nihilist/tor - tor - Git with a cup of Datura seeds

nihilist/tor

Fork 0

mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-28 06:13:31 +01:00

Commit Graph

Author	SHA1	Message	Date
Nick Mathewson	25afecdbf9	Make ECDHE group configurable: 224 for public, 256 for bridges (default)	2012-12-25 20:22:46 -05:00
Nick Mathewson	175b2678d7	Let servers choose better ciphersuites when clients support them This implements the server-side of proposal 198 by detecting when clients lack the magic list of ciphersuites that indicates that they're lying faking some ciphers they don't really have. When clients lack this list, we can choose any cipher that we'd actually like. The newly allowed ciphersuites are, currently, "All ECDHE-RSA ciphers that openssl supports, except for ECDHE-RSA-RC4". The code to detect the cipher list relies on on (ab)use of SSL_set_session_secret_cb.	2012-12-25 20:14:07 -05:00

Author

SHA1

Message

Date

Nick Mathewson

25afecdbf9

Make ECDHE group configurable: 224 for public, 256 for bridges (default)

2012-12-25 20:22:46 -05:00

Nick Mathewson

175b2678d7

Let servers choose better ciphersuites when clients support them

This implements the server-side of proposal 198 by detecting when
clients lack the magic list of ciphersuites that indicates that
they're lying faking some ciphers they don't really have.  When
clients lack this list, we can choose any cipher that we'd actually
like.  The newly allowed ciphersuites are, currently, "All ECDHE-RSA
ciphers that openssl supports, except for ECDHE-RSA-RC4".

The code to detect the cipher list relies on on (ab)use of
SSL_set_session_secret_cb.

2012-12-25 20:14:07 -05:00

2 Commits