From 681f2308212a1f69db1ce25a7ad3fc6a4e38a9d9 Mon Sep 17 00:00:00 2001
From: Koichiro IWAO <meta@vmeta.jp>
Date: Mon, 14 Nov 2016 15:39:27 +0900
Subject: [PATCH] docs: document disableSSLv3 and tls_ciphers

---
 docs/man/xrdp.ini.5 | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/docs/man/xrdp.ini.5 b/docs/man/xrdp.ini.5
index 41b4e962..5d46fb74 100644
--- a/docs/man/xrdp.ini.5
+++ b/docs/man/xrdp.ini.5
@@ -103,6 +103,16 @@ If set to \fB1\fP, \fBtrue\fP or \fByes\fP and the network connection disappears
 Regulate if the listening socket uses socket option \fBTCP_NODELAY\fP.
 If set to \fB1\fP, \fBtrue\fP or \fByes\fP, no buffering will be performed in the TCP stack.
 
+.TP
+\fBdisableSSLv3\fP=\fI[yes|no]\fP
+If set to \fB1\fP, \fBtrue\fP or \fByes\fP, \fBxrdp\fP will not accept SSLv3 connections.
+
+.TP
+\fBtls_ciphers\fP=\fIcipher_suite\fP
+Specifies TLS cipher suite.  The format of this parameter is equivalent to which \fBopenssl\fP(1) ciphers subcommand accepts.
+
+(ex. $ openssl ciphers 'HIGH:!ADH:!SHA1')
+
 .TP
 \fBblack\fP=\fI000000\fP
 .TP