New cipher selection options COMPLEMENTOFALL and COMPLEMENTOFDEFAULT.

Submitted by:
Reviewed by:
PR: 127
This commit is contained in:
Lutz Jänicke
2002-07-19 19:53:02 +00:00
parent 2f6f2970c4
commit f19b6474fe
4 changed files with 48 additions and 0 deletions

View File

@@ -266,6 +266,23 @@ extern "C" {
#define SSL_TXT_TLSV1 "TLSv1"
#define SSL_TXT_ALL "ALL"
/*
* COMPLEMENTOF* definitions. These identifiers are used to (de-select)
* ciphers normally not being used.
* Example: "RC4" will activate all ciphers using RC4 including ciphers
* without authentication, which would normally disabled by DEFAULT (due
* the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT"
* will make sure that it is also disabled in the specific selection.
* COMPLEMENTOF* identifiers are portable between version, as adjustments
* to the default cipher setup will also be included here.
*
* COMPLEMENTOFDEFAULT does not experience the same special treatment that
* DEFAULT gets, as only selection is being done and no sorting as needed
* for DEFAULT.
*/
#define SSL_TXT_CMPALL "COMPLEMENTOFALL"
#define SSL_TXT_CMPDEF "COMPLEMENTOFDEFAULT"
/* The following cipher list is used by default.
* It also is substituted when an application-defined cipher list string
* starts with 'DEFAULT'. */