[
https://issues.apache.org/jira/browse/TS-3787?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14636518#comment-14636518
]
Leif Hedstrom edited comment on TS-3787 at 7/22/15 8:48 AM:
------------------------------------------------------------
Maybe we need e.g.
{code}
SSLNextProtocolAccept::registerEndpoint(const char *protocol, Continuation
*handler, char *whitelisted_ciphers=NULL, char *blacklisted_ciphers=NULL);
{code}
This also opens up the issue of the public APIs, do we also make similar
additions to that API? If so, we really have to get that in for 6.0.0, like,
right now! Even if it's just adding / changing the prototypes accordingly,
without the underlying core code, we should make those API changes now.
was (Author: zwoop):
Maybe we need e.g.
{code}
SSLNextProtocolAccept::registerEndpoint(const char *protocol, Continuation
*handler, char *whitelisted_siphers=NULL, char *blacklisted_ciphers=NULL);
{code}
This also opens up the issue of the public APIs, do we also make similar
additions to that API? If so, we really have to get that in for 6.0.0, like,
right now! Even if it's just adding / changing the prototypes accordingly,
without the underlying core code, we should make those API changes now.
> Don't allow blacklisted HTTP/2 ciphers to use HTTP/2
> ----------------------------------------------------
>
> Key: TS-3787
> URL: https://issues.apache.org/jira/browse/TS-3787
> Project: Traffic Server
> Issue Type: Improvement
> Components: HTTP/2
> Reporter: Bryan Call
> Labels: yahoo
> Fix For: 6.1.0
>
>
> Look at the selected cipher and if it is on the blacklist then don't allow
> the client to use HTTP/2.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
