Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OSSM-5001 Additions to support maistra/proxy build #128

Closed
wants to merge 27 commits into from
Closed

OSSM-5001 Additions to support maistra/proxy build #128

wants to merge 27 commits into from

Commits on Oct 17, 2023

  1. OSSM-5001 Added stdc++fs library to prefixer link line 

    Required when building in maistra-builder:2.5 (clang++13)

Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Oct 17, 2023
    Configuration menu
    Copy the full SHA
    c3615ce View commit details
    Browse the repository at this point in the history

  2. OSSM-5001 Replaced bc with bash arithmetic 

    Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Oct 17, 2023
    Configuration menu
    Copy the full SHA
    ca9c72e View commit details
    Browse the repository at this point in the history

Commits on Nov 1, 2023

  1. OSSM-5001 Fixed dependency 

    Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Nov 1, 2023
    Configuration menu
    Copy the full SHA
    d4b330c View commit details
    Browse the repository at this point in the history

Commits on Nov 2, 2023

  1. OSSM-5001 Added missing .bazelversion file 

    Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Nov 2, 2023
    Configuration menu
    Copy the full SHA
    5d11029 View commit details
    Browse the repository at this point in the history

Commits on Nov 9, 2023

  1. OSSM-5001 Fixed dependency 

    Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Nov 9, 2023
    Configuration menu
    Copy the full SHA
    8cc7bfd View commit details
    Browse the repository at this point in the history

Commits on Nov 14, 2023

  1. OSSM-5001 Fixed lbbssl-compat.a installation directory 

    Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Nov 14, 2023
    Configuration menu
    Copy the full SHA
    5d0a292 View commit details
    Browse the repository at this point in the history

Commits on Nov 16, 2023

  1. OSSM-5001 Modified check for installed OpenSSL 

    Now checks for <openssl/types.h> instead of <openssl/ssl.h> because
<openssl/types.h> is only in OpenSSL 3.0.x. This ensures that if the host
only has OpenSSL 1.1.x headers, they will not be used.

Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Nov 16, 2023
    Configuration menu
    Copy the full SHA
    b5c6d09 View commit details
    Browse the repository at this point in the history

Commits on Dec 13, 2023

  1. OSSM-5001 Vendored envoy 

    Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Dec 13, 2023
    Configuration menu
    Copy the full SHA
    de50633 View commit details
    Browse the repository at this point in the history

Commits on Dec 14, 2023

  1. OSSM-5001 Added PEM_write_bio_X509() implementation in bssl-compat 

    Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Dec 14, 2023
    Configuration menu
    Copy the full SHA
    62cf7c7 View commit details
    Browse the repository at this point in the history

  2. OSSM-5001 Added PEM_read_bio_X509_AUX() implementation in bssl-compat 

    Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Dec 14, 2023
    Configuration menu
    Copy the full SHA
    4b204eb View commit details
    Browse the repository at this point in the history

  3. OSSM-5001 Added i2d_X509_PUBKEY() implementation in bssl-compat 

    Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Dec 14, 2023
    Configuration menu
    Copy the full SHA
    e7f3d00 View commit details
    Browse the repository at this point in the history

Commits on Dec 15, 2023

  1. OSSM-5001 Fixed OpenSSL version checking 

    The functions that were being used to check the loaded OpenSSL version were only available
in OpenSSL >= 3.0.0, so the check crashed if 1.1.1 libraries were loaded.

Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Dec 15, 2023
    Configuration menu
    Copy the full SHA
    ae9d798 View commit details
    Browse the repository at this point in the history

Commits on Dec 20, 2023

  1. OSSM-5001 Added temporary patches to get envoy linking 

    Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Dec 20, 2023
    Configuration menu
    Copy the full SHA
    e0827e4 View commit details
    Browse the repository at this point in the history

Commits on Dec 21, 2023

  1. OSSM-5001 Tidy up bssl-compat install process 

    There were some unnecessary files getting installed as part of the
bssl-compat installation process. In particular, the googletest headers
were being installed, which was upsetting the envoy build.

Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Dec 21, 2023
    Configuration menu
    Copy the full SHA
    f2697d1 View commit details
    Browse the repository at this point in the history

Commits on Jan 10, 2024

  1. OSSM-5001 Added SSL_get0_peer_verify_algorithms() & d2i_X509() to bss… 

    …l-compat

Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Jan 10, 2024
    Configuration menu
    Copy the full SHA
    2bfc638 View commit details
    Browse the repository at this point in the history

  2. OSM-5001 Removed the use of equal preference groups in default cipher… 

    … suite spec

Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Jan 10, 2024
    Configuration menu
    Copy the full SHA
    574a176 View commit details
    Browse the repository at this point in the history

Commits on Jan 23, 2024

  1. OSSM-5001 Added SSLTest.test_SSL_get_servername_inside_select_certifi… 

    …cate_cb

The test passes on BoringSSL but is skipped on bssl-compat pending a fix

Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Jan 23, 2024
    Configuration menu
    Copy the full SHA
    608d41b View commit details
    Browse the repository at this point in the history

Commits on Feb 20, 2024

  1. OSSM-5001 Updated envoy from c2919e9 (v1.26.6 tag) to 772b418 (releas… 

    …e/v1.26 branch)

Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Feb 20, 2024
    Configuration menu
    Copy the full SHA
    56865b6 View commit details
    Browse the repository at this point in the history

Commits on Feb 21, 2024

  1. OSSM-5001 Fixed segv in SSL_CIPHER_get_min_version() 

    SSL_CIPHER_get_min_version() would segv when called for a
cipher who's implementation engine wasn't loaded.

Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Feb 21, 2024
    Configuration menu
    Copy the full SHA
    76bbae6 View commit details
    Browse the repository at this point in the history

Commits on Feb 22, 2024

  1. OSSM-5001 Fixed calling SSL_get_servername() within select certificat… 

    …e callback

Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Feb 22, 2024
    Configuration menu
    Copy the full SHA
    d8263de View commit details
    Browse the repository at this point in the history

Commits on Feb 27, 2024

  1. OSSM-5001 Replace the use of SSL_get_peer_certificate() in ContextImp… 

    …l::verifyCallback()

The SSL_get_peer_certificate() function doesn't work the same way in OpenSSL as it does
in BoringSSL, when called within a callback installed via SSL_CTX_set_cert_verify_callback().
Therefore, we replace it with calls to X509_STORE_CTX_get_current_cert() and
X509_STORE_CTX_get0_cert().

Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Feb 27, 2024
    Configuration menu
    Copy the full SHA
    4aa3cd4 View commit details
    Browse the repository at this point in the history

Commits on Mar 1, 2024

  1. OSSM-5001 Run just the with_sync_cert_validation test variants 

    Since we aren't supporting async certificate validation, ensure
that we only run the tests in "with_sync_cert_validation" mode.

Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Mar 1, 2024
    Configuration menu
    Copy the full SHA
    a4d1f1b View commit details
    Browse the repository at this point in the history

  2. OSSM-5001 Added translation from IANA cipher suite names to OpenSSL e… 

    …quivalent

This allows the use of IANA cipher suite names as well as OpenSSL specific names,
which in turn means fewer patches to upstream source, expecially configs in test
code.

Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Mar 1, 2024
    Configuration menu
    Copy the full SHA
    9307158 View commit details
    Browse the repository at this point in the history

  3. OSSM-5001 Disabled tests that use the private_key_provider configuration 

    Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Mar 1, 2024
    Configuration menu
    Copy the full SHA
    8cec652 View commit details
    Browse the repository at this point in the history

Commits on Mar 4, 2024

  1. OSSM-5001 SSL_set_ocsp_response() now works when called from a select… 

    … certificate callback

Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Mar 4, 2024
    Configuration menu
    Copy the full SHA
    ac25602 View commit details
    Browse the repository at this point in the history

Commits on Mar 5, 2024

  1. OSSM-5001 Added GENERAL_NAMES_free() 

    Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Mar 5, 2024
    Configuration menu
    Copy the full SHA
    b59446a View commit details
    Browse the repository at this point in the history

Commits on Mar 22, 2024

  1. OSSM-5001 Many additions & fixes (WIP) 

    2 tests fail to build
3 tests fail to pass

Signed-off-by: Ted Poole <tpoole@redhat.com>
    @tedjpoole
    tedjpoole committed Mar 22, 2024
    Configuration menu
    Copy the full SHA
    1c9a393 View commit details
    Browse the repository at this point in the history