Conversation
ejohnstown
force-pushed
the
vvv
branch
2 times, most recently
from
d7ec4bb to
4c7062f
Compare
There was a problem hiding this comment.
Pull Request Overview
This PR implements a soft-disable mechanism for AES-CBC by introducing a new preprocessor flag and updates the test and client example code to reflect configurable encryption settings.
- Introduces new macros for adding string and integer arguments in kex tests
- Adds the WOLFSSH_NO_AES_CBC_SOFT_DISABLE flag and integrates it in the advertised cipher list
- Updates the example client to accept a custom cipher list via command-line arguments
Reviewed Changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| tests/kex.c | Refactors argument addition using new ADD_ARG macros; expands client and server argument arrays to support additional options |
| src/internal.c | Adds new soft disable flag for AES-CBC and adjusts advertised cipher list accordingly |
| examples/client/client.c | Adds command-line support to specify a custom encryption algorithm list |
1. By default, soft disable AES-CBC. It isn't offered as a default encrypt algorithm, but may be set at runtime. 2. Add guard where AES-CBC can be added back as a default. 3. Add option to example client to run it with a custom encrypt algorithm list. 4. In the client, add macro to add items to the arg lists while checking the number of items in the list.
There was a problem hiding this comment.
Pull Request Overview
This PR soft disables AES-CBC by default while allowing its re-enablement through a runtime flag, and it adds new macros to safely build command-line argument lists for testing and client usage. Key changes include:
- Introduction of the ADD_ARG and ADD_ARG_INT macros in tests/kex.c to build argument lists.
- Addition of the WOLFSSH_NO_AES_CBC_SOFT_DISABLE flag and update to the encryption algorithm list in src/internal.c.
- Updates to the client usage message and argument parsing in examples/client/client.c.
Reviewed Changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| tests/kex.c | Added macros for argument list management and updated argument-building calls for server and client configurations. |
| src/internal.c | Introduced WOLFSSH_NO_AES_CBC_SOFT_DISABLE and modified the encryption algorithm list condition. |
| examples/client/client.c | Updated help text and command-line parsing to support a custom cipher list. |
|
This PR appears to be unmergeable due to a bug in githib (see https://github.com/orgs/community/discussions/144455) A trick that often works is to close and reopen a PR. I've used that to clear a rebase conflict (the instant-dismissed-review syndrome). Doesn't work here. |
|
No problem merging for me, once I resolved the open conversation I could see. |
|
Thanks @LinuxJedi -- not sure if I was missing something or if something changed, but all's well that ends well. |
4 participants
(ZD 19606)