From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 In-Reply-To: References: From: David du Colombier <0intro@gmail.com> Date: Tue, 15 Nov 2016 17:00:32 +0100 Message-ID: To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Content-Type: text/plain; charset=UTF-8 Subject: Re: [9fans] tls 1.2 Topicbox-Message-UUID: aad00b38-ead9-11e9-9d60-3106f5b1d025 > I am trying to get tls 1.2 working on a labs build of plan9. > > What is most infuriating is I am sure I did this a few years ago but I cannot remember > how (or even if) I got it working. > > what I have done is to install the following patches from 9legacy: > > libsec-chacha.diff tls-devtls12.diff > libsec-tlshand12-norc4.diff tls-tlshand12.diff > libsec-tlshand12-nossl3.diff > > and rebuild my kernel and upas (where I need TLS1.2). > > When I try to connect to a windows machine I get an error > from devtls in the kernel of the length of the message is incorrect. > > I have hacked around inside port/devtls.c but not found anything obvious, > I have also played with wireshark which didn't see anything very wrong. > > I am sure I have missed an obvious step but I cannot see what it is. The libsec-chacha.diff patch is not useful, since it's not used yet. Does it works when you connect to https://9p.io/? This machine have the same patches applied. -- David du Colombier