From cf1d73b213ec90e3c37da042efdd39793f2ae2c4 Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Tue, 14 Jan 2014 14:08:13 +0100 Subject: [PATCH] Clarified ssl_set_ciphersuites() doc for influencing preference as well --- include/polarssl/ssl.h | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h index 7e668f93b..1bda2b395 100644 --- a/include/polarssl/ssl.h +++ b/include/polarssl/ssl.h @@ -972,17 +972,22 @@ void ssl_set_session_cache( ssl_context *ssl, int ssl_set_session( ssl_context *ssl, const ssl_session *session ); /** - * \brief Set the list of allowed ciphersuites + * \brief Set the list of allowed ciphersuites and the preference + * order. First in the list has the highest preference. * (Overrides all version specific lists) * + * Note: The PolarSSL SSL server uses its own preferences + * over the preference of the connection SSL client unless + * POLARSSL_SSL_SRV_RESPECT_CLIENT_PREFERENCE is defined! + * * \param ssl SSL context * \param ciphersuites 0-terminated list of allowed ciphersuites */ void ssl_set_ciphersuites( ssl_context *ssl, const int *ciphersuites ); /** - * \brief Set the list of allowed ciphersuites for a specific - * version of the protocol. + * \brief Set the list of allowed ciphersuites and the + * preference order for a specific version of the protocol. * (Only useful on the server side) * * \param ssl SSL context