From cf1d73b213ec90e3c37da042efdd39793f2ae2c4 Mon Sep 17 00:00:00 2001
From: Paul Bakker
Date: Tue, 14 Jan 2014 14:08:13 +0100
Subject: [PATCH] Clarified ssl_set_ciphersuites() doc for influencing
preference as well
---
include/polarssl/ssl.h | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index 7e668f93b..1bda2b395 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -972,17 +972,22 @@ void ssl_set_session_cache( ssl_context *ssl,
int ssl_set_session( ssl_context *ssl, const ssl_session *session );
/**
- * \brief Set the list of allowed ciphersuites
+ * \brief Set the list of allowed ciphersuites and the preference
+ * order. First in the list has the highest preference.
* (Overrides all version specific lists)
*
+ * Note: The PolarSSL SSL server uses its own preferences
+ * over the preference of the connection SSL client unless
+ * POLARSSL_SSL_SRV_RESPECT_CLIENT_PREFERENCE is defined!
+ *
* \param ssl SSL context
* \param ciphersuites 0-terminated list of allowed ciphersuites
*/
void ssl_set_ciphersuites( ssl_context *ssl, const int *ciphersuites );
/**
- * \brief Set the list of allowed ciphersuites for a specific
- * version of the protocol.
+ * \brief Set the list of allowed ciphersuites and the
+ * preference order for a specific version of the protocol.
* (Only useful on the server side)
*
* \param ssl SSL context