Sam Clark
Sam Clark
### Resolved issues: None ### Description of changes: Currently, only the s2n-tls-sys crate is tested in CI on PR updates. This PR runs tests and `cargo publish` dry runs on...
### Security issue notifications If you discover a potential security issue in s2n we ask that you notify AWS Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). Please do **not** create a...
### Security issue notifications If you discover a potential security issue in s2n we ask that you notify AWS Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). Please do **not** create a...
### Problem: The following issues were discovered when trying to run V2 tests with additional libcryptos in #3244. Any tests that were affected by these problems were temporarily disabled. When...
### Problem: In the pq_handshake V2 integration test, when the client and server ciphers are both set to PQ_TLS_1_0_2020_12, the expected negotiated cipher is currently set to TLS_AES_256_GCM_SHA384. However, when...
### Problem: Some V2 tests are flaky, and cause problems when running each test multiple times in different build environments, since the flakiness is exaggerated. The tests that appear to...
### Problem: Now that TLS 1.3 is supported in libressl and boringssl, TLS 1.3 should be enabled when building with these libcryptos in s2n-tls. s2n-tls determines if the libcrypto has...
### Problem: Some SSLyze scans fail when building s2n-tls with various libcryptos. Many of these scans result with a "BUG_IN_SSLYZE" error. As such, it's possible that for some scans there...
### Resolved issues: Part of https://github.com/aws/s2n-tls/issues/3499 ### Description of changes: This PR refactors `s2n_x509_validator_validate_cert_chain` to support adding the async CRL callback. A new validator state has been added, `PRE_VALIDATE`, which...
### Resolved issues: Part of https://github.com/aws/s2n-tls/issues/3499 ### Description of changes: This PR adds a new async callback, `s2n_crl_for_cert`, that's triggered in `s2n_x509_validator_validate_cert_chain`. This callback is triggered once for each received...