New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: tls cipher suites #7308
fix: tls cipher suites #7308
Conversation
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
/cherry-pick release-1.10 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
NMAP reports 11 ciphers currently
| TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
| TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
| TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A
| TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (secp256r1) - A
| TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
Excluding the undesirable 3DES ones, that would still make 9. You have 6 listed. What was the decision to not include the other 3?
The linter marks them as not safe. |
Ok |
Codecov Report
@@ Coverage Diff @@
## main #7308 +/- ##
=======================================
Coverage 33.97% 33.97%
=======================================
Files 226 226
Lines 22000 22000
=======================================
Hits 7475 7475
Misses 13802 13802
Partials 723 723 📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>
/cherry-pick release-1.9 |
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>
Explanation
This PR fixes tls cipher suites.