mirror of
https://github.com/ipxe/ipxe
synced 2026-06-29 00:07:28 +03:00
Michael Brown
25072c1905
For historical reasons, TLS versions 1.2 and earlier identify FFDHE groups by specifying the raw group prime and generator (the "dh_p" and "dh_g" fields in ServerDHParams), rather than using a numeric code to identify a named group. This adds complexity to the process of identifying the internal key exchange algorithm. One option would be to extend the definition of struct tls_key_exchange_algorithm to include the identifying values for the field prime and generator, but this is undesirable since the field prime values may be large, and these values are already available (indirectly) in ffdhe.c. Extend our definition of a key exchange algorithm to include an opaque private data field. This allows us to remove the wrapper functions currently created by FFDHE_GROUP() and WEIERSTRASS_CURVE(), and opens up the option of accessing the existing FFDHE field prime and generator values from within the TLS layer. Signed-off-by: Michael Brown <mcb30@ipxe.org>
iPXE network bootloader
iPXE is the leading open source network boot firmware. It provides a full PXE implementation enhanced with additional features such as:
-
boot from a web server via HTTP or HTTPS,
-
boot from an iSCSI, FCoE, or AoE SAN,
-
control the boot process with a script,
You can use iPXE to replace the existing PXE ROM on your network card, or you can chainload into iPXE to obtain the features of iPXE without the hassle of reflashing.
iPXE is free, open-source software licensed under the GNU GPL (with some portions under GPL-compatible licences).
You can download the rolling release binaries (built from the latest commit), or use the most recent stable release.
For full documentation, visit the iPXE website.