luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4e2c45110c
curl/lib/vtls
History
Jan Venekamp 4e2c45110c
sectransp: remove large cipher table 
Previously a large table of ciphers was used to determine the default
ciphers and to lookup manually selected ciphers names.

With the lookup of the manually selected cipher names moved to
Curl_cipher_suite_walk_str() the large table is no longer needed for
that purpose.

The list of manually selected cipher can now be intersected with the
ciphers supported by Secure Transport (SSLGetSupportedCiphers()),
instead of using the fixed table for that.

The other use of the table was to filter the list of all supported
ciphers offered by Secure Transport to create a list of ciphers to
use by default, excluding ciphers in the table marked as weak.

Instead of using a complement based approach (exclude weak), switch
to using an intersection with a smaller list of ciphers deemed
appropriate.

Closes #13823
2024-06-01 11:00:06 +02:00
..
bearssl.c multi: add multi->proto_hash, a key-value store for protocol data 2024-05-26 00:15:01 +02:00
bearssl.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
cipher_suite.c sectransp: use common code for cipher suite lookup 2024-05-29 13:08:14 +02:00
cipher_suite.h sectransp: use common code for cipher suite lookup 2024-05-29 13:08:14 +02:00
gtls.c openssl/gnutls: rectify the TLS version checks for QUIC 2024-05-28 10:39:02 +02:00
gtls.h gnutls: lazy init the trust settings 2024-04-11 08:59:25 +02:00
hostcheck.c gskit: remove 2023-08-07 20:57:48 +02:00
hostcheck.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
keylog.c tls: use shared init code for TCP+QUIC 2024-04-09 09:08:05 +02:00
keylog.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
mbedtls_threadlock.c mbedtls: properly cleanup the thread-shared entropy 2024-03-12 03:09:37 -04:00
mbedtls_threadlock.h tidy-up: one comment and EOF newlines 2024-03-12 15:38:44 +00:00
mbedtls.c multi: add multi->proto_hash, a key-value store for protocol data 2024-05-26 00:15:01 +02:00
mbedtls.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
openssl.c openSSL: fix hostname handling when using ECH 2024-06-01 10:48:23 +02:00
openssl.h openssl: stop duplicate ssl key logging for legacy OpenSSL 2024-05-24 15:22:53 -04:00
rustls.c multi: add multi->proto_hash, a key-value store for protocol data 2024-05-26 00:15:01 +02:00
rustls.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
schannel_int.h multi: add multi->proto_hash, a key-value store for protocol data 2024-05-26 00:15:01 +02:00
schannel_verify.c build: enable missing OpenSSF-recommended warnings, with fixes 2023-12-16 13:12:37 +00:00
schannel.c multi: add multi->proto_hash, a key-value store for protocol data 2024-05-26 00:15:01 +02:00
schannel.h build: do not publish HAVE_BORINGSSL, HAVE_AWSLC macros 2023-10-08 22:29:45 +00:00
sectransp.c sectransp: remove large cipher table 2024-06-01 11:00:06 +02:00
sectransp.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
vtls_int.h multi: add multi->proto_hash, a key-value store for protocol data 2024-05-26 00:15:01 +02:00
vtls.c multi: add multi->proto_hash, a key-value store for protocol data 2024-05-26 00:15:01 +02:00
vtls.h multi: add multi->proto_hash, a key-value store for protocol data 2024-05-26 00:15:01 +02:00
wolfssl.c multi: add multi->proto_hash, a key-value store for protocol data 2024-05-26 00:15:01 +02:00
wolfssl.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
x509asn1.c x509asn1: return error on missing OID 2024-05-17 14:54:41 +02:00
x509asn1.h gskit: remove 2023-08-07 20:57:48 +02:00