search

smartdevicelink / sdl_core

SmartDeviceLink In-Vehicle Software and Sample HMI
BSD 3-Clause "New" or "Revised" License
241 stars 244 forks source link

Fix getting SSL context in CryptoManager #3582

Closed AKalinich-Luxoft closed 3 years ago

AKalinich-Luxoft commented 3 years ago

Fixes #3421

This PR is ready for review.

Risk

This PR makes no API changes.

Testing Plan

Covered by unit tests

Summary

This PR fixes way of getting SSL context from SSL connection. Direct access works well in 1.0.2 version, however this field became unavailable in 1.1.1 version which causes SDL build to fail. In order to make this change working on all lib versions as expected, direct access has been replaced with convenient getter function from the same library.

CLA

dboltovskyi commented 3 years ago

@JackLivio Please notice this PR is ready for PMs review.

However we would like stress the following findings regarding the update:

  1. SDL can be built successfully either with lbssl1.0 or libssl1.1
  2. Secure connection can be established successfully with SPT mobile appication
  3. There are issues with ATF and Test Scripts:
    • ATF also requires an update to be built with libssl1.1
    • ATF parallel mode requires an update in Dockerfile to include libssl-dev
    • It looks like new SSL version follow more strict rules regarding self-signed certificates that are used in Test Scripts (from quick view it seems interim certificate has to include CA:true constraint). So existing certificates (please see files/Security) need to be updated (or regenerated)
    • Since these certificates are obtained using generate_test_certificates.py script it might need to be updated as well

Luxoft team is going to create an appropriate updates once investigation is finished.

dboltovskyi commented 3 years ago

@JackLivio Please notice all the issues mentioned in 3582#issuecomment-742630966 are resolved.

Hence this PR (as well as corresponding updates in ATF and Test Scripts) are ready for PMs review.