New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Log if the user tries to explicit set TLSv1.3 ciphers and using Borin… #11392
Conversation
…gSSL Motivation: At the moment BoringSSL doesnt support explicit set the TLSv1.3 ciphers that should be used. If TLSv1.3 should be used it just enables all ciphers. We should better log if the user tries to explicit set a specific ciphers and using BoringSSL to inform the user that what is tried doesnt really work. Modifications: Log if the user tries to not use all TLSv1.3 ciphers and use BoringSSL Result: Easier for the user to understand why always all TLSv1.3 ciphers are enabled when using BoringSSL
e9dc889
to
06de483
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Related to #10172. Looks good. :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just one nit
Co-authored-by: Trustin Lee <trustin@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🚀
…gSSL (#11392) Motivation: At the moment BoringSSL doesnt support explicit set the TLSv1.3 ciphers that should be used. If TLSv1.3 should be used it just enables all ciphers. We should better log if the user tries to explicit set a specific ciphers and using BoringSSL to inform the user that what is tried doesnt really work. Modifications: Log if the user tries to not use all TLSv1.3 ciphers and use BoringSSL Result: Easier for the user to understand why always all TLSv1.3 ciphers are enabled when using BoringSSL Co-authored-by: Trustin Lee <trustin@gmail.com>
…gSSL (netty#11392) Motivation: At the moment BoringSSL doesnt support explicit set the TLSv1.3 ciphers that should be used. If TLSv1.3 should be used it just enables all ciphers. We should better log if the user tries to explicit set a specific ciphers and using BoringSSL to inform the user that what is tried doesnt really work. Modifications: Log if the user tries to not use all TLSv1.3 ciphers and use BoringSSL Result: Easier for the user to understand why always all TLSv1.3 ciphers are enabled when using BoringSSL Co-authored-by: Trustin Lee <trustin@gmail.com>
…gSSL
Motivation:
At the moment BoringSSL doesnt support explicit set the TLSv1.3 ciphers that should be used. If TLSv1.3 should be used it just enables all ciphers. We should better log if the user tries to explicit set a specific ciphers and using BoringSSL to inform the user that what is tried doesnt really work.
Modifications:
Log if the user tries to not use all TLSv1.3 ciphers and use BoringSSL
Result:
Easier for the user to understand why always all TLSv1.3 ciphers are enabled when using BoringSSL