test: disallow explict use of "default_fips" policy in tests #4781
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
10 tasks
goatgoose
approved these changes
Sep 24, 2024
toidiu
force-pushed
the
ak-explicitDefaultPolicyFips
branch
from
f089ad2 to
695c27d
Compare
dougch
approved these changes
Sep 25, 2024
lrstewart
added
the
do_not_merge
|
While executing the #4765 to auto-pin config/connection to a numbered policy, we discovered that some tests in-fact do want to test the "default" policy. This means that pinning these policies would result in testing regression. The same reasoning also applies to the explicit usage in our tests and we need to carefully audit those tests before pinning those policies. Closing this PR until we have a better plan. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of changes:
A follow up to #4750 but for the "default_fips" security policy.
As a modern TLS library, s2n-tls aims to provide sane default. To uphold this promise, we are planning to add TLS1.3 support to the "default" and "default_fips" policies. However, making this change can result in broken tests since connections will now negotiate TLS1.3 and we have to assume that old tests were written to assume that TLS1.2 would be negotiated.
To prevent this regression, this PR detects "explicit" usage of the "default_fips" policy (no offending usage were found). The few uses were deemed acceptable since they were interested in testing the "default_fips" policy. Both the C and Rust codebase were audited for "default_fips" security policy usage.
Call-outs:
The detection logic can be viewed by looking at the detection logic cleanup commit.
The PR also adds an additional check to grep_simple_mistakes.sh
Testing:
Tests should continue to pass.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.