Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

nss: allow to specify TLS 1.3 ciphers if supported by NSS #3916

Closed
wants to merge 1 commit into from

Conversation

@kdudka
Copy link
Collaborator

commented May 21, 2019

No description provided.

@bagder bagder added the SSL/TLS label May 21, 2019
@@ -216,6 +216,11 @@ static const cipher_s cipherlist[] = {
{"dhe_rsa_chacha20_poly1305_sha_256",
TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256},
#endif
#ifdef TLS_AES_256_GCM_SHA384

This comment has been minimized.

Copy link
@jay

jay May 22, 2019

Member

How did you come up with this as opposed to TLS_CHACHA20_POLY1305_SHA256? In other words if TLS_AES_256_GCM_SHA384 is defined then TLS_CHACHA20_POLY1305_SHA256 is definitely defined?

This comment has been minimized.

Copy link
@kdudka

kdudka May 22, 2019

Author Collaborator

How did you come up with this as opposed to TLS_CHACHA20_POLY1305_SHA256?

I did not, @tomato42 did.

In other words if TLS_AES_256_GCM_SHA384 is defined then TLS_CHACHA20_POLY1305_SHA256 is definitely defined?

I think so. All the defines were introduced in a single commit:

nss-dev/nss@e272467#diff-61a352311f838d5a89d178abc1f4bb6aR207

This comment has been minimized.

Copy link
@jay

jay May 23, 2019

Member

Ok. Please add them to the NSS section of CIPHERS.md. Are they set using CURLOPT_TLS13_CIPHERS? OpenSSL CIPHERS has a separate section for TLS 1.3 ciphers, is something similar is needed for NSS?

This comment has been minimized.

Copy link
@tomato42

tomato42 May 23, 2019

Contributor

OpenSSL uses separate API for setting TLS 1.3 ciphers, NSS doesn't

@bagder
bagder approved these changes May 24, 2019
@kdudka

This comment has been minimized.

Copy link
Collaborator Author

commented May 27, 2019

Thanks for review! Merging...

@kdudka kdudka closed this in 319ae90 May 27, 2019
@kdudka kdudka deleted the kdudka:nss-ciphers branch May 27, 2019
@lock lock bot locked as resolved and limited conversation to collaborators Aug 25, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
4 participants
You can’t perform that action at this time.