diff options
author | Bodo Möller <bodo@openssl.org> | 2007-04-25 07:58:32 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2007-04-25 07:58:32 +0000 |
commit | 2c12e7f6f5869e37df2d1f1f74a94e082965ec24 (patch) | |
tree | b38e9683874d3303ff15984e1d10d76bec16e8fe | |
parent | 8db10d9ac4c920a22cbe8ab36d16e1f1503f3ca6 (diff) |
Ensure that AES remains the preferred cipher at any given key length.
(This does not really require a special case for Camellia.)
-rw-r--r-- | doc/apps/ciphers.pod | 3 | ||||
-rw-r--r-- | ssl/ssl.h | 6 |
2 files changed, 2 insertions, 7 deletions
diff --git a/doc/apps/ciphers.pod b/doc/apps/ciphers.pod index acafdb105e..694e433ef3 100644 --- a/doc/apps/ciphers.pod +++ b/doc/apps/ciphers.pod @@ -105,8 +105,7 @@ The following is a list of all permitted cipher strings and their meanings. =item B<DEFAULT> the default cipher list. This is determined at compile time and is normally -B<ALL:!aNULL:!eNULL:+RC4:@STRENGTH> or -B<AES:CAMELLIA:ALL!aNULL:!eNULL:+RC4:@STRENGTH>. This must be the first cipher string +B<AES:ALL:!aNULL:!eNULL:+RC4:@STRENGTH>. This must be the first cipher string specified. =item B<COMPLEMENTOFDEFAULT> @@ -317,11 +317,7 @@ extern "C" { /* The following cipher list is used by default. * It also is substituted when an application-defined cipher list string * starts with 'DEFAULT'. */ -#ifdef OPENSSL_NO_CAMELLIA -# define SSL_DEFAULT_CIPHER_LIST "ALL:!aNULL:!eNULL:+RC4:@STRENGTH" /* low priority for RC4 */ -#else -# define SSL_DEFAULT_CIPHER_LIST "AES:CAMELLIA:ALL:!aNULL:!eNULL:+RC4:@STRENGTH" /* low priority for RC4 */ -#endif +#define SSL_DEFAULT_CIPHER_LIST "AES:ALL:!aNULL:!eNULL:+RC4:@STRENGTH" /* low priority for RC4 */ /* Used in SSL_set_shutdown()/SSL_get_shutdown(); */ #define SSL_SENT_SHUTDOWN 1 |