Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[tls] Add set min/max TLS version APIs to TLS credentials APIs. #34861

Closed
wants to merge 5 commits into from
Closed

[tls] Add set min/max TLS version APIs to TLS credentials APIs. #34861

wants to merge 5 commits into from

Conversation

rockspore
Copy link
Contributor

Address #28382. This is a recreation of #31368 except e2e tests are not handled here (yet).

@matthewstevenson88 matthewstevenson88 changed the title [tls] Add set min/max TLS version APIs to cpp for ATLS [tls] Add set min/max TLS version APIs to TLS credentials APIs. Nov 2, 2023
@matthewstevenson88 matthewstevenson88 added release notes: no Indicates if PR should not be in release notes area/security labels Nov 2, 2023
matthewstevenson88
matthewstevenson88 reviewed Nov 2, 2023
View reviewed changes
Copy link
Contributor

@matthewstevenson88 matthewstevenson88 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a few minor comments.

Also, once #34859 is merged, could we add to the e2e test where we force TLS 1.2 and force TLS 1.3?

include/grpc/grpc_security.h Outdated Show resolved Hide resolved
include/grpc/grpc_security.h Outdated Show resolved Hide resolved
include/grpcpp/security/tls_credentials_options.h Outdated Show resolved Hide resolved
include/grpcpp/security/tls_credentials_options.h Outdated Show resolved Hide resolved
src/core/lib/security/credentials/tls/tls_credentials.cc Show resolved Hide resolved
rockspore
rockspore commented Nov 2, 2023
View reviewed changes
Copy link
Contributor Author

@rockspore rockspore left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks. Will added e2e tests as a follow up.

src/core/lib/security/credentials/tls/tls_credentials.cc Show resolved Hide resolved
include/grpcpp/security/tls_credentials_options.h Outdated Show resolved Hide resolved
include/grpcpp/security/tls_credentials_options.h Outdated Show resolved Hide resolved
include/grpc/grpc_security.h Outdated Show resolved Hide resolved
include/grpc/grpc_security.h Outdated Show resolved Hide resolved
gtcooke94
gtcooke94 approved these changes Nov 3, 2023
View reviewed changes
Copy link
Contributor

@gtcooke94 gtcooke94 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, one minor comment

src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc Show resolved Hide resolved
test/cpp/server/credentials_test.cc Outdated Show resolved Hide resolved
@rockspore rockspore deleted the tls_version branch December 11, 2023 17:29
matthewstevenson88 pushed a commit to matthewstevenson88/grpc that referenced this pull request Jan 30, 2024
@rockspore @matthewstevenson88
[tls] Add set min/max TLS version APIs to TLS credentials APIs. (grpc…
a300601 
…#34861)

Address grpc#28382. This is a recreation of grpc#31368 except e2e tests are not handled here (yet).

Closes grpc#34861

COPYBARA_INTEGRATE_REVIEW=grpc#34861 from rockspore:tls_version f9a1215
PiperOrigin-RevId: 589847110
@matthewstevenson88 matthewstevenson88 mentioned this pull request Jan 30, 2024
Merged
matthewstevenson88 pushed a commit to matthewstevenson88/grpc that referenced this pull request Feb 2, 2024
@rockspore @matthewstevenson88
[tls] Add set min/max TLS version APIs to TLS credentials APIs. (grpc…
a9c8f94 
…#34861)

Address grpc#28382. This is a recreation of grpc#31368 except e2e tests are not handled here (yet).

Closes grpc#34861

COPYBARA_INTEGRATE_REVIEW=grpc#34861 from rockspore:tls_version f9a1215
PiperOrigin-RevId: 589847110
matthewstevenson88 pushed a commit to matthewstevenson88/grpc that referenced this pull request Feb 2, 2024
@rockspore @matthewstevenson88
[tls] Add set min/max TLS version APIs to TLS credentials APIs. (grpc…
8e8be1d 
…#34861)

Address grpc#28382. This is a recreation of grpc#31368 except e2e tests are not handled here (yet).

Closes grpc#34861

COPYBARA_INTEGRATE_REVIEW=grpc#34861 from rockspore:tls_version f9a1215
PiperOrigin-RevId: 589847110
veblush pushed a commit that referenced this pull request Feb 5, 2024
@matthewstevenson88 @rockspore
[tls] Backport of #34861 to v1.59.x. (#35801)
d610a2b 
Co-authored-by: Luwei Ge <lwge@google.com>
veblush pushed a commit that referenced this pull request Feb 5, 2024
@matthewstevenson88 @rockspore
[tls] Backport of #34861 to v1.56.x. (#35795)
eece0c0 
Co-authored-by: Luwei Ge <lwge@google.com>
veblush added a commit that referenced this pull request Feb 5, 2024
@matthewstevenson88 @rockspore @veblush
[tls] Backport of #34861 to v1.49.x. (#35762)
adbc30b 
Backport of #34861 to 1.49.

---------

Co-authored-by: Luwei Ge <lwge@google.com>
Co-authored-by: Esun Kim <veblush@google.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gtcooke94 gtcooke94 gtcooke94 approved these changes

@markdroth markdroth markdroth approved these changes

@matthewstevenson88 matthewstevenson88 matthewstevenson88 approved these changes

Assignees
No one assigned
Labels
area/security bloat/low lang/c++ lang/core lang/ruby per-call-memory/neutral per-channel-memory/neutral release notes: no Indicates if PR should not be in release notes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@rockspore @gtcooke94 @markdroth @matthewstevenson88