Additional TLS checks by julek-wolfssl · Pull Request #7029 · wolfSSL/wolfssl

julek-wolfssl · 2023-12-05T12:55:43Z

double check which messages need to be encrypted
check msgs that have to be last in a record

ZD17108

JacobBarthelmeh · 2023-12-08T15:58:17Z

Looks good to me, would like at least one other review on this though since the code changes will affect all TLS/DTLS users.

dgarske

This PR looks good. It grows my build by 384 bytes. Should we consider a way to disable this feature, but keep it on by default?
I'd like Sean to review before its merged.

julek-wolfssl · 2023-12-11T19:00:40Z

I don't think that its a good idea to remove these checks. These are important checks that are relevant for increasing security of all (D)TLS versions.

- double check which messages need to be encrypted - check msgs that have to be last in a record ZD17108

julek-wolfssl · 2023-12-12T13:45:52Z

Retest this please.

dgarske

PR looks great. Can you please add a build option to disable this check for users that might not want it?

julek-wolfssl · 2023-12-12T16:32:10Z

@dgarske build option added with WOLFSSL_DISABLE_EARLY_SANITY_CHECKS.

dgarske

Over to @SparkiDev to finalize.

SparkiDev · 2023-12-12T21:15:46Z

retest this please

douzzer

passed a run through wolfssl-multi-test.sh ... super-quick-check (latest sanitizers, clang-tidy, and cppcheck), rebased on current master.

dgarske · 2023-12-13T00:16:57Z

Retest this please

julek-wolfssl self-assigned this Dec 5, 2023

julek-wolfssl requested review from JacobBarthelmeh and rizlik December 5, 2023 12:55

julek-wolfssl force-pushed the zd/17108-fix branch 3 times, most recently from e35c9e9 to c070c01 Compare December 6, 2023 16:16

julek-wolfssl assigned rizlik and wolfSSL-Bot and unassigned julek-wolfssl Dec 6, 2023

JacobBarthelmeh previously approved these changes Dec 8, 2023

View reviewed changes

JacobBarthelmeh assigned rizlik and unassigned wolfSSL-Bot and rizlik Dec 8, 2023

julek-wolfssl assigned SparkiDev and unassigned rizlik Dec 11, 2023

julek-wolfssl requested a review from SparkiDev December 11, 2023 10:16

julek-wolfssl assigned dgarske and wolfSSL-Bot Dec 11, 2023

dgarske added the For This Release Release version 5.9.1 label Dec 11, 2023

dgarske requested changes Dec 11, 2023

View reviewed changes

dgarske removed their assignment Dec 11, 2023

SparkiDev requested changes Dec 11, 2023

View reviewed changes

Comment thread src/internal.c Outdated

Comment thread src/internal.c Outdated

Additional TLS checks

627310d

- double check which messages need to be encrypted - check msgs that have to be last in a record ZD17108

julek-wolfssl dismissed JacobBarthelmeh’s stale review via 627310d December 12, 2023 12:57

julek-wolfssl force-pushed the zd/17108-fix branch from c070c01 to 627310d Compare December 12, 2023 12:57

julek-wolfssl requested a review from SparkiDev December 12, 2023 14:13

dgarske requested changes Dec 12, 2023

View reviewed changes

dgarske assigned julek-wolfssl and unassigned wolfSSL-Bot and SparkiDev Dec 12, 2023

Add option to remove early sanity checks

493bb17

julek-wolfssl requested a review from dgarske December 12, 2023 16:32

julek-wolfssl assigned dgarske and wolfSSL-Bot and unassigned julek-wolfssl Dec 12, 2023

dgarske approved these changes Dec 12, 2023

View reviewed changes

dgarske assigned SparkiDev and unassigned dgarske Dec 12, 2023

wolfSSL deleted a comment from dgarske Dec 12, 2023

SparkiDev approved these changes Dec 12, 2023

View reviewed changes

douzzer approved these changes Dec 13, 2023

View reviewed changes

SparkiDev removed the request for review from rizlik December 13, 2023 04:30

SparkiDev merged commit f12b611 into wolfSSL:master Dec 13, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Additional TLS checks#7029

Additional TLS checks#7029
SparkiDev merged 2 commits intowolfSSL:masterfrom
julek-wolfssl:zd/17108-fix

julek-wolfssl commented Dec 5, 2023

Uh oh!

JacobBarthelmeh commented Dec 8, 2023

Uh oh!

dgarske left a comment •

edited

Loading

Uh oh!

julek-wolfssl commented Dec 11, 2023

Uh oh!

Uh oh!

Uh oh!

julek-wolfssl commented Dec 12, 2023

Uh oh!

dgarske left a comment

Uh oh!

julek-wolfssl commented Dec 12, 2023

Uh oh!

dgarske left a comment

Uh oh!

SparkiDev commented Dec 12, 2023

Uh oh!

douzzer left a comment

Uh oh!

dgarske commented Dec 13, 2023

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

7 participants

Conversation

julek-wolfssl commented Dec 5, 2023

Uh oh!

JacobBarthelmeh commented Dec 8, 2023

Uh oh!

dgarske left a comment • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

julek-wolfssl commented Dec 11, 2023

Uh oh!

Uh oh!

Uh oh!

julek-wolfssl commented Dec 12, 2023

Uh oh!

dgarske left a comment

Choose a reason for hiding this comment

Uh oh!

julek-wolfssl commented Dec 12, 2023

Uh oh!

dgarske left a comment

Choose a reason for hiding this comment

Uh oh!

SparkiDev commented Dec 12, 2023

Uh oh!

douzzer left a comment

Choose a reason for hiding this comment

Uh oh!

dgarske commented Dec 13, 2023

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

7 participants

dgarske left a comment •

edited

Loading