Update README and add pre8_ciphers file.

2018-05-30 14:45:05 +09:00 · 2018-05-30 14:45:05 +09:00 · 1d8022cceb
parent 758ad3481d
commit 1d8022cceb
2 changed files with 1182 additions and 2 deletions
--- a/README.md
+++ b/README.md
@ -3,17 +3,24 @@
 ## OpenSSL Equal Preference Patch

 [Test Page - (TLS 1.3 draft 23, 28)](https://ssl.hakase.io/)
-
 **If you link site to a browser that supports draft 23 or 28, you'll see a TLS 1.3 message.**

 **Latest patch : openssl-equal-pre8.patch**

 [View Tree (OpenSSL)](https://github.com/openssl/openssl/tree/02a7e0a9f63ec97e9671fec2bb8ce7c289fb4d66)
-
 [Original source](https://boringssl.googlesource.com/boringssl/+/858a88daf27975f67d9f63e18f95645be2886bfb%5E%21) by [BoringSSL](https://github.com/google/boringssl) & [CentminMod](https://centminmod.com/)

 OpenSSL 1.1.0h patch is [here](https://gitlab.com/buik/openssl/blob/openssl-patch/openssl-1.1/OpenSSL1.1h-equal-preference-cipher-groups.patch)

+## pre8 File
+
+openssl-equal-pre8.patch : TLS 1.3 cipher settings can not be changed on nginx.
+openssl-equal-pre8_ciphers.patch : TLS 1.3 cipher settings can be changed on nginx. (ex. TLS13+AESGCM+AES128:TLS13+AESGCM+AES256)
+
+The _ciphers patch file is a temporary change to the TLS 1.3 configuration.
+
+## nginx Configuration (ssl_ciphers)
+
 ### OpenSSL-1.1.1-pre2 ciphers (draft 23)
 `[TLS13-AES-128-GCM-SHA256|TLS13-CHACHA20-POLY1305-SHA256]:TLS13-AES-256-GCM-SHA384:[EECDH+ECDSA+AESGCM+AES128|EECDH+ECDSA+CHACHA20]:EECDH+ECDSA+AESGCM+AES256:EECDH+ECDSA+AES128+SHA:EECDH+ECDSA+AES256+SHA:[EECDH+aRSA+AESGCM+AES128|EECDH+aRSA+CHACHA20]:EECDH+aRSA+AESGCM+AES256:EECDH+aRSA+AES128+SHA:EECDH+aRSA+AES256+SHA:RSA+AES128+SHA:RSA+AES256+SHA:RSA+3DES`

@ -22,3 +29,6 @@ OpenSSL 1.1.0h patch is [here](https://gitlab.com/buik/openssl/blob/openssl-patc

 ### OpenSSL-1.1.1-pre7-draft23_28, pre8 ciphers (draft 23, 28)
 `[EECDH+ECDSA+AESGCM+AES128|EECDH+ECDSA+CHACHA20]:EECDH+ECDSA+AESGCM+AES256:EECDH+ECDSA+AES128+SHA:EECDH+ECDSA+AES256+SHA:[EECDH+aRSA+AESGCM+AES128|EECDH+aRSA+CHACHA20]:EECDH+aRSA+AESGCM+AES256:EECDH+aRSA+AES128+SHA:EECDH+aRSA+AES256+SHA`
+
+### OpenSSL-1.1.1-pre8_ciphers ciphers (draft 23, 28)
+`[TLS13+AESGCM+AES128|TLS13+CHACHA20]:TLS13+AESGCM+AES256:[EECDH+ECDSA+AESGCM+AES128|EECDH+ECDSA+CHACHA20]:EECDH+ECDSA+AESGCM+AES256:EECDH+ECDSA+AES128+SHA:EECDH+ECDSA+AES256+SHA:[EECDH+aRSA+AESGCM+AES128|EECDH+aRSA+CHACHA20]:EECDH+aRSA+AESGCM+AES256:EECDH+aRSA+AES128+SHA:EECDH+aRSA+AES256+SHA`
--- a/openssl-equal-pre8_ciphers.patch
+++ b/openssl-equal-pre8_ciphers.patch