New cipher selection options COMPLEMENTOFALL and COMPLEMENTOFDEFAULT.
Submitted by: Reviewed by: PR: 127
This commit is contained in:
17
ssl/ssl.h
17
ssl/ssl.h
@@ -266,6 +266,23 @@ extern "C" {
|
||||
#define SSL_TXT_TLSV1 "TLSv1"
|
||||
#define SSL_TXT_ALL "ALL"
|
||||
|
||||
/*
|
||||
* COMPLEMENTOF* definitions. These identifiers are used to (de-select)
|
||||
* ciphers normally not being used.
|
||||
* Example: "RC4" will activate all ciphers using RC4 including ciphers
|
||||
* without authentication, which would normally disabled by DEFAULT (due
|
||||
* the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT"
|
||||
* will make sure that it is also disabled in the specific selection.
|
||||
* COMPLEMENTOF* identifiers are portable between version, as adjustments
|
||||
* to the default cipher setup will also be included here.
|
||||
*
|
||||
* COMPLEMENTOFDEFAULT does not experience the same special treatment that
|
||||
* DEFAULT gets, as only selection is being done and no sorting as needed
|
||||
* for DEFAULT.
|
||||
*/
|
||||
#define SSL_TXT_CMPALL "COMPLEMENTOFALL"
|
||||
#define SSL_TXT_CMPDEF "COMPLEMENTOFDEFAULT"
|
||||
|
||||
/* The following cipher list is used by default.
|
||||
* It also is substituted when an application-defined cipher list string
|
||||
* starts with 'DEFAULT'. */
|
||||
|
Reference in New Issue
Block a user