diff options
| author | Alex Klyubin <klyubin@google.com> | 2013-12-18 14:13:01 -0800 |
|---|---|---|
| committer | Alex Klyubin <klyubin@google.com> | 2013-12-19 12:05:34 -0800 |
| commit | 71fa3ffedf35aff964eb2545e9af5fecfb8fe8ce (patch) | |
| tree | 1863addc3e808d7ff9c7fda2c5e59e707b7213ff /luni/src | |
| parent | 79a0da5d3d4c6369cee33877a005f3c99f281c85 (diff) | |
| download | libcore-71fa3ffedf35aff964eb2545e9af5fecfb8fe8ce.zip libcore-71fa3ffedf35aff964eb2545e9af5fecfb8fe8ce.tar.gz libcore-71fa3ffedf35aff964eb2545e9af5fecfb8fe8ce.tar.bz2 | |
Disable MD5 cipher suites in SSLSocket and SSLEngine.
Although HMAC-MD5 is not yet broken, the foundations are shaky --
see http://tools.ietf.org/html/rfc6151.
Scans show that disabling these TLS/SSL cipher suites currently
causes handshake issues with 0.4% of the ecosystem.
Bug: 11220570
Change-Id: I1970d2ecbdf3c0d26e45d439047b1d3884ade2ec
Diffstat (limited to 'luni/src')
| -rw-r--r-- | luni/src/main/java/javax/net/ssl/SSLSocket.java | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/luni/src/main/java/javax/net/ssl/SSLSocket.java b/luni/src/main/java/javax/net/ssl/SSLSocket.java index e97b411..2eafbb5 100644 --- a/luni/src/main/java/javax/net/ssl/SSLSocket.java +++ b/luni/src/main/java/javax/net/ssl/SSLSocket.java @@ -203,7 +203,7 @@ import java.net.UnknownHostException; * <tr> * <td>SSL_RSA_WITH_RC4_128_MD5</td> * <td>9+</td> - * <td>9+</td> + * <td>9-19</td> * </tr> * <tr> * <td>SSL_RSA_WITH_RC4_128_SHA</td> @@ -686,7 +686,7 @@ import java.net.UnknownHostException; * <td>RC4-MD5</td> * <td>SSL_RSA_WITH_RC4_128_MD5</td> * <td>1+</td> - * <td>1+</td> + * <td>1-19</td> * </tr> * <tr> * <td>RC4-SHA</td> |