generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove export ciphers from the DEFAULT cipher list

Browse Source 
They are moved to the COMPLEMENTOFDEFAULT instead.
This also fixes SSLv2 to be part of COMPLEMENTOFDEFAULT.

Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Kurt Roeckx
2015-03-04 21:57:52 +01:00
parent 6ee3997134
commit f417997a32
4 changed files with 13 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
doc/apps/ciphers.pod
View File

@@ -109,8 +109,8 @@ The following is a list of all permitted cipher strings and their meanings.
=item B<DEFAULT>
the default cipher list. This is determined at compile time and, as of OpenSSL
1.0.0, is normally B<ALL:!aNULL:!eNULL>. This must be the first cipher string
the default cipher list. This is determined at compile time and
is normally B<ALL:!EXPORT:!aNULL:!eNULL:!SSLv2>. This must be the firstcipher string
specified.
=item B<COMPLEMENTOFDEFAULT>