From 5d120511679ed69669e29b374a3bab1c50ff5134 Mon Sep 17 00:00:00 2001
From: Todd Short <tshort@akamai.com>
Date: Fri, 5 Apr 2019 10:03:29 -0400
Subject: Change cipher default strings to a function

Making the default cipher strings a function gives the library more
control over the defaults. Potentially allowing a change in the
future as ciphers become deprecated or dangerous.
Also allows third party distributors to change the defaults for their
installations.

Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8686)
---
 util/private.num | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'util/private.num')

diff --git a/util/private.num b/util/private.num
index cf08a83ee2..53edf4a7a4 100644
--- a/util/private.num
+++ b/util/private.num
@@ -421,6 +421,7 @@ SSL_CTX_set_tlsext_status_type          define
 SSL_CTX_set_tlsext_ticket_key_cb        define
 SSL_CTX_set_tmp_dh                      define
 SSL_CTX_set_tmp_ecdh                    define
+SSL_DEFAULT_CIPHER_LIST                 define deprecated 3.0.0
 SSL_add0_chain_cert                     define
 SSL_add1_chain_cert                     define
 SSL_build_cert_chain                    define
@@ -499,6 +500,7 @@ SSL_want_x509_lookup                    define
 SSLv23_client_method                    define
 SSLv23_method                           define
 SSLv23_server_method                    define
+TLS_DEFAULT_CIPHERSUITES                define deprecated 3.0.0
 X509_STORE_set_lookup_crls_cb           define
 X509_STORE_set_verify_func              define
 EVP_PKEY_CTX_set1_id                    define
-- 
cgit v1.2.3