|
Derived string for the specification of a cipher list.
Contains colon-delimited (':') cipher strings that can be of any value of the members contained by a Cipher struct. A cipher string indicates an individual cipher or a set of ciphers that use the same protocol version, key exchange etc. The cipher strings can be combined in logical order and operation by character '+'. They can be optionally preceded by either an '!' or a '-' character. Character '!' means that the preceded cipher or cipher type is permanently deleted from the list. Character '-' means that the preceded cipher or cipher type is deleted from the list, but any of the ciphers can be added by later options.
They must contain at least one positive expression, that is, without character '!' or '-' in the cipher string, otherwise the filter results in an empty cipher suite.
Cipher strings with special meaning:
ALL - all cipher suites except for the NULL encryption ciphers, which must be explicitly enabled. NULL authentication ciphers are included.
DEFAULT - all cipher suites except the NULL authentication and NULL encryption ciphers.
Example:
ALL:!SSLv2:!RSA:!aRSA:!3DES:!DES:!MD5
ALL:!EXP-EDH-RSA-DES-CBC-SHA
AES:-kRSA
AES:RC4
kEDH+EXPORT:-MD5, assume that the listed cipher strings are valid values of members of Cipher structs.
|