[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 31/63: nss: allow to specify TLS 1.3 ciphers if sup
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnurl] 31/63: nss: allow to specify TLS 1.3 ciphers if supported by NSS |
Date: |
Fri, 07 Jun 2019 18:36:53 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to branch master
in repository gnurl.
commit 319ae9075efba769c9d5e98e827bb325ad0fcb6f
Author: Hubert Kario <address@hidden>
AuthorDate: Fri May 17 17:15:24 2019 +0000
nss: allow to specify TLS 1.3 ciphers if supported by NSS
Closes #3916
---
docs/CIPHERS.md | 6 ++++++
lib/vtls/nss.c | 5 +++++
2 files changed, 11 insertions(+)
diff --git a/docs/CIPHERS.md b/docs/CIPHERS.md
index 0b7ccebf9..5c0fffea9 100644
--- a/docs/CIPHERS.md
+++ b/docs/CIPHERS.md
@@ -269,6 +269,12 @@ When specifying multiple cipher names, separate them with
colon (`:`).
`ecdhe_ecdsa_chacha20_poly1305_sha_256`
`dhe_rsa_chacha20_poly1305_sha_256`
+### TLS 1.3 cipher suites
+
+`aes_128_gcm_sha_256`
+`aes_256_gcm_sha_384`
+`chacha20_poly1305_sha_256`
+
## GSKit
Ciphers are internally defined as
diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
index 491def106..3125f0b70 100644
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@@ -216,6 +216,11 @@ static const cipher_s cipherlist[] = {
{"dhe_rsa_chacha20_poly1305_sha_256",
TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256},
#endif
+#ifdef TLS_AES_256_GCM_SHA384
+ {"aes_128_gcm_sha_256", TLS_AES_128_GCM_SHA256},
+ {"aes_256_gcm_sha_384", TLS_AES_256_GCM_SHA384},
+ {"chacha20_poly1305_sha_256", TLS_CHACHA20_POLY1305_SHA256},
+#endif
};
#ifdef WIN32
--
To stop receiving notification emails like this one, please contact
address@hidden.
- [GNUnet-SVN] [gnurl] 56/63: TODO: "at least N milliseconds between requests" [ci skip], (continued)
- [GNUnet-SVN] [gnurl] 56/63: TODO: "at least N milliseconds between requests" [ci skip], gnunet, 2019/06/07
- [GNUnet-SVN] [gnurl] 46/63: http2: Stop drain from being permanently set on, gnunet, 2019/06/07
- [GNUnet-SVN] [gnurl] 19/63: os400: take care of CURLOPT_SASL_AUTHZID in curl_easy_setopt_ccsid()., gnunet, 2019/06/07
- [GNUnet-SVN] [gnurl] 24/63: tool_setopt: for builds with disabled-proxy, skip all proxy setopts(), gnunet, 2019/06/07
- [GNUnet-SVN] [gnurl] 18/63: .github/FUNDING: mention our opencollective "home" [ci skip], gnunet, 2019/06/07
- [GNUnet-SVN] [gnurl] 20/63: md4: build correctly with openssl without MD4, gnunet, 2019/06/07
- [GNUnet-SVN] [gnurl] 16/63: tests: Fix the line endings for the SASL alt-auth tests, gnunet, 2019/06/07
- [GNUnet-SVN] [gnurl] 06/63: examples: remove dead variable stores, gnunet, 2019/06/07
- [GNUnet-SVN] [gnurl] 26/63: sectransp: handle errSSLPeerAuthCompleted from SSLRead(), gnunet, 2019/06/07
- [GNUnet-SVN] [gnurl] 38/63: url: default conn->port to the same as conn->remote_port, gnunet, 2019/06/07
- [GNUnet-SVN] [gnurl] 31/63: nss: allow to specify TLS 1.3 ciphers if supported by NSS,
gnunet <=
- [GNUnet-SVN] [gnurl] 36/63: multi: track users of a socket better, gnunet, 2019/06/07
- [GNUnet-SVN] [gnurl] 28/63: FAQ: more minor updates and spelling fixes, gnunet, 2019/06/07
- [GNUnet-SVN] [gnurl] 34/63: cmake: support CMAKE_OSX_ARCHITECTURES when detecting SIZEOF variables, gnunet, 2019/06/07
- [GNUnet-SVN] [gnurl] 41/63: url: Load if_nametoindex() dynamically from iphlpapi.dll on Windows, gnunet, 2019/06/07
- [GNUnet-SVN] [gnurl] 40/63: http: fix "error: equality comparison with extraneous parentheses", gnunet, 2019/06/07
- [GNUnet-SVN] [gnurl] 48/63: singlesocket: use separate variable for inner loop, gnunet, 2019/06/07
- [GNUnet-SVN] [gnurl] 52/63: test334: verify HTTP 204 response with chunked coding header, gnunet, 2019/06/07
- [GNUnet-SVN] [gnurl] 47/63: RELEASE-NOTES: synced, gnunet, 2019/06/07
- [GNUnet-SVN] [gnurl] 44/63: system_win32: fix function prototype, gnunet, 2019/06/07
- [GNUnet-SVN] [gnurl] 50/63: tls13-docs: mention it is only for OpenSSL >= 1.1.1, gnunet, 2019/06/07