Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Maintenance:2931
apache2-mod_nss.openSUSE_13.1_Update
mod_nss-cipherlist_update_for_tls12-doc.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File mod_nss-cipherlist_update_for_tls12-doc.diff of Package apache2-mod_nss.openSUSE_13.1_Update
diff -rNU 50 ../mod_nss-1.0.8-o/docs/mod_nss.html ./docs/mod_nss.html --- ../mod_nss-1.0.8-o/docs/mod_nss.html 2014-02-18 16:30:19.000000000 +0100 +++ ./docs/mod_nss.html 2014-02-18 16:48:18.000000000 +0100 @@ -632,100 +632,121 @@ </td> <td style="vertical-align: top;">SSLv3/TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> <tr> <td style="vertical-align: top;">fortezza_null<br> </td> <td style="vertical-align: top;">SSL_FORTEZZA_DMS_WITH_NULL_SHA<br> </td> <td style="vertical-align: top;">SSLv3/TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> <tr> <td style="vertical-align: top;">fips_des_sha<br> </td> <td style="vertical-align: top;">SSL_RSA_FIPS_WITH_DES_CBC_SHA<br> </td> <td style="vertical-align: top;">SSLv3/TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> <tr> <td style="vertical-align: top;">fips_3des_sha<br> </td> <td style="vertical-align: top;">SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA<br> </td> <td style="vertical-align: top;">SSLv3/TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> <tr> <td style="vertical-align: top;">rsa_des_56_sha</td> <td style="vertical-align: top;">TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA<br> </td> <td style="vertical-align: top;">SSLv3/TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> <tr> <td style="vertical-align: top;">rsa_rc4_56_sha</td> <td style="vertical-align: top;">TLS_RSA_EXPORT1024_WITH_RC4_56_SHA<br> </td> <td style="vertical-align: top;">SSLv3/TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> <tr> <td style="vertical-align: top;">rsa_aes_128_sha<br> </td> <td style="vertical-align: top;">TLS_RSA_WITH_AES_128_CBC_SHA<br> </td> <td style="vertical-align: top;">SSLv3/TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> <tr> <td style="vertical-align: top;">rsa_aes_256_sha<br> </td> <td style="vertical-align: top;">TLS_RSA_WITH_AES_256_CBC_SHA<br> </td> <td style="vertical-align: top;">SSLv3/TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> + <tr> + <td style="vertical-align: top;">rsa_aes_128_gcm_sha<br> + </td> + <td style="vertical-align: top;">TLS_RSA_WITH_AES_128_GCM_SHA256<br> + </td> + <td style="vertical-align: top;">TLSv1.0/TLSv1.1/TLSv1.2</td> + </tr> + <tr> + <td style="vertical-align: top;">rsa_camellia_128_sha<br> + </td> + <td style="vertical-align: top;">TLS_RSA_WITH_CAMELLIA_128_CBC_SHA<br> + </td> + <td style="vertical-align: top;">TLSv1.0/TLSv1.1/TLSv1.2</td> + </tr> + <tr> + <td style="vertical-align: top;">rsa_camellia_256_sha<br> + </td> + <td style="vertical-align: top;">TLS_RSA_WITH_CAMELLIA_256_CBC_SHA<br> + </td> + <td style="vertical-align: top;">TLSv1.0/TLSv1.1/TLSv1.2</td> + </tr> </tbody> </table> <br> Additionally there are a number of ECC ciphers:<br> <br> <table style="width: 70%;" border="1" cellpadding="2" cellspacing="2"> <tbody> <tr> <td style="vertical-align: top; font-weight: bold;">Cipher Name<br> </td> <td style="vertical-align: top; font-weight: bold;">NSS Cipher Definition<br> </td> <td style="vertical-align: top; font-weight: bold;">Protocol<br> </td> </tr> <tr> <td>ecdh_ecdsa_null_sha</td> <td>TLS_ECDH_ECDSA_WITH_NULL_SHA</td> <td>TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> <tr> <td>ecdh_ecdsa_rc4_128_sha</td> <td>TLS_ECDH_ECDSA_WITH_RC4_128_SHA</td> <td>TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> <tr> <td>ecdh_ecdsa_3des_sha</td> <td>TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA</td> <td>TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> <tr> <td>ecdh_ecdsa_aes_128_sha</td> <td>TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA</td> <td>TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> <tr> <td>ecdh_ecdsa_aes_256_sha</td> <td>TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA</td> <td>TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> <tr> <td>ecdhe_ecdsa_null_sha</td> <td>TLS_ECDHE_ECDSA_WITH_NULL_SHA</td> <td>TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> <tr> <td>ecdhe_ecdsa_rc4_128_sha</td> <td>TLS_ECDHE_ECDSA_WITH_RC4_128_SHA</td> <td>TLSv1.0/TLSv1.1/TLSv1.2</td> @@ -773,100 +794,120 @@ <tr> <td>echde_rsa_null</td> <td>TLS_ECDHE_RSA_WITH_NULL_SHA</td> <td>TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> <tr> <td>ecdhe_rsa_rc4_128_sha</td> <td>TLS_ECDHE_RSA_WITH_RC4_128_SHA</td> <td>TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> <tr> <td>ecdhe_rsa_3des_sha</td> <td>TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA</td> <td>TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> <tr> <td>ecdhe_rsa_aes_128_sha</td> <td>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA</td> <td>TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> <tr> <td>ecdhe_rsa_aes_256_sha</td> <td>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA</td> <td>TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> <tr> <td>ecdh_anon_null_sha</td> <td>TLS_ECDH_anon_WITH_NULL_SHA</td> <td>TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> <tr> <td>ecdh_anon_rc4_128sha</td> <td>TLS_ECDH_anon_WITH_RC4_128_SHA</td> <td>TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> <tr> <td>ecdh_anon_3des_sha</td> <td>TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA</td> <td>TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> <tr> <td>ecdh_anon_aes_128_sha</td> <td>TLS_ECDH_anon_WITH_AES_128_CBC_SHA</td> <td>TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> <tr> <td>ecdh_anon_aes_256_sha</td> <td>TLS_ECDH_anon_WITH_AES_256_CBC_SHA</td> <td>TLSv1.0/TLSv1.1/TLSv1.2</td> </tr> + <tr> + <td>ecdh_ecdsa_aes_128_gcm_sha</td> + <td>TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256</td> + <td>TLSv1.0/TLSv1.1/TLSv1.2</td> + </tr> + <tr> + <td>ecdhe_ecdsa_aes_128_gcm_sha</td> + <td>TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256</td> + <td>TLSv1.0/TLSv1.1/TLSv1.2</td> + </tr> + <tr> + <td>ecdh_rsa_aes_128_gcm_sha</td> + <td>TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256</td> + <td>TLSv1.0/TLSv1.1/TLSv1.2</td> + </tr> + <tr> + <td>ecdhe_rsa_aes_128_gcm_sha</td> + <td>TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256</td> + <td>TLSv1.0/TLSv1.1/TLSv1.2</td> + </tr> </tbody> </table> <br> <span style="font-weight: bold;">Example</span><br> <br> <code>NSSCipherSuite +rsa_3des_sha,-rsa_des_56_sha,+rsa_des_sha,-rsa_null_md5,-rsa_null_sha,-rsa_rc2_40_md5,+rsa_rc4_128_md5,-rsa_rc4_128_sha,<br> -rsa_rc4_40_md5,-rsa_rc4_56_sha,-fortezza,-fortezza_rc4_128_sha,-fortezza_null,-fips_des_sha,<br> +fips_3des_sha,-rsa_aes_128_sha,-rsa_aes_256_sha</code><br> <br> <big><big>NSSProtocol<br> </big></big><br> A comma-separated string that lists the basic protocols that the server can use (and clients may connect with). It doesn't enable a cipher specifically but allows ciphers for that protocol to be used at all.<br> <br> Options are:<br> <ul> <li><code>SSLv3</code></li> <li><code>TLSv1 (legacy only; replaced by TLSv1.0)</code></li> <li><code>TLSv1.0</code></li> <li><code>TLSv1.1</code></li> <li><code>TLSv1.2</code></li> <li><code>All</code></li> </ul> Note that this differs from mod_ssl in that you can't add or subtract protocols.<br> <br> If no NSSProtocol is specified, mod_nss will default to allowing the use of the SSLv3, TLSv1.0, TLSv1.1, and TLSv1.2 protocols, where SSLv3 will be set to be the minimum protocol allowed, and TLSv1.2 will be set to be the maximum protocol allowed. <br> If values for NSSProtocol are specified, mod_nss will set both the minimum and the maximum allowed protocols based upon these entries allowing for the inclusion of every protocol in-between. For example, if only SSLv3 and TLSv1.2 are specified, SSLv3, TLSv1.0, TLSv1.1 and TLSv1.2 will all be allowed, as NSS utilizes protocol ranges to accept all protocols inclusively (TLS 1.2 ->TLS 1.1 -> TLS 1.0 -> SSL 3.0), and does not allow exclusion of any protocols in the middle of a range (e. g. - TLS 1.0).<br> <br> Finally, NSS will always automatically negotiate the use of the strongest possible protocol that has been specified which is acceptable to both sides of a given connection.<br> <a href="#SSLv2">SSLv2</a> is not supported by default at this time.<br> <br> <span style="font-weight: bold;">Example</span><br> <br> <code>NSSProtocol SSLv3,TLSv1.0,TLSv1.1,TLSv1.2</code><br> <br>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor