]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit
projects / FreeBSD / FreeBSD.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0ff2a12) | patch
ktls: Reject some invalid cipher suites.
authorJohn Baldwin <jhb@FreeBSD.org>
Mon, 15 Nov 2021 19:28:56 +0000 (11:28 -0800)
committerJohn Baldwin <jhb@FreeBSD.org>
Mon, 15 Nov 2021 19:30:12 +0000 (11:30 -0800)
commit900a28fe33ef998aaee55cb243f4efa35471da07
treed21ab1fb81f0c3f50a6947470586e2f52743967dtree | snapshot
parent0ff2a12ae32a3a88be63f4036599c1324ce04f78commit | diff
ktls: Reject some invalid cipher suites.

- Reject AES-CBC cipher suites for TLS 1.0 and TLS 1.1 using auth
  algorithms other than SHA1-HMAC.

- Reject AES-GCM cipher suites for TLS versions older than 1.2.

Reviewed by: markj
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D32842
sys/kern/uipc_ktls.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.