Jeffrey Altman wrote:
>
> For the Kerberos 5 ciphers, I want to filter the allowed ciphers based
> upon whether or not there is a keytab file on the server side; or
> client credentials on the client side. Could some one point out to me
> the appropriate place in the SSL code to insert these filters?
The first one sounds like you can do it in advance (i.e. before the
connection is established), in which case, you need
SSL_CTX_set_cipher_list(). The second you just check after the
connection is established, using SSL_get_cipher().
Or were you wanting to do something more sophisticated?
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
