Update README.md

openssl-1.1.1
Hakase 2018-06-24 21:06:20 +09:00
parent 8199e97a90
commit 489a2625c0
1 changed files with 6 additions and 9 deletions

View File

@ -17,7 +17,7 @@
**Support TLS 1.3 draft 28 browsers - _Chrome Canary, Firefox Nightly_**
[Compatible OpenSSL-1.1.1-pre8-dev (OpenSSL, 22330 commits)](https://github.com/openssl/openssl/tree/55fc247a699be33153f27c06d304e6e60eeff980)
[Compatible OpenSSL-1.1.1-pre9-dev (OpenSSL, 22417 commits)](https://github.com/openssl/openssl/tree/eaf39a9fe6f55feb5251e235069e02f7f50d9a49)
## Patch files
@ -35,20 +35,17 @@ Here is the basic patch content.
| openssl-equal-pre2.patch | **_Not support_** draft **26, 28**. |
| openssl-equal-pre7.patch<br />openssl-equal-pre8.patch | TLS 1.3 cipher settings **_can not_** be changed on _nginx_. |
| openssl-equal-pre7_ciphers.patch<br />openssl-equal-pre8_ciphers.patch | TLS 1.3 cipher settings **_can_** be changed on _nginx_. |
| openssl-equal-pre8.patch, openssl-equal-pre8_ciphers.patch | **Support OpenSSL-1.1.1-pre9-dev** |
**The "_ciphers" patch file is a temporary change to the TLS 1.3 configuration.**
Example of setting TLS 1.3 cipher in nginx (pre7 or higher):
- ex 1. TLS13+AESGCM+AES128:TLS13+AESGCM+AES256:TLS13+CHACHA20
- ex 2. TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
- ex 3. TLS13+AESGCM+AES128:EECDH+AES128 (TLS 1.3 + TLS 1.2 ciphers)
## Not OpenSSL patch files
| Patch file name | Patch list |
| Example | Ciphers |
| :--- | :--- |
| nginx_hpack_push.patch | _Patch both_ the HPACK patch and the **PUSH ERROR**. |
| nginx_hpack_push_fix.patch | _Patch only_ the **PUSH ERROR** of the hpack patch. (If the HPACK patch has already been completed) |
| Short Cipher | TLS13+AESGCM+AES128:TLS13+AESGCM+AES256:TLS13+CHACHA20 |
| Fullname Cipher | TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256 |
| TLS 1.3 + 1.2 ciphers | TLS13+AESGCM+AES128:EECDH+AES128 |
## nginx Configuration