From: Bertrand Jacquin Date: Mon, 13 Aug 2018 23:56:13 +0000 (+0100) Subject: DOC: ssl: Use consistent naming for TLS protocols X-Git-Tag: v1.9-dev2~149 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a25282bb399bfad8ed04b494b567fe97f0a58d65;p=thirdparty%2Fhaproxy.git DOC: ssl: Use consistent naming for TLS protocols In most cases, "TLSv1.x" naming is used across and documentation, lazy people tend to grep too much and may not find what they are looking for. Fixing people is hard. --- diff --git a/doc/configuration.txt b/doc/configuration.txt index d11b631853..4e66aad84f 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -10541,7 +10541,7 @@ accept-proxy setting of which client is allowed to use the protocol. allow-0rtt - Allow receiving early data when using TLS 1.3. This is disabled by default, + Allow receiving early data when using TLSv1.3. This is disabled by default, due to security considerations. alpn diff --git a/src/ssl_sock.c b/src/ssl_sock.c index 813b599218..5610a41f7f 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -1996,7 +1996,7 @@ static void ctx_set_TLSv12_func(SSL_CTX *ctx, set_context_func c) { : SSL_CTX_set_ssl_version(ctx, TLSv1_2_client_method()); #endif } -/* TLS 1.2 is the last supported version in this context. */ +/* TLSv1.2 is the last supported version in this context. */ static void ctx_set_TLSv13_func(SSL_CTX *ctx, set_context_func c) {} /* Unusable in this context. */ static void ssl_set_SSLv3_func(SSL *ssl, set_context_func c) {} @@ -2197,7 +2197,7 @@ static int ssl_sock_switchctx_cbk(SSL *ssl, int *al, void *arg) break; } } else { - /* without TLSEXT_TYPE_signature_algorithms extension (< TLS 1.2) */ + /* without TLSEXT_TYPE_signature_algorithms extension (< TLSv1.2) */ has_rsa = 1; } if (has_ecdsa_sig) { /* in very rare case: has ecdsa sign but not a ECDSA cipher */