On Mon, Oct 9, 2023 at 4:39 PM Christopher Schultz <ch...@christopherschultz.net> wrote: > > All, > > I was cleaning some things up today and I found this patch in my tomcat > fork. I tried to find the place where I found these cipher suite aliases > and I think it's only present in CloudFlare's documentation[1]. > > Is this patch at all useful?
I thinkMark is always syncing with the OpenSSL upstream cipher list. So it never fully matches with derivatives and distro packaged ones basically. Rémy > -chris > > [1] > https://developers.cloudflare.com/ssl/origin-configuration/cipher-suites/ > > ==== CUT ==== > > diff --git a/java/org/apache/tomcat/util/net/openssl/ciphers/Cipher.java > b/java/org/apache/tomcat/util/net/openssl/ciphers/Cipher.java > index a5aee1292d..e433f5987f 100644 > --- a/java/org/apache/tomcat/util/net/openssl/ciphers/Cipher.java > +++ b/java/org/apache/tomcat/util/net/openssl/ciphers/Cipher.java > @@ -2713,7 +2713,7 @@ public enum Cipher { > 128, > 128, > null, > - null > + new String[] { "AEAD-AES128-GCM-SHA256" } > ), > // Cipher 1302 > TLS_AES_256_GCM_SHA384( > @@ -2730,7 +2730,7 @@ public enum Cipher { > 256, > 256, > null, > - null > + new String[] { "AEAD-AES256-GCM-SHA384" } > ), > // Cipher 1303 > TLS_CHACHA20_POLY1305_SHA256( > @@ -2747,7 +2747,7 @@ public enum Cipher { > 256, > 256, > null, > - null > + new String[] { "AEAD-CHACHA20-POLY1305-SHA256" } > ), > // Cipher 1304 > TLS_AES_128_CCM_SHA256( > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
