Browse Source
Merge pull request #146 from miodragpop/hush3-tls
Patch: openssl config to build support for TLS_CHACHA20_POLY1305_SHA256 cipher
master
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with
12 additions and
2 deletions
depends/packages/openssl.mk
src/hush/tlsmanager.cpp
@ -15,7 +15,7 @@ $(package)_config_opts+=no-blake2
$(package)_config_opts += no-camellia
#$(package)_config_opts+=no-capieng
$(package)_config_opts += no-cast
$(package)_config_opts += no-chacha
#$(package)_config_opts+=no-chacha
$(package)_config_opts += no-cmac
$(package)_config_opts += no-cms
#$(package)_config_opts+=no-comp
@ -45,7 +45,7 @@ $(package)_config_opts+=no-multiblock
$(package)_config_opts += no-nextprotoneg
$(package)_config_opts += no-ocb
#$(package)_config_opts+=no-ocsp
$(package)_config_opts += no-poly1305
#$(package)_config_opts+=no-poly1305
#$(package)_config_opts+=no-posix-io
$(package)_config_opts += no-psk
$(package)_config_opts += no-rc2
@ -205,6 +205,16 @@ SSL_CTX* TLSManager::initCtx(
}
}
SSL_CTX_set_cipher_list ( tlsCtx , " " ) ; // removes all <= TLS1.2 ciphers
SSL_CTX_set_ciphersuites ( tlsCtx , " TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256 " ) ; // default is "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256"
STACK_OF ( SSL_CIPHER ) * sk = SSL_CTX_get_ciphers ( tlsCtx ) ;
for ( int i = 0 ; i < sk_SSL_CIPHER_num ( sk ) ; i + + )
{
const SSL_CIPHER * c = sk_SSL_CIPHER_value ( sk , i ) ;
LogPrintf ( " DEBUG TLS: AVAILABLE CIPHER %s \n " , SSL_CIPHER_get_name ( c ) ) ;
}
return tlsCtx ;
}
/**