[openssl-users] Disable EXPORT cipher suites during compilation
Wayming Zhang
wayming.z at gmail.com
Mon Jul 20 12:49:16 UTC 2015
Hi Pratyush,
Had a quick search in the source, seems like "no-exp" doesn't change
anything. OPENSSL_NO_EXP is defined(by opensslconf.h) when "no-exp" is
specified with Configuration command, however, it is not used at all.
Regards
Way
On 17/07/15 03:19, pratyush parimal wrote:
> Hi everyone,
>
> I am trying to disable the EXPORT ciphers in my OpenSSL code, during
> compile-time.
>
> I'm able to do so at runtime by including '!EXP' in the string I use
> with SSL_CTX_set_cipher_list(). However, I'm wondering is there an
> option (like 'no-rc5') that I can pass to Configure?
>
> ./Configure --help says that I can use no-<cipher> to disable stuff,
> so I used no-exp, but I think that didn't work since the list of
> ciphers I get from SSL_get_ciphers() still includes EXP-... ciphers.
>
> So does anyone know of a way to compile them out?
>
> Thanks,
> Pratyush
>
>
> _______________________________________________
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150720/b8d92fad/attachment.html>
More information about the openssl-users
mailing list