Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update CRT submodules to latest releases (#1230)
Update CRT submodules to latest releases <details> <summary>Full CRT changes</summary> ``` Submodule mountpoint-s3-crt-sys/crt/aws-c-common fadfef4..7a6f5df: > Fix dependency build failure on old cmake versions (#1176) Submodule mountpoint-s3-crt-sys/crt/aws-c-s3 337155f..1c80418: > Improve Copy Operation by taking the Source URI (#482) > Auto - Update S3 Ruleset & Partition (#483) > Fix CI for GCC-13 on Ubuntu-18 (#479) > [s3_client]: retry on failed TLS negotiation (#478) > [s3_meta_request]: Retry on ExpiredToken (#472) > Remove Extra Platform Info That Is Not Used (#475) > Respect checksum header over settings from options (#474) > Add full object checksum callback (#473) Submodule mountpoint-s3-crt-sys/crt/aws-c-sdkutils ce09f79..1ae8664: > Update Config File Parsing Logic to Parse Services Section (#51) > Switch CI to use Roles (#49) Submodule mountpoint-s3-crt-sys/crt/aws-lc 5982853..697acc6: > Prepare release v1.42.0 (#2094) > alignas(16) unsupported w/ GCC 7.2 for ARM32 (#2086) > Update ML-KEM's internal header files to use unique include guards (#2078) > Provide FIPS_is_entropy_cpu_jitter() (#2088) > CMake, use 'NOT WIN32' instead of 'UNIX' (#2075) > Only need libunwind for testing (#2093) > Add more logging for SSL_ERROR_SYSCALL errors in bssl_shim.cc (#2079) > Add more test coverage for Ruby/OpenSSL gem (#2085) > aws-lc-rs scripts now use nightly (#2087) > ML-DSA unique names (#2072) > Fix python tests for upstream PR 128036 (#2080) > Remove algorithms from testmodulewrapper that are now used in the real modulewrapper (#2069) > Fix tpm2-tss CI job (#2076) > [EC] ec_nistp P-256 C scalar_mul_{base|public} (#2033) > No PR license statement check on a merge (#2074) > Migrate 1st batch of CI jobs to CodeBuild (#2067) > Ensure PQDSA test suite has length checks on input signatures and public keys (#2062) > Fix CI for aws-lc-rs (#2073) > Upstream merge 2024 12 13 (#2060) > Modified posix builds to enable dilithium by default (#2034) > Extend documentation for basic BN_foo functions (#2066) > Add PKCS7_print_ctx as a no-op (#2064) > Update BoringSSL benchmark to use C++17 (#2063) > Prune hanging instances longer than 2 hours (#2061) > Add fuzz testing for PKCS7_verify (#2051) > [EC] Use s2n-bignum's modular inversion for P-256/384/521 (#2057) > Fuzzing PKCS7 encrypted inputs (#2027) > Add integration script and CI for ruby 3.1 and 3.2 (#1563) > Bring in testing changes from upstream commit 5ee4e95 (#2048) > [EC] P-256/384/521 s2n-bignum scalar multiplication (#2036) > Use older image with gcc-13 for alpine linux ci (#2054) > Just use releasecheck with tcpdump ci (#2055) > Address fips hash using adrp instead of adr to increase reach (#2053) > Prepare release 1.41.1 (#2052) > s2n-bignum update 2024-12-10 (#2050) > Fix RSAZABI test and enable IFMA based RSA on Windows (#1869) > Upstream merge 2024 12 02 (#2030) > Update FIPS v3.0 draft security policy (#2047) > Switch ML-DSA to use AWS-LC SHA3 (#2001) > Added FIPS 204 documentation, cleanse intermediate values (#2017) > Link to NIST website (#2045) > Prevent accidental null dereference (#2046) > Deprecate recently added PKCS7 functions (#2039) > Allow build on Solaris (#2035) > Use SHA256 as default digest for OCSP signing (#2038) > Add blowfish names to EVP_CIPHER API (#2041) > Initialize arrays as arrays (#2042) > Add AWS-LC-FIPS v3.0 policy docs (#2043) > Implement PKCS7_verify, update PKCS7_sign (#1993) > Move PQDSA to FIPS module (#2032) > Only abort when RSA PWCT fail in FIPS (#2020) > Revert "Trim some redundant Arm feature detection files" (#1979) > Fix perl handling of paths w/ spaces (#2005) > Upstream merge 2024 11 18 (#2012) > Fix CI issues with ML-DSA (#2031) > strdup is not C99 (#2008) > Add ML-DSA-44 and ML-DSA-87 to PQDSA API (#2009) > Coverity fixes for P173127397 (#2014) > Fix strongSwan CI (#2028) > Ran minimise_corpora.sh (#2024) > Expose BN_set_flags as a no-op (#2021) > Fix segfault in PKCS7 test (#2025) > Update aws-lc-nginx.patch for nginx v1.27.3 (#2023) > Fix python 3.13 patch (#2026) > Allow constructed strings in BER parsing (#2015) Submodule mountpoint-s3-crt-sys/crt/s2n-tls 493b771..2e79e7e: > refactor(bench): remove historical benchmarks (#4940) > fix: pem parsing detection of last cert errors (#4908) > docs: specify s2n_blob growable conditions (#4943) > chore(bindings): move tokio examples to dedicated folder (#4954) > chore: fix GHA for merge-queue (#4973) > chore(binding): release 0.3.8 (#4969) > (chore): Installs Nix in AL2023 Buildspec (#4934) > build(deps): bump the all-gha-updates group in /.github/workflows with 5 updates (#4961) > feat(s2n-tls-hyper): Add support for negotiating HTTP/2 (#4924) > tests: allow TLS1.2 with RSA-PSS certs in integ tests (#4949) > ci: update CRT test ubuntu version to ubuntu24 (#4964) > feat(bindings): enable application owned certs (#4937) > ci: batch dependabot updates (#4959) > ci(refactor): deprecate Omnibus (#4953) > build(deps): bump actions/cache from 2.1.4 to 4.1.2 in /.github/workflows (#4928) > build(deps): bump peaceiris/actions-gh-pages from 3 to 4 in /.github/workflows (#4921) > build(deps): bump cross-platform-actions/action from 0.23.0 to 0.26.0 in /.github/workflows (#4951) > build(deps): bump github/codeql-action from 2 to 3 in /.github/workflows (#4917) > ci: add change directory to third-party-src logic (#4950) > feat: TLS1.2 support for RSA-PSS certificates (#4927) > feat: feature probe S2N_LIBCRYPTO_SUPPORTS_ENGINE (#4878) > test(bindings): run unit tests under asan (#4948) > ci(refactor): remove ASAN from Omnibus and GeneralBatch (#4946) > ci(refactor): remove fuzz tests from Omnibus (#4945) > refactor: add a s2n_libcrypto_is_openssl() helper function (#4930) > fix(s2n-tls-hyper): Add proper IPv6 address formatting (#4938) > ci: add openssl-1.0.2-fips to fuzz test (#4942) > ci(refactor): remove Valgrind checks from omnibus and generalBatch (#4913) > fix(bindings): address clippy issues from 1.83 (#4941) > test: pin tests to explicit TLS 1.2/TLS 1.3 policy (#4926) > (chore): Fixes team-label github action (#4935) > chore: add new team member (#4939) > upgrade cmake version to 3.9 (#4933) > ci: add awslc-fips and openssl-1.0.2-fips to valgrind (#4912) > chore(bindings): feature gate network testsa and relax http status assertions (#4907) > chore: Ocsp timeout adjustment (#4866) > build(deps): bump aws-actions/configure-aws-credentials from 4.0.1 to 4.0.2 in /.github/workflows (#4892) > test: expand s2n_record_read testing to both TLS1.3 and TLS1.2 (#4903) > test: pin optional client auth test to a TLS 1.2 policy (#4914) > feat: add alert mappings for certificate errors (#4919) > doc: document generating bindings with prebuilt libs2n (#4872) > ci: Move kTLS test out of GeneralBatch (#4904) > build(deps): bump actions/checkout from 3 to 4 in /.github/workflows (#4888) > test(s2n-tls-hyper): matching on s2n-tls error (#4906) > build(deps): bump nixbuild/nix-quick-install-action from 21 to 29 in /.github/workflows (#4890) > build(deps): bump JulienKode/team-labeler-action from 0.1.1 to 1.3 in /.github/workflows (#4889) > tests: pin tests to a numbered TLS1.2 policy (#4905) > test: remove load system certs functionality for s2n_default_tls13_config (#4897) > doc: add information about s2n-tls software architecture (#4868) > ci: grant dependabot status update permissions (#4898) > ci: fixes for cargo audit (#4895) > test(s2n-tls-hyper): Add localhost http tests (#4838) > test: add rust well-known-endpoint tests (#4884) > chore: bindings release 0.3.7 (#4894) > chore: add a cargo audit action (#4862) > ci: add open fds valgrind check (#4851) ``` </details> </details> ### Does this change impact existing behavior? No. ### Does this change need a changelog entry? No. --- By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and I agree to the terms of the [Developer Certificate of Origin (DCO)](https://developercertificate.org/). --------- Signed-off-by: Ilya Isaev <iisaev@amazon.com> Co-authored-by: Ilya Isaev <iisaev@amazon.com>
- Loading branch information
