Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / bc34cd1de2ee80de63b5c4d319a501fc0d4ea2f5
commitbc34cd1de2ee80de63b5c4d319a501fc0d4ea2f5[log] [tgz]
authorPierre Cheynier <p.cheynier@criteo.com>Thu Mar 21 16:15:47 2019 +0000
committerWilly Tarreau <w@1wt.eu>Fri Mar 22 17:24:14 2019 +0100
tree1eb26c21c8fcf6cb8c00a30ee447a22574944a22
parent749f5cab83e15594ea88f36fed16a806af824264 [diff]
BUG/MEDIUM: ssl: ability to set TLS 1.3 ciphers using ssl-default-server-ciphersuites

Any attempt to put TLS 1.3 ciphers on servers failed with output 'unable
to set TLS 1.3 cipher suites'.

This was due to usage of SSL_CTX_set_cipher_list instead of
SSL_CTX_set_ciphersuites in the TLS 1.3 block (protected by
OPENSSL_VERSION_NUMBER >= 0x10101000L & so).

This should be backported to 1.9 and 1.8.

Signed-off-by: Pierre Cheynier <p.cheynier@criteo.com>
Reported-by: Damien Claisse <d.claisse@criteo.com>
Cc: Emeric Brun <ebrun@haproxy.com>
1 file changed
tree: 1eb26c21c8fcf6cb8c00a30ee447a22574944a22
  1. .github/
  2. contrib/
  3. doc/
  4. ebtree/
  5. examples/
  6. include/
  7. reg-tests/
  8. scripts/
  9. src/
  10. tests/
  11. .gitignore
  12. CHANGELOG
  13. CONTRIBUTING
  14. INSTALL
  15. LICENSE
  16. MAINTAINERS
  17. Makefile
  18. README
  19. ROADMAP
  20. SUBVERS
  21. VERDATE
  22. VERSION