You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafficserver.apache.org by "Leif Hedstrom (JIRA)" <ji...@apache.org> on 2015/07/22 10:49:05 UTC
[jira] [Comment Edited] (TS-3787) Don't allow blacklisted HTTP/2
ciphers to use HTTP/2
[ https://issues.apache.org/jira/browse/TS-3787?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14636518#comment-14636518 ]
Leif Hedstrom edited comment on TS-3787 at 7/22/15 8:48 AM:
------------------------------------------------------------
Maybe we need e.g.
{code}
SSLNextProtocolAccept::registerEndpoint(const char *protocol, Continuation *handler, char *whitelisted_ciphers=NULL, char *blacklisted_ciphers=NULL);
{code}
This also opens up the issue of the public APIs, do we also make similar additions to that API? If so, we really have to get that in for 6.0.0, like, right now! Even if it's just adding / changing the prototypes accordingly, without the underlying core code, we should make those API changes now.
was (Author: zwoop):
Maybe we need e.g.
{code}
SSLNextProtocolAccept::registerEndpoint(const char *protocol, Continuation *handler, char *whitelisted_siphers=NULL, char *blacklisted_ciphers=NULL);
{code}
This also opens up the issue of the public APIs, do we also make similar additions to that API? If so, we really have to get that in for 6.0.0, like, right now! Even if it's just adding / changing the prototypes accordingly, without the underlying core code, we should make those API changes now.
> Don't allow blacklisted HTTP/2 ciphers to use HTTP/2
> ----------------------------------------------------
>
> Key: TS-3787
> URL: https://issues.apache.org/jira/browse/TS-3787
> Project: Traffic Server
> Issue Type: Improvement
> Components: HTTP/2
> Reporter: Bryan Call
> Labels: yahoo
> Fix For: 6.1.0
>
>
> Look at the selected cipher and if it is on the blacklist then don't allow the client to use HTTP/2.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)