jinql
/
openssl-patch
mirror of https://github.com/hakasenyang/openssl-patch
1
0
Fork 0
Code Issues Releases Wiki Activity

Update openssl-equal-latest.patch

openssl-1.1.1
Hakase 2018-04-09 03:00:07 +09:00
parent 01e9055da6
commit 7df4658a6b
1 changed files with 25 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
openssl-equal-latest.patch
View File

@ -1,3 +1,28 @@
diff -urN 1/doc/man1/ciphers.pod 2/doc/man1/ciphers.pod
--- 1/doc/man1/ciphers.pod 2018-04-09 02:53:14.337756676 +0900
+++ 2/doc/man1/ciphers.pod 2018-04-09 02:53:03.060663965 +0900
@@ -417,6 +417,21 @@
=back
+=head1 EQUAL PREFERENCE GROUPS
+
+If configuring a server, one may also configure equal-preference groups to
+partially respect the client's preferences when
+B<SSL_OP_CIPHER_SERVER_PREFERENCE> is enabled. Ciphers in an equal-preference
+group have equal priority and use the client order. This may be used to
+enforce that AEADs are preferred but select AES-GCM vs. ChaCha20-Poly1305
+based on client preferences. An equal-preference is specified with square
+brackets, combining multiple selectors separated by |. For example:
+
+ [ECDHE-ECDSA-CHACHA20-POLY1305|ECDHE-ECDSA-AES128-GCM-SHA256]
+
+ Once an equal-preference group is used, future directives must be
+ opcode-less.
+
=head1 CIPHER SUITE NAMES
The following lists give the SSL or TLS cipher suites names from the
diff -urN 1/include/openssl/ssl.h 2/include/openssl/ssl.h diff -urN 1/include/openssl/ssl.h 2/include/openssl/ssl.h
--- 1/include/openssl/ssl.h 2018-04-08 00:08:49.884019254 +0900 --- 1/include/openssl/ssl.h 2018-04-08 00:08:49.884019254 +0900
+++ 2/include/openssl/ssl.h 2018-04-08 00:10:33.258974140 +0900 +++ 2/include/openssl/ssl.h 2018-04-08 00:10:33.258974140 +0900