www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-07 04:02:58 +03:00
Code Activity

On the trunk:

Browse Source 
mod_ssl TLSv1.3 support, removed V1_3 cipher suite directives again and added an optional protocol specifier to the SSLCipherSuite and SSLProxyCipherSuite commands.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1827992 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Stefan Eissing
2018-03-29 14:10:12 +00:00
parent 8b305c8397
commit 352d92c698
9 changed files with 112 additions and 89 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
modules/ssl/mod_ssl.c
View File

@@ -97,14 +97,9 @@ static const command_rec ssl_config_cmds[] = {
SSL_CMD_SRV(FIPS, FLAG,
"Enable FIPS-140 mode "
"(`on', `off')")
SSL_CMD_ALL(CipherSuite, TAKE1,
"Colon-delimited list of permitted SSL Ciphers "
"('XXX:...:XXX' - see manual)")
#ifdef SSL_OP_NO_TLSv1_3
SSL_CMD_SRV(CipherSuiteV1_3, TAKE1,
"Colon-delimited list of permitted TLSv1.3 Ciphers "
"('XXX:...:XXX' - see manual)")
#endif
SSL_CMD_ALL(CipherSuite, TAKE12,
"Colon-delimited list of permitted SSL Ciphers, optional preceeded "
"by protocol identifier ('XXX:...:XXX' - see manual)")
SSL_CMD_SRV(CertificateFile, TAKE1,
"SSL Server Certificate file "
"('/path/to/file' - PEM or DER encoded)")
@@ -194,14 +189,9 @@ static const command_rec ssl_config_cmds[] = {
SSL_CMD_PXY(ProxyProtocol, RAW_ARGS,
"SSL Proxy: enable or disable SSL protocol flavors "
"('[+-][" SSL_PROTOCOLS "] ...' - see manual)")
SSL_CMD_PXY(ProxyCipherSuite, TAKE1,
SSL_CMD_PXY(ProxyCipherSuite, TAKE12,
"SSL Proxy: colon-delimited list of permitted SSL ciphers "
"('XXX:...:XXX' - see manual)")
#ifdef SSL_OP_NO_TLSv1_3
SSL_CMD_PXY(ProxyCipherSuiteV1_3, TAKE1,
"SSL Proxy: colon-delimited list of permitted TLSv1.3 ciphers "
"('XXX:...:XXX' - see manual)")
#endif
", optionally preceeded by protocol specifier ('XXX:...:XXX' - see manual)")
SSL_CMD_PXY(ProxyVerify, TAKE1,
"SSL Proxy: whether to verify the remote certificate "
"('on' or 'off')")