 --- a/mountpoint-s3-crt-sys/crt/aws-c-cal +++ b/mountpoint-s3-crt-sys/crt/aws-c-cal @@ -1 +1 @@ -Subproject commit 2cb1d2eac925e2dbc45025eb89af82bd790c23a0 +Subproject commit fbbe2612a3385d1ded02a52d20ad7fd2da4501f4 diff --git a/mountpoint-s3-crt-sys/crt/aws-c-common b/mountpoint-s3-crt-sys/crt/aws-c-common index f58e807d8..be8ed873a 160000 --- a/mountpoint-s3-crt-sys/crt/aws-c-common +++ b/mountpoint-s3-crt-sys/crt/aws-c-common @@ -1 +1 @@ -Subproject commit f58e807d8fd643bd9a96eef182c1db37d01b88e7 +Subproject commit be8ed873a5baf0239bf4941df75904c3053cd509 diff --git a/mountpoint-s3-crt-sys/crt/aws-c-compression b/mountpoint-s3-crt-sys/crt/aws-c-compression index f36d01672..c6c1191e5 160000 --- a/mountpoint-s3-crt-sys/crt/aws-c-compression +++ b/mountpoint-s3-crt-sys/crt/aws-c-compression @@ -1 +1 @@ -Subproject commit f36d01672d61e49d96a777870d456f66fa391cd4 +Subproject commit c6c1191e525e5aa6ead9e1afc392e35d3b50331e diff --git a/mountpoint-s3-crt-sys/crt/aws-c-http b/mountpoint-s3-crt-sys/crt/aws-c-http index 6068653e1..fc3eded24 160000 --- a/mountpoint-s3-crt-sys/crt/aws-c-http +++ b/mountpoint-s3-crt-sys/crt/aws-c-http @@ -1 +1 @@ -Subproject commit 6068653e1d582bd8e7d1c9f81f86beaf10444e3d +Subproject commit fc3eded2465c37d07fd9cc15e9b5b011224c9c9a diff --git a/mountpoint-s3-crt-sys/crt/aws-c-io b/mountpoint-s3-crt-sys/crt/aws-c-io index e36374047..fcb38c804 160000 --- a/mountpoint-s3-crt-sys/crt/aws-c-io +++ b/mountpoint-s3-crt-sys/crt/aws-c-io @@ -1 +1 @@ -Subproject commit e36374047beadc72a0eb6df14ce3cbc822a789a3 +Subproject commit fcb38c804364dd627c335da752a99a125a88f6e9 diff --git a/mountpoint-s3-crt-sys/crt/aws-c-s3 b/mountpoint-s3-crt-sys/crt/aws-c-s3 index 16701501f..45894ed3d 160000 --- a/mountpoint-s3-crt-sys/crt/aws-c-s3 +++ b/mountpoint-s3-crt-sys/crt/aws-c-s3 @@ -1 +1 @@ -Subproject commit 16701501fa9d1684b0ff5406211d058ce2a5b404 +Subproject commit 45894ed3d839f849cb651ea36efdc76b901cb7e7 diff --git a/mountpoint-s3-crt-sys/crt/aws-c-sdkutils b/mountpoint-s3-crt-sys/crt/aws-c-sdkutils index 4658412a6..ce09f7976 160000 --- a/mountpoint-s3-crt-sys/crt/aws-c-sdkutils +++ b/mountpoint-s3-crt-sys/crt/aws-c-sdkutils @@ -1 +1 @@ -Subproject commit 4658412a61ad5749db92a8d1e0717cb5e76ada1c +Subproject commit ce09f79768653dbdc810fc14cad8685dd90acba1 diff --git a/mountpoint-s3-crt-sys/crt/aws-checksums b/mountpoint-s3-crt-sys/crt/aws-checksums index ce04ab00b..3e4101b9f 160000 --- a/mountpoint-s3-crt-sys/crt/aws-checksums +++ b/mountpoint-s3-crt-sys/crt/aws-checksums @@ -1 +1 @@ -Subproject commit ce04ab00b3ecc41912f478bfedca39f8e1919d6b +Subproject commit 3e4101b9f85a2c090774d27ae2131fca1082f522 diff --git a/mountpoint-s3-crt-sys/crt/aws-lc b/mountpoint-s3-crt-sys/crt/aws-lc index 8b2ebfcf3..59828538a 160000 --- a/mountpoint-s3-crt-sys/crt/aws-lc +++ b/mountpoint-s3-crt-sys/crt/aws-lc @@ -1 +1 @@ -Subproject commit 8b2ebfcf3fc8b0656f1f4161166484a70238aeaa +Subproject commit 59828538a790094113eacd5dd23d01be2885b36a diff --git a/mountpoint-s3-crt-sys/crt/s2n-tls b/mountpoint-s3-crt-sys/crt/s2n-tls index ffe0bf42d..493b77167 160000 --- a/mountpoint-s3-crt-sys/crt/s2n-tls +++ b/mountpoint-s3-crt-sys/crt/s2n-tls @@ -1 +1 @@ -Subproject commit ffe0bf42da8f139eff8fd2237f47fbde40b478fb +Subproject commit 493b77167dc367c394de23cfe78a029298e2a254