Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add aegis support #3282

Merged
merged 8 commits into from
Sep 19, 2023
Merged

add aegis support #3282

merged 8 commits into from
Sep 19, 2023

Conversation

kazuho
Copy link
Member

@kazuho kazuho commented Sep 19, 2023

This is the h2o-side adjustments for aegis support, based on h2o/picotls#478.

Specifically, this PR makes the following changes:

  • adds libaegis to the Ubuntu 22.04 CI image
  • link to libaegis if specified (default is on if libaegis is available)
  • detect and enable aegis cipher suites if configured (e.g., cipher-suite-tls1.3: [ TLS_AEGIS_128L_SHA256 ])

The test being added merely checks if the server boots correctly with aegis turned on. If we want to go a step further, we might consider the following:

  • build picotls-cli (the TLS 1.3 test client that we build inside the h2o repo) with aegis support, and
  • use that to actually test HTTP/1.1 over TLS/1.3 using aegis.

For picotls-cli, it would be best to adjust picotls so that aegis support will be on by default when libaegis is found.

@kazuho
Copy link
Member Author

kazuho commented Sep 19, 2023

@jedisct1 WDYT?

@jedisct1
Copy link

LGTM!

@kazuho kazuho merged commit 1cbd0c2 into master Sep 19, 2023
10 checks passed
@kazuho
Copy link
Member Author

kazuho commented Sep 19, 2023

@jedisct1 Thank you for checking! Merged.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants