Comments (6)
Pull request enabling TLS v1.3 here: #150
F A N T A S T I C ! :-)
from gct.
The following is a list of files in our repo at 4361e1e that seem to include OpenSSL headers:
gct$ grep -nr '#include <openssl/' * | cut -d ':' -f1 | sort -u
gass/copy/source/globus_gass_copy.c
gass/copy/source/globus_gass_copy.h
gass/copy/source/globus_url_copy.c
gram/jobmanager/source/globus_gram_job_manager_gsi.c
gridftp/hdfs/src/gridftp_hdfs_cksm.c
gridftp/hdfs/src/gridftp_hdfs.h
gridftp/server/src/globus_i_gfs_data.c
gridftp/server/src/modules/file/globus_gridftp_server_file.c
gsi/gridmap_eppn_callout/globus_gridmap_eppn.c
gsi/gridmap_verify_myproxy_callout/globus_gridmap_verify_myproxy.c
gsi/gssapi/source/configure.ac
gsi/gssapi/source/test/gssapi_inquire_sec_ctx_by_oid_test.c
gsi/gssapi/source/test/mech_compatibility_test.c
gsi/proxy/proxy_ssl/source/library/proxycertinfo.c
gsi/proxy/proxy_ssl/source/library/proxycertinfo.h
gsi/proxy/proxy_ssl/source/library/proxypolicy.c
gsi/proxy/proxy_ssl/source/library/proxypolicy.h
gsi/proxy/proxy_ssl/source/test/test_proxycertinfo.c
gsi/proxy/proxy_utils/source/programs/grid-cert-diagnostics.c
myproxy/source/certauth_extensions.c
myproxy/source/myproxy_common.h
myproxy/source/myproxy_ocsp_aia.c
myproxy/source/myproxy_ocsp_aia.h
myproxy/source/myproxy_ocsp.c
myproxy/source/myproxy_ocsp.h
myproxy/source/ssl_utils.h
myproxy/source/voms_utils.h
packaging/debian/gsi-openssh/debian/patches/hpn-14.13-isshd.v3.19.1.patch
packaging/debian/gsi-openssh/debian/patches/hpn_isshd-gsi.7.5p1b.patch
packaging/debian/gsi-openssh/debian/patches/hpn_isshd-gsi_ossl.7.5p1b.patch
packaging/debian/gsi-openssh/debian/patches/openssh-7_5_P1-hpn-14.13.diff
...and might need patching to support TLS1.3. Not that many I think, although that doesn't say something about the amount of code that needs to be patched.
Or are changes only needed for the files in gsi/gssapi
?
from gct.
It is the gsi/gssapi that needs to be ported. It is not that many files, true. But it is complicated. The establishment of the GSI connection interacts at a very low level with the establishment of the TLS connection, and there are significant differences between TLS 1.2 and 1.3 in the way the connection is negotiated between the client and the server.
from gct.
Referencing https://github.com/ellert/gct/tree/tls-v1.3 here.
from gct.
Pull request enabling TLS v1.3 here: #150
from gct.
Fixed in GCT 6.2.20210826 maintenance release.
from gct.
Related Issues (20)
- fail to compiler gct-6.2 because of openssl HOT 3
- Can't install gct-toolkit release gct-6.2.20210826 HOT 13
- fail to globus-job-run becasue of no permission to access tmp directory on execution node
- globus-gridftp, globus-gram5 and globus-gsi not found HOT 1
- globus_gsi_cert_utils_error.c:42: possible missing "," ? HOT 5
- globus-job-run fails because the job manager failed to create an internal script argument file HOT 2
- where is MDS in GT6 HOT 2
- globus-job-run fails because of no permission to tmp directory HOT 2
- DNS error on repo.gridcf.org HOT 3
- TLSv1.3 handling incorrectly assumes exactly two tickets will be sent
- Weak GSSAPIKexAlgorithms ciphers detected HOT 5
- grid-proxy-init w/OpenSSL 3.x: Weakly encrypted PKCS#12 keystores can't be processed HOT 1
- pipeline doesn't work: ERROR: too many url strings specified HOT 6
- Typo in globus_gsi_system_config.c HOT 1
- autoreconf failure: files not found HOT 1
- Build error: undefined reference to `FIPS_mode' HOT 9
- confusion between ASN1_UTCTIME and ASN1_GENERALIZEDTIME HOT 5
- Lack of IO error checks generate incorrect file checksums HOT 4
- Unknown/unsupported OpenSSL version ("30100040 (OpenSSL 3.1.4 24 Oct 2023)") HOT 9
- RHEL9 clients and dCache on java-17 compatibility HOT 22
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gct.