m4sterchain opened a new pull request #193: RA no more panic URL: https://github.com/apache/incubator-teaclave/pull/193 ## Description This is a follow up of PR #190, and it finally resolves the issue of issue #61. The RACache renewal logic is into two functions - `ra::init_ra_credential` (returns a Result) - This function is called during the enclave initialization phase, the inner RA error (if any) would finally propagated to `_core::init_service`. - `get_current_ra_credential()` (always returns a RACredential) - This function is called before each TLS handshake. If there is an inner RA error during the renewal process, we will not update the RACache. The existing (expired) RACredential is returned, which will lead to an TLS handshake error if the other side validate the target correctly. ## Type of change (select applied and DELETE the others) - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected) - [ ] API change with a documentation update - [ ] Additional test coverage - [ ] Code cleanup or just sync with upstream third-party crates ## How Has This Been Tested? ## Checklist (check ALL before submitting PR, even not applicable) - [ ] Fork the repo and create your branch from `master`. - [ ] If you've added code that should be tested, add tests. - [ ] If you've changed APIs, update the documentation. - [ ] Ensure the tests pass (see CI results). - [ ] Make sure your code lints/format.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
