update default -rpcsslciphers to include TLSv1.2 #3104

pull Diapolo wants to merge 1 commits into bitcoin:master from Diapolo:rpcssl-defaultciphers changing 2 files +2 −2
  1. Diapolo commented at 2:15 PM on October 17, 2013: none
    • this extends the accepted ciphersuites with TLSv1.2 ones
    • also removes !AH, as I could not find documentation on it and the change did not result in a changed ciphersuite list (checked via openssl ciphers -v)
    • closes #3096 (which also contains more details)
  2. update default -rpcsslciphers to include TLSv1.2
    - this extends the accepted ciphersuites with TLSv1.2 ones
- also removes !AH, as I could not find documentation on it and the change
  did not result in a changed ciphersuite list (checked via openssl
  ciphers -v)
- closes #3096 (which also contains more details)
    1728bf0873
  3. BitcoinPullTester commented at 2:27 PM on October 17, 2013: none

    Automatic sanity-testing: PASSED, see http://jenkins.bluematt.me/pull-tester/1728bf0873590c6905e892044f9f87ee97ff3dbc for binaries and test log. This test script verifies pulls every time they are updated. It, however, dies sometimes and fails to test properly. If you are waiting on a test, please check timestamps to verify that the test.log is moving at http://jenkins.bluematt.me/pull-tester/current/ Contact BlueMatt on freenode if something looks broken.

  4. laanwj commented at 12:22 PM on October 20, 2013: member

    Agree with the idea of using better ciphers if available.

    However, I would first like to understand what "!AH" means (it's impossible to google for) before we just throw it out.

  5. fanquake commented at 12:43 PM on October 20, 2013: member

    @laanwj

    Reading from the OpenSSL cipher docs.

    If ! is used then the ciphers are permanently deleted from the list. The ciphers deleted can never reappear in the list even if they are explicitly stated.

    However, 'AH' isn't listed as one of the permitted CIPHER_STRINGS, could it be a typo for aDH/DH/ADH ?

  6. gavinandresen commented at 2:50 AM on October 21, 2013: contributor

    I don't remember why I specified !AH -- it is very possible it was a typo.

    Merging before the shed gets more paint on it.

  7. gavinandresen referenced this in commit cc7562b7d2 on Oct 21, 2013
  8. gavinandresen merged this on Oct 21, 2013
  9. gavinandresen closed this on Oct 21, 2013
  10. DrahtBot locked this on Sep 8, 2021
Contributors
DiapoloBitcoinPullTesterlaanwjfanquakegavinandresen
Linked (view graph)
#3096 update default ciphersuite string for -rpcsslciphers
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-21 18:16 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me