Bug 50998 - Docs for SSLCipherSuite incorrect
Docs for SSLCipherSuite incorrect
Status: RESOLVED FIXED
Product: Apache httpd-2
Classification: Unclassified
Component: Documentation
2.2.17
PC Windows XP
: P2 normal (vote)
: ---
Assigned To: HTTP Server Documentation List
:
Depends on:
Blocks:
  Show dependency tree
 
Reported: 2011-03-30 13:03 UTC by Simon Elén
Modified: 2012-03-31 05:34 UTC (History)
1 user (show)



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Simon Elén 2011-03-30 13:03:01 UTC
http://httpd.apache.org/docs/trunk/mod/mod_ssl.html#sslciphersuite
>Available prefixes are:
>none: add cipher to list
>+: add ciphers to list and pull them to current location in list

http://www.openssl.org/docs/apps/ciphers.html
>If + is used then the ciphers are moved to the end of the list. This option doesn't add any new ciphers it just moves matching existing ones. 
>If none of these characters is present then the string is just interpreted as a list of ciphers to be appended to the current preference list. If the list includes any ciphers already present they will be ignored: that is they will not moved to the end of the list.

What actually happens seems to match the OpenSSL documentation and not the Apache documentation.
Comment 1 Daniel Ruggeri 2012-03-31 00:59:19 UTC
Confirmed - trunk patch applied in r1307670.
Comment 2 Daniel Ruggeri 2012-03-31 05:34:06 UTC
Corrected in...
2.4 => r1307699
2.2 => r1307698
2.0 => r1307700
trunk => r1307670