Changeset f030883 in mod_gnutls for docs/mod_gnutls_manual.mdwn


Ignore:
Timestamp:
Apr 9, 2015, 1:02:39 PM (5 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports, master, proxy-ticket, upstream
Children:
73f6f12
Parents:
8b472af
Message:

Set GnuTLS priorities for proxy connections separately

Until now, proxy connections were configured with the same priorities as
the server side. This commit introduces the new configuration option
"GnuTLSProxyPriorities" to set the priorities for proxy connections
separately. Note that GnuTLSProxyPriorities MUST be set when
SSLProxyEngine is enabled.

Since the parameters to GnuTLSPriorities and GnuTLSProxyPriorities need
the same processing, mgs_set_priorities has been rewritten to select the
priority cache to write to based on the option name, rather than adding
a new function to handle GnuTLSProxyPriorities.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • docs/mod_gnutls_manual.mdwn

    r8b472af rf030883  
    480480running as root, and does not need to be readable by the nobody or
    481481apache user.
     482
     483`GnuTLSProxyPriorities`
     484------------------
     485
     486Set the allowed ciphers, key exchange algorithms, MACs and compression
     487methods for proxy connections
     488
     489    GnuTLSProxyPriorities NORMAL:+CIPHER_0:+CIPHER_1:...:+CIPHER_N
     490
     491Default: *none*\
     492Context: server config, virtual host
     493
     494This option is used to set the allowed ciphers, key exchange
     495algorithms, MACs and compression methods for proxy connections. It
     496takes the same parameters as `GnuTLSPriorities`. Required if
     497`SSLProxyEngine` is `On`.
    482498
    483499* * * * *
Note: See TracChangeset for help on using the changeset viewer.