projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Remove some SSLv2 references
[openssl.git]
/
doc
/
ssl
/
SSL_CONF_cmd.pod
diff --git
a/doc/ssl/SSL_CONF_cmd.pod
b/doc/ssl/SSL_CONF_cmd.pod
index e8eeb15f1503e95b0647ee46b16ea654da11e031..bebd20485cc249aeb6d2ed9259ef1e62f546d315 100644
(file)
--- a/
doc/ssl/SSL_CONF_cmd.pod
+++ b/
doc/ssl/SSL_CONF_cmd.pod
@@
-371,16
+371,16
@@
argument.
The order of operations is significant. This can be used to set either defaults
or values which cannot be overridden. For example if an application calls:
The order of operations is significant. This can be used to set either defaults
or values which cannot be overridden. For example if an application calls:
- SSL_CONF_cmd(ctx, "Protocol", "-SSLv
2
");
+ SSL_CONF_cmd(ctx, "Protocol", "-SSLv
3
");
SSL_CONF_cmd(ctx, userparam, uservalue);
SSL_CONF_cmd(ctx, userparam, uservalue);
-it will disable SSLv
2 support by default but the user can override it. If
+it will disable SSLv
3 support by default but the user can override it. If
however the call sequence is:
SSL_CONF_cmd(ctx, userparam, uservalue);
however the call sequence is:
SSL_CONF_cmd(ctx, userparam, uservalue);
- SSL_CONF_cmd(ctx, "Protocol", "-SSLv
2
");
+ SSL_CONF_cmd(ctx, "Protocol", "-SSLv
3
");
-SSLv
2
is B<always> disabled and attempt to override this by the user are
+SSLv
3
is B<always> disabled and attempt to override this by the user are
ignored.
By checking the return code of SSL_CTX_cmd() it is possible to query if a
ignored.
By checking the return code of SSL_CTX_cmd() it is possible to query if a
@@
-416,9
+416,9
@@
Set supported signature algorithms:
SSL_CONF_cmd(ctx, "SignatureAlgorithms", "ECDSA+SHA256:RSA+SHA256:DSA+SHA256");
SSL_CONF_cmd(ctx, "SignatureAlgorithms", "ECDSA+SHA256:RSA+SHA256:DSA+SHA256");
-Enable all protocols except SSLv3
and SSLv2
:
+Enable all protocols except SSLv3:
- SSL_CONF_cmd(ctx, "Protocol", "ALL,-SSLv3
,-SSLv2
");
+ SSL_CONF_cmd(ctx, "Protocol", "ALL,-SSLv3");
Only enable TLSv1.2:
Only enable TLSv1.2: