jinql
/
openssl-patch
mirror of https://github.com/hakasenyang/openssl-patch
1
0
Fork 0
Code Issues Releases Wiki Activity
59 Commits
4 Branches
0 Tags
372 KiB
Diff 99.9%
Shell 0.1%
 
 
Go to file
Hakase 083126b5ef Update OpenSSL tree 2018-05-31 13:34:58 +09:00
README.md Update OpenSSL tree 2018-05-31 13:34:58 +09:00
openssl-equal-pre2.patch Update openssl-equal-pre2.patch 2018-04-23 01:37:11 +09:00
openssl-equal-pre6.patch Update openssl-equal-pre6.patch 2018-04-27 06:11:46 +09:00
openssl-equal-pre7-draft23_28.patch Support client draft 26, 27. not supported by the server. 2018-05-25 04:39:50 +09:00
openssl-equal-pre7-draft28.patch Not use skip ciphers 2018-05-23 08:10:26 +09:00
openssl-equal-pre7.patch Update pre7 patch 2018-05-08 23:02:06 +09:00
openssl-equal-pre8.patch Update pre8 patch 2018-05-30 18:45:34 +09:00
openssl-equal-pre8_ciphers.patch Update pre8 patch 2018-05-30 18:45:34 +09:00

README.md

openssl-patch

OpenSSL Equal Preference Patch

Test Page - (TLS 1.3 draft 23, 28)

If you link site to a browser that supports draft 23 or 28, you'll see a TLS 1.3 message.

Latest patch : openssl-equal-pre8.patch, openssl-equal-pre8_ciphers.patch

View Tree (OpenSSL)

Original source by BoringSSL & CentminMod

OpenSSL 1.1.0h patch is here

pre8 File

openssl-equal-pre8.patch : TLS 1.3 cipher settings can not be changed on nginx.

openssl-equal-pre8_ciphers.patch : TLS 1.3 cipher settings can be changed on nginx. (ex. TLS13+AESGCM+AES128:TLS13+AESGCM+AES256)

The _ciphers patch file is a temporary change to the TLS 1.3 configuration.

nginx Configuration (ssl_ciphers)

OpenSSL-1.1.1-pre2 ciphers (draft 23)

[TLS13-AES-128-GCM-SHA256|TLS13-CHACHA20-POLY1305-SHA256]:TLS13-AES-256-GCM-SHA384:[EECDH+ECDSA+AESGCM+AES128|EECDH+ECDSA+CHACHA20]:EECDH+ECDSA+AESGCM+AES256:EECDH+ECDSA+AES128+SHA:EECDH+ECDSA+AES256+SHA:[EECDH+aRSA+AESGCM+AES128|EECDH+aRSA+CHACHA20]:EECDH+aRSA+AESGCM+AES256:EECDH+aRSA+AES128+SHA:EECDH+aRSA+AES256+SHA:RSA+AES128+SHA:RSA+AES256+SHA:RSA+3DES

OpenSSL-1.1.1-pre6~pre7 ciphers (draft 26 ~ 28)

[EECDH+ECDSA+AESGCM+AES128|EECDH+ECDSA+CHACHA20]:EECDH+ECDSA+AESGCM+AES256:EECDH+ECDSA+AES128+SHA:EECDH+ECDSA+AES256+SHA:[EECDH+aRSA+AESGCM+AES128|EECDH+aRSA+CHACHA20]:EECDH+aRSA+AESGCM+AES256:EECDH+aRSA+AES128+SHA:EECDH+aRSA+AES256+SHA:RSA+AES128+SHA:RSA+AES256+SHA:RSA+3DES

OpenSSL-1.1.1-pre7-draft23_28, pre8 ciphers (draft 23, 28)

[EECDH+ECDSA+AESGCM+AES128|EECDH+ECDSA+CHACHA20]:EECDH+ECDSA+AESGCM+AES256:EECDH+ECDSA+AES128+SHA:EECDH+ECDSA+AES256+SHA:[EECDH+aRSA+AESGCM+AES128|EECDH+aRSA+CHACHA20]:EECDH+aRSA+AESGCM+AES256:EECDH+aRSA+AES128+SHA:EECDH+aRSA+AES256+SHA

OpenSSL-1.1.1-pre8_ciphers ciphers (draft 23, 28)

[TLS13+AESGCM+AES128|TLS13+AESGCM+AES256|TLS13+CHACHA20]:[EECDH+ECDSA+AESGCM+AES128|EECDH+ECDSA+CHACHA20]:EECDH+ECDSA+AESGCM+AES256:EECDH+ECDSA+AES128+SHA:EECDH+ECDSA+AES256+SHA:[EECDH+aRSA+AESGCM+AES128|EECDH+aRSA+CHACHA20]:EECDH+aRSA+AESGCM+AES256:EECDH+aRSA+AES128+SHA:EECDH+aRSA+AES256+SHA