Commit 48d8edb5 authored by Filippo Valsorda's avatar Filippo Valsorda Committed by Brad Fitzpatrick
Browse files

crypto/tls: disable CBC cipher suites with SHA-256 by default 

As is, they were fully vulnerable to the Lucky13 attack. The SHA1
variants implement limited countermeasures (see f28cf834) but the
SHA256 ones are apparently used rarely enough (see 87415048) that
it's not worth the extra code.

Instead, disable them by default and update the warning.

Updates #13385
Updates #15487

Change-Id: I45b8b716001e2fa0811b17e25be76e2512e5abb2
Reviewed-on: https://go-review.googlesource.com/35290


Reviewed-by: default avatarAdam Langley <alangley@gmail.com>
Reviewed-by: default avatarBrad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Matt Layher <mdlayher@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
parent 92ecd789
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment