]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f9afb3a)
rebase to master fixing some missing group references
authorMichael Baentsch <57787676+baentsch@users.noreply.github.com>
Wed, 16 Jul 2025 09:18:02 +0000 (11:18 +0200)
committerNeil Horman <nhorman@openssl.org>
Fri, 29 Aug 2025 12:49:28 +0000 (08:49 -0400)
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26965)

doc/man3/SSL_CONF_cmd.pod patch | blob | blame | history
doc/man7/ossl-guide-tls-server-block.pod patch | blob | blame | history

diff --git a/doc/man3/SSL_CONF_cmd.pod b/doc/man3/SSL_CONF_cmd.pod
index 22baa9c192f3307df592b30b533d7fee3b9eeba1..cb994ba7dee14f8163b95bde73debe0850d53802 100644 (file)
--- a/doc/man3/SSL_CONF_cmd.pod
+++ b/doc/man3/SSL_CONF_cmd.pod
@@ -58,7 +58,8 @@ Disables support for session tickets, same as setting B<SSL_OP_NO_TICKET>.
 =item B<-serverpref>
 
 Use server and not client preference order when determining which cipher suite,
-signature algorithm or elliptic curve to use for an incoming connection.
+signature algorithm or elliptic curve (TLS 1.2) or group (TLS 1.3) to use for
+an incoming connection.
 Equivalent to B<SSL_OP_SERVER_PREFERENCE>. Only used by servers.
 
 =item B<-client_renegotiation>
@@ -569,8 +570,8 @@ B<SSL_OP_ECDH_SINGLE>. Only used by servers.
 
 B<ServerPreference>: use server and not client preference order when
 determining which cipher suite, signature algorithm or elliptic curve
-to use for an incoming connection.  Equivalent to
-B<SSL_OP_SERVER_PREFERENCE>. Only used by servers.
+(TLS 1.2) or group (TSL 1.3) to use for an incoming connection.
+Equivalent to B<SSL_OP_SERVER_PREFERENCE>. Only used by servers.
 
 B<PrioritizeChaCha>: prioritizes ChaCha ciphers when the client has a
 ChaCha20 cipher at the top of its preference list. This usually indicates
diff --git a/doc/man7/ossl-guide-tls-server-block.pod b/doc/man7/ossl-guide-tls-server-block.pod
index a261f8990c8ed77e0f8ec221c24c232d67557426..976045d4e1ed2f5edef0be86edc6e8a97588238b 100644 (file)
--- a/doc/man7/ossl-guide-tls-server-block.pod
+++ b/doc/man7/ossl-guide-tls-server-block.pod
@@ -89,8 +89,8 @@ Next we configure some option flags, see L<SSL_CTX_set_options(3)> for details:
     opts |= SSL_OP_NO_RENEGOTIATION;
 
     /*
-     * Most servers elect to use their own cipher or group preference rather than
-     * that of the client.
+     * Most servers elect to use their own cipher, group or signature preference
+     * rather than that of the client.
      */
     opts |= SSL_OP_SERVER_PREFERENCE;
 
Mirror of https://github.com/openssl/openssl.git