Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add optional support for TLS trusted_ca_keys extension #778

Merged
merged 3 commits into from
Aug 23, 2024
Merged

feat: add optional support for TLS trusted_ca_keys extension #778

merged 3 commits into from
Aug 23, 2024

Conversation

james-ctc
Copy link
Contributor

feat: add documentation
fix: consistent type naming convention applied
fix: failed tests
feat: added signal to stop stop server
feat: SA_RESTART flag + notes on client certificates fix: memory leak
feat: testing non-blocking read
feat: patched test only includes the test that would fail
on an unpatched OpenSSL
fix: logging to omit filename and line information fix: partial config support improved where trust anchors are missing

Describe your changes

Added support for TLS trusted_ca_keys extension.
Note its use is disabled since changes to EVSE Security are needed to obtain the trust anchor certificates needed by the extension

Issue ticket number and link

Checklist before requesting a review

  • I have performed a self-review of my code
  • I have made corresponding changes to the documentation
  • I read the contribution documentation and made sure that my changes meet its requirements

@james-ctc james-ctc added Draft PR not ready for review yet and removed Draft PR not ready for review yet labels Jul 15, 2024
@james-ctc
Copy link
Contributor Author

non-blocking API added; now ready for review

@SebaLukas SebaLukas self-assigned this Jul 18, 2024
@james-ctc james-ctc force-pushed the feat/tls-trusted-ca-keys branch from 1b6d7e6 to f6bbee5 Compare July 29, 2024 15:27
@corneliusclaussen corneliusclaussen force-pushed the feat/tls-trusted-ca-keys branch from 685e830 to 41009f1 Compare August 2, 2024 09:43
corneliusclaussen
corneliusclaussen reviewed Aug 2, 2024
View reviewed changes
modules/EvseV2G/EvseV2G.cpp Outdated Show resolved Hide resolved
modules/EvseV2G/EvseV2G.cpp Outdated Show resolved Hide resolved
@james-ctc james-ctc force-pushed the feat/tls-trusted-ca-keys branch 3 times, most recently from c9cdd77 to b4cadc2 Compare August 6, 2024 12:45
SebaLukas
SebaLukas approved these changes Aug 9, 2024
View reviewed changes
Copy link
Contributor

@SebaLukas SebaLukas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The changes in the EvseV2G module look good 👍 I just have one small comment.

modules/EvseV2G/connection/tls_connection.cpp Outdated Show resolved Hide resolved
@Pietfried
Copy link
Contributor

Please wait for a review from @AssemblyJohn before merging

@james-ctc james-ctc force-pushed the feat/tls-trusted-ca-keys branch 3 times, most recently from 07b7e71 to c887b89 Compare August 12, 2024 07:37
@james-ctc james-ctc force-pushed the feat/tls-trusted-ca-keys branch from 26ca3c7 to c645f67 Compare August 13, 2024 13:10
@james-ctc
Copy link
Contributor Author

Please wait for a review from @AssemblyJohn before merging

@Pietfried review complete, awaiting code owner review/approval.

@james-ctc
feat: add optional support for TLS trusted_ca_keys extension
5fbb02d 
feat: add documentation
fix: consistent type naming convention applied
fix: failed tests
feat: added signal to stop stop server
feat: SA_RESTART flag + notes on client certificates
fix: memory leak
feat: testing non-blocking read
feat: patched test only includes the test that would fail
      on an unpatched OpenSSL
fix: logging to omit filename and line information
fix: partial config support improved where trust anchors are missing

feat: added non-blocking read/write/connect/accept to TLS implementation

non-blocking is selected by specifying timout_ms == 0

fix: improve string copy safety for private key password
feat: simplified ConfigItem class

ConfigItem is now based on std::optional and std::string
reverted condition variable wait since an occasional failure
was occuring during test runs (not seen previously).

fix: revert back to using EVLOG_ rather than calling boost directly
fix: codacy suggestions addressed
fix: more codacy recommendations and review from AW
fix: error when building MBedTLS version
fix: changed to use auto& ref as per review comment
fix: re-enabled unit tests
fix: attempt to fix getting required files to the right place for unit tests
fix: attempt to fix non-patched OpenSSL unit tests

Signed-off-by: James Chapman <[email protected]>
@james-ctc james-ctc force-pushed the feat/tls-trusted-ca-keys branch from c645f67 to 5fbb02d Compare August 14, 2024 09:32
@james-ctc james-ctc merged commit c90c5ee into main Aug 23, 2024
11 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@corneliusclaussen corneliusclaussen corneliusclaussen left review comments

@barsnick barsnick barsnick left review comments

@SebaLukas SebaLukas SebaLukas approved these changes

@Pietfried Pietfried Pietfried approved these changes

@AssemblyJohn AssemblyJohn AssemblyJohn approved these changes

@hikinggrass hikinggrass Awaiting requested review from hikinggrass hikinggrass is a code owner

Assignees

@SebaLukas SebaLukas

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@james-ctc @Pietfried @barsnick @AssemblyJohn @SebaLukas @corneliusclaussen