nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-30 23:53:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Re-run gen_server_ciphers

Browse Source
This commit is contained in:
Nick Mathewson 2017-01-24 15:30:35 -05:00
parent 8a9eca1267
commit 363be43df3
2 changed files with 17 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
changes/server_cipher Normal file
View File

@ -0,0 +1,3 @@
o Minor features (ciphersuite choices):
- Allow servers to accept a wider range of ciphersuites, including
chacha20-poly1305 and AES-CCM. Closes the other part of 15426.

16
src/common/tortls.c
View File

@ -585,6 +585,12 @@ static const char UNRESTRICTED_SERVER_CIPHER_LIST[] =
#ifdef TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 #ifdef TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 ":" TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 ":"
#endif #endif
#ifdef TLS1_TXT_DHE_RSA_WITH_AES_256_CCM
TLS1_TXT_DHE_RSA_WITH_AES_256_CCM ":"
#endif
#ifdef TLS1_TXT_DHE_RSA_WITH_AES_128_CCM
TLS1_TXT_DHE_RSA_WITH_AES_128_CCM ":"
#endif
#ifdef TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 #ifdef TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256
TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 ":" TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 ":"
#endif #endif
@ -594,8 +600,14 @@ static const char UNRESTRICTED_SERVER_CIPHER_LIST[] =
/* Required */ /* Required */
TLS1_TXT_DHE_RSA_WITH_AES_256_SHA ":" TLS1_TXT_DHE_RSA_WITH_AES_256_SHA ":"
/* Required */ /* Required */
TLS1_TXT_DHE_RSA_WITH_AES_128_SHA TLS1_TXT_DHE_RSA_WITH_AES_128_SHA ":"
; #ifdef TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305
TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 ":"
#endif
#ifdef TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305
TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305
#endif
;
/* Note: to set up your own private testing network with link crypto /* Note: to set up your own private testing network with link crypto
* disabled, set your Tors' cipher list to * disabled, set your Tors' cipher list to