Bug 50998 - Docs for SSLCipherSuite incorrect
Summary: Docs for SSLCipherSuite incorrect
Status: RESOLVED FIXED
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: Documentation (show other bugs)
Version: 2.2.17
Hardware: PC Windows XP
: P2 normal (vote)
Target Milestone: ---
Assignee: HTTP Server Documentation List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-03-30 13:03 UTC by Simon Elén
Modified: 2012-03-31 05:34 UTC (History)
1 user (show)


Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Simon Elén 2011-03-30 13:03:01 UTC 
http://httpd.apache.org/docs/trunk/mod/mod_ssl.html#sslciphersuite
>Available prefixes are:
>none: add cipher to list
>+: add ciphers to list and pull them to current location in list

http://www.openssl.org/docs/apps/ciphers.html
>If + is used then the ciphers are moved to the end of the list. This option doesn't add any new ciphers it just moves matching existing ones. 
>If none of these characters is present then the string is just interpreted as a list of ciphers to be appended to the current preference list. If the list includes any ciphers already present they will be ignored: that is they will not moved to the end of the list.

What actually happens seems to match the OpenSSL documentation and not the Apache documentation.
Comment 1 Daniel Ruggeri 2012-03-31 00:59:19 UTC 
Confirmed - trunk patch applied in r1307670.
Comment 2 Daniel Ruggeri 2012-03-31 05:34:06 UTC 
Corrected in...
2.4 => r1307699
2.2 => r1307698
2.0 => r1307700
trunk => r1307670