SSL_CTX_set_cipher_list,
SSL_set_cipher_list,
SSL_CTX_set_ciphersuites,
-SSL_set_ciphersuites
+SSL_set_ciphersuites,
+OSSL_default_cipher_list,
+OSSL_default_ciphersuites
- choose list of available SSL_CIPHERs
=head1 SYNOPSIS
int SSL_CTX_set_ciphersuites(SSL_CTX *ctx, const char *str);
int SSL_set_ciphersuites(SSL *s, const char *str);
+ const char *OSSL_default_cipher_list(void);
+ const char *OSSL_default_ciphersuites(void);
+
=head1 DESCRIPTION
SSL_CTX_set_cipher_list() sets the list of available ciphers (TLSv1.2 and below)
SSL_CTX_set_ciphersuites() is used to configure the available TLSv1.3
ciphersuites for B<ctx>. This is a simple colon (":") separated list of TLSv1.3
-ciphersuite names in order of perference. Valid TLSv1.3 ciphersuite names are:
+ciphersuite names in order of preference. Valid TLSv1.3 ciphersuite names are:
=over 4
SSL_set_ciphersuites() is the same as SSL_CTX_set_ciphersuites() except it
configures the ciphersuites for B<ssl>.
+OSSL_default_cipher_list() returns the default cipher string for TLSv1.2
+(and earlier) ciphers. OSSL_default_ciphersuites() returns the default
+cipher string for TLSv1.3 ciphersuites.
+
=head1 NOTES
The control string B<str> for SSL_CTX_set_cipher_list() and
keys), the "no shared cipher" (SSL_R_NO_SHARED_CIPHER) error is generated
and the handshake will fail.
+OSSL_default_cipher_list() and OSSL_default_ciphersuites() replace
+SSL_DEFAULT_CIPHER_LIST and TLS_DEFAULT_CIPHERSUITES, respectively. The
+cipher list defines are deprecated as of 3.0.
+
=head1 RETURN VALUES
SSL_CTX_set_cipher_list() and SSL_set_cipher_list() return 1 if any cipher
L<SSL_CTX_set_tmp_dh_callback(3)>,
L<ciphers(1)>
+=head1 HISTORY
+
+OSSL_default_cipher_list() and OSSL_default_ciphersites() are new in 3.0.
+
=head1 COPYRIGHT
Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
projects / openssl.git / blobdiff