Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Post handshake auth #350

Merged
merged 8 commits into from
Nov 27, 2019
Merged

Post handshake auth #350

merged 8 commits into from
Nov 27, 2019

Conversation

tomato42
Copy link
Member

@tomato42 tomato42 commented May 21, 2019

add support for Post Handshake Authentication (the post_handshake_auth extension)

depends on #196 and #341
fixes #208

TODO

  • change from callback to a list of client certificates in HandshakeSettings
  • test coverage

This change is Reviewable

@tomato42 tomato42 added enhancement new feature to be implemented blocked labels May 21, 2019
@tomato42 tomato42 self-assigned this May 21, 2019
@tomato42
Copy link
Member Author

This pull request introduces 9 alerts when merging 1992ced into 849f1d1 - view on LGTM.com

new alerts:

  • 3 for Unused local variable
  • 3 for Unused import
  • 1 for __eq__ not overridden when adding attributes
  • 1 for First argument of a method is not named 'self'
  • 1 for 'import *' may pollute namespace

Comment posted by LGTM.com

@tomato42
Copy link
Member Author

This pull request introduces 9 alerts when merging 68ecf24 into 849f1d1 - view on LGTM.com

new alerts:

  • 3 for Unused local variable
  • 3 for Unused import
  • 1 for __eq__ not overridden when adding attributes
  • 1 for First argument of a method is not named 'self'
  • 1 for 'import *' may pollute namespace

Comment posted by LGTM.com

@lgtm-com
Copy link

lgtm-com bot commented Nov 22, 2019

This pull request introduces 1 alert when merging 1c0b1d9 into 322f5ff - view on LGTM.com

new alerts:

  • 1 for __eq__ not overridden when adding attributes

@tomato42 tomato42 force-pushed the post-handshake-auth branch from 1c0b1d9 to 8133a92 Compare November 25, 2019 22:20
@lgtm-com
Copy link

lgtm-com bot commented Nov 25, 2019

This pull request introduces 1 alert when merging 8133a92 into 322f5ff - view on LGTM.com

new alerts:

  • 1 for __eq__ not overridden when adding attributes

@tomato42 tomato42 force-pushed the post-handshake-auth branch from 8133a92 to 0e552e6 Compare November 26, 2019 13:28
@lgtm-com
Copy link

lgtm-com bot commented Nov 26, 2019

This pull request introduces 2 alerts when merging 0e552e6 into 322f5ff - view on LGTM.com

new alerts:

  • 1 for __eq__ not overridden when adding attributes
  • 1 for Unused local variable

@tomato42 tomato42 force-pushed the post-handshake-auth branch from 0e552e6 to 7e4d7cd Compare November 26, 2019 14:04
@tomato42 tomato42 changed the title [WIP] Post handshake auth Post handshake auth Nov 26, 2019
@tomato42 tomato42 force-pushed the post-handshake-auth branch from 7e4d7cd to 1e2e206 Compare November 26, 2019 14:38
@tomato42 tomato42 requested a review from ueno November 26, 2019 14:54
Copy link
Collaborator

@ueno ueno left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed 3 of 3 files at r1, 3 of 3 files at r2.
Reviewable status: 2 of 5 files reviewed, all discussions resolved (waiting on @ueno)

Copy link
Collaborator

@ueno ueno left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed 1 of 1 files at r3.
Reviewable status: 2 of 5 files reviewed, all discussions resolved (waiting on @ueno)

ueno
ueno previously approved these changes Nov 26, 2019
Copy link
Collaborator

@ueno ueno left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed 2 of 2 files at r4, 1 of 1 files at r5.
Reviewable status: :shipit: complete! all files reviewed, all discussions resolved

@ueno
Copy link
Collaborator

ueno commented Nov 26, 2019

It looks good to me. I was just wondering if certificate_required alert shall be implemented in this PR?

@tomato42
Copy link
Member Author

It looks good to me. I was just wondering if certificate_required alert shall be implemented in this PR?

good point, that actually would be the most portable way of handling required certificate... I'll add it as an option

since to trigger and finish PHA the client and server needs to read
from socket, allow reading 0 bytes, just to trigger buffer processing
@tomato42 tomato42 force-pushed the post-handshake-auth branch from 1e2e206 to a609453 Compare November 26, 2019 18:00
@lgtm-com
Copy link

lgtm-com bot commented Nov 26, 2019

This pull request fixes 3 alerts when merging 114cdd5 into 1abaefe - view on LGTM.com

fixed alerts:

  • 2 for Testing equality to None
  • 1 for Unnecessary pass

Copy link
Collaborator

@ueno ueno left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed 4 of 4 files at r6, 3 of 3 files at r7, 1 of 1 files at r8, 2 of 2 files at r9, 1 of 1 files at r10, 5 of 5 files at r11, 1 of 1 files at r12, 1 of 1 files at r13.
Reviewable status: :shipit: complete! all files reviewed, all discussions resolved (waiting on @tomato42)

@tomato42 tomato42 merged commit 3e7bddd into master Nov 27, 2019
@tomato42 tomato42 deleted the post-handshake-auth branch November 27, 2019 11:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement new feature to be implemented
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Post handshake client authentication in TLS 1.3
2 participants