Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

tls: update BoringSSL-FIPS to 20190808. #12114

Merged
merged 3 commits into from
Jul 20, 2020

Conversation

PiotrSikora
Copy link
Contributor

Signed-off-by: Piotr Sikora [email protected]

@repokitteh-read-only
Copy link

CC @envoyproxy/api-shepherds: Your approval is needed for changes made to (api/envoy[\w/]*/(v1alpha\d?|v1|v2alpha\d?|v2))|(api/envoy/type/(matcher/)?\w+.proto).
CC @envoyproxy/api-shepherds: Your approval is needed for changes made to api/envoy/.
CC @envoyproxy/api-watchers: FYI only for changes made to api/envoy/.

🐱

Caused by: #12114 was opened by PiotrSikora.

see: more, trace.

@PiotrSikora PiotrSikora requested review from htuch and agl July 15, 2020 21:15
@PiotrSikora PiotrSikora marked this pull request as ready for review July 15, 2020 21:15
@PiotrSikora PiotrSikora requested a review from lizan as a code owner July 15, 2020 21:15
htuch
htuch previously approved these changes Jul 17, 2020
@PiotrSikora
Copy link
Contributor Author

Since the version of BoringSSL that we use in FIPS prior to this PR is from mid-2018, I think it makes sense to backport it to the stable releases in order to enable TLS 1.3 there. Any objections @lambdai @mattklein123 @htuch @lizan?

/backport

@repokitteh-read-only repokitteh-read-only bot added the backport/review Request to backport to stable releases label Jul 18, 2020
Copy link
Member

@lizan lizan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

SGTM
/backport approve

@PiotrSikora PiotrSikora requested a review from htuch July 18, 2020 04:18
@PiotrSikora PiotrSikora added backport/approved Approved backports to stable releases and removed backport/review Request to backport to stable releases labels Jul 18, 2020
Copy link
Member

@htuch htuch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think backport is OK if you have a motivation from the Istio perspective and want to do the work. I don't think it's strictly needed, i.e. this isn't some security fix or concern with previously shipped functionality.

@htuch
Copy link
Member

htuch commented Jul 20, 2020

/lgtm v2-freeze

@htuch htuch merged commit b4b8210 into envoyproxy:master Jul 20, 2020
KBaichoo pushed a commit to KBaichoo/envoy that referenced this pull request Jul 30, 2020
scheler pushed a commit to scheler/envoy that referenced this pull request Aug 4, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport/approved Approved backports to stable releases
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

4 participants