crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support - go - Fork of Go programming language with my patches.

diff options

author	Roland Shoemaker <rolandshoemaker@gmail.com>	2020-10-15 18:32:20 -0700
committer	Roland Shoemaker <roland@golang.org>	2020-11-10 01:40:27 +0000
commit	9f39a43e0d728721d5a9e2586ce47a57585591c5 (patch)
tree	7c67a9250cd902b928fe4fb56184bc5880651753 /src/database
parent	d36169120199e7f2b8c517fa6d82333496bb0a0a (diff)
download	go-9f39a43e0d728721d5a9e2586ce47a57585591c5.tar.xz

crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support

When either the server or client are lacking hardware support for AES-GCM ciphers, indicated by the server lacking the relevant instructions and by the client not putting AES-GCM ciphers at the top of its preference list, reorder the preference list to de-prioritize AES-GCM based ciphers when they are adjacent to other AEAD ciphers. Also updates a number of recorded openssl TLS tests which previously only specified TLS 1.2 cipher preferences (using -cipher), but not TLS 1.3 cipher preferences (using -ciphersuites), to specify both preferences, making these tests more predictable. Fixes #41181. Change-Id: Ied896c96c095481e755aaff9ff0746fb4cb9568e Reviewed-on: https://go-review.googlesource.com/c/go/+/262857 Run-TryBot: Roland Shoemaker <roland@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Filippo Valsorda <filippo@golang.org> Trust: Roland Shoemaker <roland@golang.org> Trust: Katie Hockman <katie@golang.org>

Diffstat (limited to 'src/database')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: