Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

change(esp-tls): add option to enable/disable the full set of OCSP checks for wolfSSL (IDFGH-13619) #14503

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

change(esp-tls): add option to enable/disable the full set of OCSP checks for wolfSSL (IDFGH-13619) #14503

wants to merge 1 commit into from
+13 −1

Conversation

frankencode
Copy link
Contributor

@frankencode frankencode commented Sep 4, 2024
edited
Loading

I've added an option to enable/disable WOLFSSL_OCSP_CHECKALL when enabling OCSP in esp_tls_wolfssl.c .

@github-actions GitHub Actions
Copy link

github-actions bot commented Sep 4, 2024
edited
Loading

Messages
📖 🎉 Good Job! All checks are passing!

👋 Hello frankencode, we appreciate your contribution to this project!

📘 Please review the project's Contributions Guide for key guidelines on code, documentation, testing, and more.
🖊️ Please also make sure you have read and signed the Contributor License Agreement for this project.
Click to see more instructions ...


This automated output is generated by the PR linter DangerJS, which checks if your Pull Request meets the project's requirements and helps you fix potential issues.

DangerJS is triggered with each push event to a Pull Request and modify the contents of this comment.

Please consider the following:
- Danger mainly focuses on the PR structure and formatting and can't understand the meaning behind your code or changes.
- Danger is not a substitute for human code reviews; it's still important to request a code review from your colleagues.
- To manually retry these Danger checks, please navigate to the Actions tab and re-run last Danger workflow.

Review and merge process you can expect ...


We do welcome contributions in the form of bug reports, feature requests and pull requests via this public GitHub repository.

This GitHub project is public mirror of our internal git repository

1. An internal issue has been created for the PR, we assign it to the relevant engineer.
2. They review the PR and either approve it or ask you for changes or clarifications.
3. Once the GitHub PR is approved, we synchronize it into our internal git repository.
4. In the internal git repository we do the final review, collect approvals from core owners and make sure all the automated tests are passing.
- At this point we may do some adjustments to the proposed change, or extend it by adding tests or documentation.
5. If the change is approved and passes the tests it is merged into the default branch.
5. On next sync from the internal git repository merged change will appear in this public GitHub repository.

Generated by 🚫 dangerJS against ba27281

@frankencode frankencode changed the title change(esp-tls): add option to enable/disable the full set of OCSP ch… change(esp-tls): add option to enable/disable the full set of OCSP checks for wolfSSL Sep 4, 2024
@espressif-bot espressif-bot added the Status: Opened Issue is new label Sep 4, 2024
@github-actions github-actions bot changed the title change(esp-tls): add option to enable/disable the full set of OCSP checks for wolfSSL change(esp-tls): add option to enable/disable the full set of OCSP checks for wolfSSL (IDFGH-13619) Sep 4, 2024
AdityaHPatwardhan
AdityaHPatwardhan reviewed Sep 20, 2024
View reviewed changes
components/esp-tls/Kconfig Outdated
@@ -115,4 +115,12 @@ menu "ESP-TLS"
help
Enable detailed debug prints for wolfSSL SSL library.

config ESP_WOLFSSL_OCSP_CHECKALL
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you please move this config option to esp-wolfssl component?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Indeed, I can do so. The reason it is here is because it currently affects only esp-tls in its behavior of enabling OCSP on the TLS session through certain optional wolfSSL library calls. It won't affect the wolfSSL component itself.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, I was first confused with the name being ESP_WOLFSSL.
Maybe it would be better to change this config option as ESP_TLS_OCSP_CHECKALL
Other things can remain the same

@AdityaHPatwardhan
Copy link
Collaborator

@frankencode Thanks for the change.
Just one thing as mentioned above but otherwise the PR looks good to me.

@frankencode
Copy link
Contributor Author

OK, I've fixed that Kconfig to proper "ESP_TLS_" prefix.

@frankencode
Copy link
Contributor Author

Done.

@AdityaHPatwardhan
Copy link
Collaborator

sha=ba27281c3ed7c3ee174db5bd75f4dc7cd698c241

@AdityaHPatwardhan AdityaHPatwardhan added the PR-Sync-Merge Pull request sync as merge commit label Sep 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AdityaHPatwardhan AdityaHPatwardhan AdityaHPatwardhan approved these changes

Assignees
No one assigned
Labels
PR-Sync-Merge Pull request sync as merge commit Status: Opened Issue is new
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@frankencode @AdityaHPatwardhan @espressif-bot