Chromium Code Reviews
|
|
Chromium Code Reviews
Issue
1550773002:
Update with new default boringssl no-aes cipher suites. Re-enable tests. (Closed)
|
Created:
4 years, 12 months ago by torbjorng (webrtc) Modified:
4 years, 11 months ago CC:
webrtc-reviews_webrtc.org, tterriberry_mozilla.com Base URL:
https://chromium.googlesource.com/external/webrtc.git@master Target Ref:
refs/pending/heads/master Project:
webrtc Visibility:
Public. |
DescriptionUpdate with new default boringssl no-aes cipher suites. Re-enable tests.
This undoes https://codereview.webrtc.org/1533253002 (except the DEPS part).
BUG=webrtc:5381
R=davidben@webrtc.org, henrika@webrtc.org
Committed: https://crrev.com/31c8d2eac5aec977f584ab0ae5a1d457d674f101
Cr-Commit-Position: refs/heads/master@{#11250}
Patch Set 1 #Patch Set 2 : Support old boringssl versions #
Total comments: 8
Patch Set 3 : Revert to patchset #1 #
Messages
Total messages: 21 (9 generated)
The CQ bit was checked by torbjorng@webrtc.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1550773002/1 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1550773002/1
LGTM % (the fact that I don't know these parts)
Description was changed from ========== Update with new default boringssl no-aes cipher suites. Re-enable tests. BUG=webrtc:5381 ========== to ========== Update with new default boringssl no-aes cipher suites. Re-enable tests. This undoes https://codereview.webrtc.org/1533253002 (except the DEPS part). BUG=webrtc:5381 ==========
torbjorng@webrtc.org changed reviewers: + davidben@webrtc.org, henrika@webrtc.org
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: This issue passed the CQ dry run.
https://codereview.webrtc.org/1550773002/diff/20001/webrtc/base/opensslstream... File webrtc/base/opensslstreamadapter.cc (right): https://codereview.webrtc.org/1550773002/diff/20001/webrtc/base/opensslstream... webrtc/base/opensslstreamadapter.cc:164: #ifdef TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 Do you actually need this? Surely by now DEPS rolls should be such that you can assume the new one? https://codereview.webrtc.org/1550773002/diff/20001/webrtc/base/opensslstream... webrtc/base/opensslstreamadapter.cc:168: static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256); So, this is fine, but it seems poor that you'd need to be so over-fit to BoringSSL's defaults. Why even have the test at all? (There's some chance we'll have a last-minute change to this too since the IETF's been mumbling about switching the PRF from SHA256 to SHA384 or something.)
OK, I took out the backwards compatibility checks, assuming everyone is at the bundled boringssl version. I agree the check that we know the defaults of boringssl are a bit strange. PTAL, davidben. https://codereview.webrtc.org/1550773002/diff/20001/webrtc/base/opensslstream... File webrtc/base/opensslstreamadapter.cc (right): https://codereview.webrtc.org/1550773002/diff/20001/webrtc/base/opensslstream... webrtc/base/opensslstreamadapter.cc:164: #ifdef TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 On 2016/01/06 04:04:44, davidben_webrtc wrote: > Do you actually need this? Surely by now DEPS rolls should be such that you can > assume the new one? OK. I added this to for the benefit of third parties I thought may pick up an installed version of boringssl. Reverted back now. https://codereview.webrtc.org/1550773002/diff/20001/webrtc/base/opensslstream... webrtc/base/opensslstreamadapter.cc:168: static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256); On 2016/01/06 04:04:44, davidben_webrtc wrote: > So, this is fine, but it seems poor that you'd need to be so over-fit to > BoringSSL's defaults. Why even have the test at all? (There's some chance we'll > have a last-minute change to this too since the IETF's been mumbling about > switching the PRF from SHA256 to SHA384 or something.) We might want to clean this up at some point, as well as other parts of the tests.
lgtm https://codereview.webrtc.org/1550773002/diff/20001/webrtc/base/opensslstream... File webrtc/base/opensslstreamadapter.cc (right): https://codereview.webrtc.org/1550773002/diff/20001/webrtc/base/opensslstream... webrtc/base/opensslstreamadapter.cc:164: #ifdef TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 On 2016/01/13 13:16:47, torbjorng (webrtc) wrote: > On 2016/01/06 04:04:44, davidben_webrtc wrote: > > Do you actually need this? Surely by now DEPS rolls should be such that you > can > > assume the new one? > > OK. I added this to for the benefit of third parties I thought may pick up an > installed version of boringssl. Reverted back now. Pre-installed versions of BoringSSL are explicitly not supported. The README should be pretty clear on this. It should only be used pinned at particular versions because we don't have any hard promises of ABI/API stability. Just a soft "if every consumer has to change everything all the time, that's kind of annoying" API stability. (Although that soft "stability" is, of course, contingent on consumers not going out of their way to make changing BoringSSL versions hard, as your test seems to be doing. ;-) ) https://codereview.webrtc.org/1550773002/diff/20001/webrtc/base/opensslstream... webrtc/base/opensslstreamadapter.cc:168: static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256); On 2016/01/13 13:16:47, torbjorng (webrtc) wrote: > On 2016/01/06 04:04:44, davidben_webrtc wrote: > > So, this is fine, but it seems poor that you'd need to be so over-fit to > > BoringSSL's defaults. Why even have the test at all? (There's some chance > we'll > > have a last-minute change to this too since the IETF's been mumbling about > > switching the PRF from SHA256 to SHA384 or something.) > > We might want to clean this up at some point, as well as other parts of the > tests. Yeah, I would definitely ask that you change this, though I'm fine with this CL as-is and then you unravel that check as a follow-up. Otherwise we'll probably play this game again and again in the future.
The CQ bit was checked by torbjorng@webrtc.org
The patchset sent to the CQ was uploaded after l-g-t-m from henrika@webrtc.org Link to the patchset: https://codereview.webrtc.org/1550773002/#ps40001 (title: "Revert to patchset #1")
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1550773002/40001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1550773002/40001
The CQ bit was unchecked by commit-bot@chromium.org
Try jobs failed on following builders: android_arm64_rel on tryserver.webrtc (JOB_TIMED_OUT, no build URL)
Description was changed from ========== Update with new default boringssl no-aes cipher suites. Re-enable tests. This undoes https://codereview.webrtc.org/1533253002 (except the DEPS part). BUG=webrtc:5381 ========== to ========== Update with new default boringssl no-aes cipher suites. Re-enable tests. This undoes https://codereview.webrtc.org/1533253002 (except the DEPS part). BUG=webrtc:5381 R=davidben@webrtc.org, henrika@webrtc.org Committed: https://chromium.googlesource.com/external/webrtc/+/31c8d2eac5aec977f584ab0ae... ==========
Message was sent while issue was closed.
Description was changed from ========== Update with new default boringssl no-aes cipher suites. Re-enable tests. This undoes https://codereview.webrtc.org/1533253002 (except the DEPS part). BUG=webrtc:5381 R=davidben@webrtc.org, henrika@webrtc.org Committed: https://chromium.googlesource.com/external/webrtc/+/31c8d2eac5aec977f584ab0ae... ========== to ========== Update with new default boringssl no-aes cipher suites. Re-enable tests. This undoes https://codereview.webrtc.org/1533253002 (except the DEPS part). BUG=webrtc:5381 R=davidben@webrtc.org, henrika@webrtc.org Committed: https://crrev.com/31c8d2eac5aec977f584ab0ae5a1d457d674f101 Cr-Commit-Position: refs/heads/master@{#11250} ==========
Message was sent while issue was closed.
Committed patchset #3 (id:40001) manually as 31c8d2eac5aec977f584ab0ae5a1d457d674f101 (presubmit successful).
Message was sent while issue was closed.
Patchset 3 (id:??) landed as https://crrev.com/31c8d2eac5aec977f584ab0ae5a1d457d674f101 Cr-Commit-Position: refs/heads/master@{#11250}
Message was sent while issue was closed.
https://codereview.webrtc.org/1550773002/diff/20001/webrtc/base/opensslstream... File webrtc/base/opensslstreamadapter.cc (right): https://codereview.webrtc.org/1550773002/diff/20001/webrtc/base/opensslstream... webrtc/base/opensslstreamadapter.cc:164: #ifdef TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 On 2016/01/13 20:42:53, davidben_webrtc wrote: > On 2016/01/13 13:16:47, torbjorng (webrtc) wrote: > > On 2016/01/06 04:04:44, davidben_webrtc wrote: > > > Do you actually need this? Surely by now DEPS rolls should be such that you > > can > > > assume the new one? > > > > OK. I added this to for the benefit of third parties I thought may pick up an > > installed version of boringssl. Reverted back now. > > Pre-installed versions of BoringSSL are explicitly not supported. The README > should be pretty clear on this. It should only be used pinned at particular > versions because we don't have any hard promises of ABI/API stability. Just a > soft "if every consumer has to change everything all the time, that's kind of > annoying" API stability. > > (Although that soft "stability" is, of course, contingent on consumers not going > out of their way to make changing BoringSSL versions hard, as your test seems to > be doing. ;-) ) :-) I cannot take credit for those tests, unfortunately/fortunately. https://codereview.webrtc.org/1550773002/diff/20001/webrtc/base/opensslstream... webrtc/base/opensslstreamadapter.cc:168: static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256); On 2016/01/13 20:42:53, davidben_webrtc wrote: > On 2016/01/13 13:16:47, torbjorng (webrtc) wrote: > > On 2016/01/06 04:04:44, davidben_webrtc wrote: > > > So, this is fine, but it seems poor that you'd need to be so over-fit to > > > BoringSSL's defaults. Why even have the test at all? (There's some chance > > we'll > > > have a last-minute change to this too since the IETF's been mumbling about > > > switching the PRF from SHA256 to SHA384 or something.) > > > > We might want to clean this up at some point, as well as other parts of the > > tests. > > Yeah, I would definitely ask that you change this, though I'm fine with this CL > as-is and then you unravel that check as a follow-up. Otherwise we'll probably > play this game again and again in the future. I suppose somebody added these tests as a test of sanity, and while it has the now observed disadvantage, sanity checks have their obvious advantages. A better test would be "did we get a reasonably strong cipher suite?" as default.
Message was sent while issue was closed.
A revert of this CL (patchset #3 id:40001) has been created in https://codereview.webrtc.org/1586183002/ by sprang@webrtc.org. The reason for reverting is: We're getting boringssl version conflicts. Reverting for now.. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
