toidiu
commented
1 month ago While executing the https://github.com/aws/s2n-tls/issues/4765 to auto-pin config/connection to a numbered policy, we discovered that some tests in-fact do want to test the "default" policy. This means that pinning these policies would result in testing regression.
The same reasoning also applies to the explicit usage in our tests and we need to carefully audit those tests before pinning those policies. Closing this PR until we have a better plan.
Description of changes:
A follow up to https://github.com/aws/s2n-tls/pull/4750 but for the "default_fips" security policy.
As a modern TLS library, s2n-tls aims to provide sane default. To uphold this promise, we are planning to add TLS1.3 support to the "default" and "default_fips" policies. However, making this change can result in broken tests since connections will now negotiate TLS1.3 and we have to assume that old tests were written to assume that TLS1.2 would be negotiated.
To prevent this regression, this PR detects "explicit" usage of the "default_fips" policy (no offending usage were found). The few uses were deemed acceptable since they were interested in testing the "default_fips" policy. Both the C and Rust codebase were audited for "default_fips" security policy usage.
Call-outs:
The detection logic can be viewed by looking at the detection logic cleanup commit.
The PR also adds an additional check to grep_simple_mistakes.sh
Testing:
Tests should continue to pass.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.