You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by bc...@apache.org on 2014/01/06 20:22:44 UTC

git commit: TS-2370: SSL proxy.config.ssl.server.honor_cipher_order is backwards

Updated Branches:
  refs/heads/master 909319c7c -> e90fc25b8


TS-2370: SSL proxy.config.ssl.server.honor_cipher_order is backwards


Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/e90fc25b
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/e90fc25b
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/e90fc25b

Branch: refs/heads/master
Commit: e90fc25b866da93124a549618f7ce7a925ddbd4f
Parents: 909319c
Author: Bryan Call <bc...@apache.org>
Authored: Mon Jan 6 11:21:03 2014 -0800
Committer: Bryan Call <bc...@apache.org>
Committed: Mon Jan 6 11:21:03 2014 -0800

----------------------------------------------------------------------
 iocore/net/SSLConfig.cc | 2 +-
 mgmt/RecordsConfig.cc   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/trafficserver/blob/e90fc25b/iocore/net/SSLConfig.cc
----------------------------------------------------------------------
diff --git a/iocore/net/SSLConfig.cc b/iocore/net/SSLConfig.cc
index 8493766..e35bd58 100644
--- a/iocore/net/SSLConfig.cc
+++ b/iocore/net/SSLConfig.cc
@@ -156,7 +156,7 @@ SSLConfigParams::initialize()
     ssl_ctx_options |= SSL_OP_NO_TLSv1_2;
 #ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
   REC_ReadConfigInteger(options, "proxy.config.ssl.server.honor_cipher_order");
-  if (!options)
+  if (options)
     ssl_ctx_options |= SSL_OP_CIPHER_SERVER_PREFERENCE;
 #endif
 

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/e90fc25b/mgmt/RecordsConfig.cc
----------------------------------------------------------------------
diff --git a/mgmt/RecordsConfig.cc b/mgmt/RecordsConfig.cc
index 22161cc..26c9410 100644
--- a/mgmt/RecordsConfig.cc
+++ b/mgmt/RecordsConfig.cc
@@ -1235,7 +1235,7 @@ RecordElement RecordsConfig[] = {
   ,
   {RECT_CONFIG, "proxy.config.ssl.server.cipher_suite", RECD_STRING, "RC4-SHA:AES128-SHA:DES-CBC3-SHA:AES256-SHA:ALL:!aNULL:!EXP:!LOW:!MD5:!SSLV2:!NULL", RECU_RESTART_TS, RR_NULL, RECC_NULL, NULL, RECA_NULL}
   ,
-  {RECT_CONFIG, "proxy.config.ssl.server.honor_cipher_order", RECD_INT, "0", RECU_RESTART_TS, RR_NULL, RECC_INT, "[0-1]", RECA_NULL}
+  {RECT_CONFIG, "proxy.config.ssl.server.honor_cipher_order", RECD_INT, "1", RECU_RESTART_TS, RR_NULL, RECC_INT, "[0-1]", RECA_NULL}
   ,
   {RECT_CONFIG, "proxy.config.ssl.server_port", RECD_INT, "-1", RECU_RESTART_TS, RR_NULL, RECC_INT, "[0-65535]", RECA_NULL}
   ,