Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Actually implement UnsafeLegacyServerConnect as documented #18296

Closed
wants to merge 3 commits into from
Closed

Actually implement UnsafeLegacyServerConnect as documented #18296

wants to merge 3 commits into from

Conversation

t8m
Copy link
Member

@t8m t8m commented May 12, 2022
edited

We documented the option in 3.0 but we forgot to implement it.

Fixes #18295

@t8m t8m added branch: master Merge to master branch approval: review pending This pull request needs review by a committer approval: otc review pending This pull request needs review by an OTC member triaged: bug The issue/pr is/fixes a bug branch: 3.0 Merge to openssl-3.0 branch labels May 12, 2022
@mattcaswell
Copy link
Member

The -legacy_server_connect

    SSL_CONF_CMD_SWITCH("legacy_server_connect", SSL_CONF_FLAG_CLIENT),

and -no_legacy_server_connect

    SSL_CONF_CMD_SWITCH("no_legacy_server_connect", SSL_CONF_FLAG_SERVER),

command line options, defined in the same file, also look suspect to me. At least one is defined as a client flag and one is defined as a server flag??

@t8m
Copy link
Member Author

t8m commented May 12, 2022

I've added a fix for the client/server mismatch for no_legacy_server_connect option.

@t8m
Copy link
Member Author

t8m commented May 24, 2022

ping for reviews

@kaduk kaduk removed the approval: review pending This pull request needs review by a committer label May 24, 2022
@paulidale paulidale added approval: done This pull request has the required number of approvals and removed approval: otc review pending This pull request needs review by an OTC member labels May 24, 2022
@openssl-machine openssl-machine removed the approval: done This pull request has the required number of approvals label May 26, 2022
@openssl-machine
Copy link
Collaborator

This pull request is ready to merge

@openssl-machine openssl-machine added the approval: ready to merge The 24 hour grace period has passed, ready to merge label May 26, 2022
@t8m
Copy link
Member Author

t8m commented May 27, 2022

Merged to master and 3.0 branches. Thank you for your reviews.

@t8m t8m closed this May 27, 2022
openssl-machine pushed a commit that referenced this pull request May 27, 2022
@t8m
Actually implement UnsafeLegacyServerConnect as documented
65b2bb9 
Fixes #18295

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from #18296)
openssl-machine pushed a commit that referenced this pull request May 27, 2022
@t8m
The -no_legacy_server_connect option applies to client
d1b3b67 
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from #18296)
openssl-machine pushed a commit that referenced this pull request May 27, 2022
@t8m
Check that UnsafeLegacyServerConnect option exists
abe9010 
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from #18296)
openssl-machine pushed a commit that referenced this pull request May 27, 2022
@t8m
Actually implement UnsafeLegacyServerConnect as documented
1e5d20b 
Fixes #18295

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from #18296)

(cherry picked from commit 65b2bb9)
openssl-machine pushed a commit that referenced this pull request May 27, 2022
@t8m
The -no_legacy_server_connect option applies to client
4381221 
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from #18296)

(cherry picked from commit d1b3b67)
openssl-machine pushed a commit that referenced this pull request May 27, 2022
@t8m
Check that UnsafeLegacyServerConnect option exists
6537beb 
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from #18296)

(cherry picked from commit abe9010)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mattcaswell mattcaswell mattcaswell left review comments

@kaduk kaduk kaduk approved these changes

@paulidale paulidale paulidale approved these changes

Assignees
No one assigned
Labels
approval: ready to merge The 24 hour grace period has passed, ready to merge branch: master Merge to master branch branch: 3.0 Merge to openssl-3.0 branch triaged: bug The issue/pr is/fixes a bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

UnsafeLegacyServerConnect option described in SSL_CONF_cmd man page has no effect?
5 participants
@t8m @mattcaswell @openssl-machine @kaduk @paulidale