The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
--- Begin Message ---
These ciphersuites were added in mbedtls v2.12.0, our current version,
so we may add them to the ustream-ssl ciphersuite list.
They were already part of the list for openssl and wolfssl.
Chacha20-Poly1305 is a 256-bit cipher with AEAD, much faster than AES on
CPUs without special AES instructions (the case for most embedded
chips).
Signed-off-by: Eneas U de Queiroz <cote2004-git...@yahoo.com>
diff --git a/ustream-mbedtls.c b/ustream-mbedtls.c
index 347c600..b7d7629 100644
--- a/ustream-mbedtls.c
+++ b/ustream-mbedtls.c
@@ -94,7 +94,9 @@ static int _urandom(void *ctx, unsigned char *out, size_t len)
static const int default_ciphersuites_server[] =
{
+ MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
AES_CIPHERS(ECDHE_ECDSA),
+ MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
AES_CIPHERS(ECDHE_RSA),
AES_CIPHERS(RSA),
0
@@ -102,8 +104,11 @@ static const int default_ciphersuites_server[] =
static const int default_ciphersuites_client[] =
{
+ MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
AES_CIPHERS(ECDHE_ECDSA),
+ MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
AES_CIPHERS(ECDHE_RSA),
+ MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
AES_CIPHERS(DHE_RSA),
MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
AES_CIPHERS(RSA),
--
2.16.4
--- End Message ---
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
