Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for MbedTLS to libnetconf2 #485

Merged
merged 54 commits into from
May 14, 2024
Merged

Add support for MbedTLS to libnetconf2 #485

merged 54 commits into from
May 14, 2024

Conversation

Roytak
Copy link
Collaborator

@Roytak Roytak commented May 13, 2024

Initial version of supporting MbedTLS in libnetconf2. Most notable included changes:

  • wrapper for OpenSSL/MbedTLS API calls
  • renamed NC_TI_LIBSSH & NC_TI_OPENSSL to NC_TI_SSH & NC_TI_TLS
  • refactored server-side TLS authentication to reflect ietf-tls-server's ca-certs container description
  • deprecated nc_connect_libssl()
  • client side TLS verification is left to the underlying TLS library (should only effect CRLs)
  • revoking certs based on CRLs is handled by the underlying TLS library
  • MbedTLS GitHub CI runs

roman added 30 commits May 13, 2024 09:51
cmake UPDATE add findlibmedtls module
4282a08
cmake UPDATE compile using libmedtls
6d3cf69
session mbedtls UPDATE add mbedtls wrapper
57ac689
session openssl UPDATE add openssl wrapper
5da7d06
config UPDATE add HAVE_LIBMEDTLS macro
f69d366
session wrapper UPDATE add wrapper header
08ee21e
session wrapper UPDATE add crl cert ext fetch wrap
54a6429
session UPDATE wrap session_p
1babaf2
io UPDATE wrap TLS
b921104
server config UPDATE wrap TLS
0fb5626
session config util UPDATE wrap TLS
d2862f2
session UPDATE wrap TLS
6ab8862
session client UPDATE wrap TLS
a6b55f4
session client tls UPDATE wrap TLS
20f067d
session server UPDATE wrap TLS
0e44ecf
session server ssh UPDATE wrap TLS
d1c38a6
session server tls UPDATE wrap TLS
366666b
session REFACTOR format sources
a9177eb
session UPDATE rename transport implementations
38d3ea4
session server tls UPDATE refactor wraps
823f0fc
cmake UPDATE mbedtls/openssl compilation
d2828c8
session mbedtls UPDATE reworked everything
ef72e00
session openssl UPDATE reworked everything
7c6a185
session wrapper UPDATE add wrapper docs
ed0dd53
io UPDATE rename wrapped function
267c0fc
session server UPDATE reflect wrapper changes
2c39656
session client tls UPDATE reflect wrapper changes
1adb980
session UPDATE reflect wrapper changes
73e8211
server config util UPDATE reflect wrapper changes
5751a1f
test crl UPDATE adjust seeked message
4ce1d46
roman added 17 commits May 13, 2024 09:51
session server tls UPDATE return instead of goto
2d77268
tests UPDATE use new transport names
5052b81
session server tls BUGFIX fix spaces in key type
3da5d96
session mbedtls BUGFIX fix return NULL on fail
b10b62a
session wrapper UPDATE add includes
c300f47
server config util UPDATE key format handling
e6ab5b8
session wrapper UPDATE add file desc to new files
8726489
session client tls UPDATE remove ctx assignment
ef2c117
session mbedtls UPDATE remove unused includes
9278147
session wrapper REFACTOR use void when no params
206239d
session mbedtls BUGFIX fix cert memory leak
fda7d7b
session mbedtls BUGFIX fix double & nonnull free
1c4f415
session wrapper UPDATE add docs
2f9d764
session wrapper UPDATE tls verify callback
8b3f577
ci UPDATE add mbedtls test runs
1687361
cmake UPDATE improve FindMbedTLS module
2d47f61
server config UPDATE clarify ca/ee certs auth
999eb95
github-advanced-security[bot]
github-advanced-security bot found potential problems May 13, 2024
View reviewed changes
Copy link

@github-advanced-security github-advanced-security bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CodeQL found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.

michalvasko
michalvasko requested changes May 14, 2024
View reviewed changes
CMakeModules/FindMbedTLS.cmake Outdated Show resolved Hide resolved
src/session.c Outdated Show resolved Hide resolved
src/session_mbedtls.c Outdated Show resolved Hide resolved
src/session_mbedtls.c Outdated Show resolved Hide resolved
@michalvasko michalvasko merged commit e27256b into CESNET:devel May 14, 2024
13 of 14 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@michalvasko michalvasko michalvasko approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@Roytak @michalvasko