Browse Source

[mod_gnutls,mod_mbedtls] recog common cipherstring

recognize and translate a common recommended cipherstring
  "ECDHE+AESGCM:ECDHE+AES256:CHACHA20:!SHA1:!SHA256:!SHA384"

(basically: ECDHE+AESGCM:ECDHE+AES256:CHACHA20
 without CBC ciphers reported as weak by SSLLabs)
master
Glenn Strauss 10 months ago
parent
commit
2403cc4f09
  1. 2
      src/mod_gnutls.c
  2. 2
      src/mod_mbedtls.c

2
src/mod_gnutls.c

@ -3102,6 +3102,8 @@ mod_gnutls_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer *
return 1;
}
else if (0 == strncmp_const(e,
"ECDHE+AESGCM:ECDHE+AES256:CHACHA20:!SHA1:!SHA256:!SHA384")
|| 0 == strncmp_const(e,
"EECDH+AESGCM:AES256+EECDH:CHACHA20:!SHA1:!SHA256:!SHA384")) {
e += sizeof(
"EECDH+AESGCM:AES256+EECDH:CHACHA20:!SHA1:!SHA256:!SHA384")-1;

2
src/mod_mbedtls.c

@ -3367,6 +3367,8 @@ mod_mbedtls_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer
return 1;
}
else if (0 == strncmp_const(e,
"ECDHE+AESGCM:ECDHE+AES256:CHACHA20:!SHA1:!SHA256:!SHA384")
|| 0 == strncmp_const(e,
"EECDH+AESGCM:AES256+EECDH:CHACHA20:!SHA1:!SHA256:!SHA384")) {
e += sizeof(
"EECDH+AESGCM:AES256+EECDH:CHACHA20:!SHA1:!SHA256:!SHA384")-1;

Loading…
Cancel
Save