Roxen.git / server / base_server / global_variables.pike

version» Context lines:

Roxen.git/server/base_server/global_variables.pike:230: Inside #if constant(SSL.ServerConnection)
  #if constant(SSL.ServerConnection)    // Pike 8.0 and later has much more advanced support for SSL/TLS.       defvar( "ssl_password",    Variable.String("", 0, LOCALE(0, "SSL decryption password"),    LOCALE(0, "Optional password to decrypt the "    "SSL key file(s).")));       // 112 bits is the maximum strength to still retain the    // DES-3 suites, which are required in the TLS standards. +  // +  // FIXME: The cipher strength list ought to be generated dynamically +  // from SSL.Constants.CIPHER_effective_keylengths.    defvar("ssl_key_bits",    Variable.Int(112, 0, -  LOCALE(0, "Cipher suite minimum key strength"), +  LOCALE(0, "Cipher suite minimum effective key strength"),    LOCALE(0,    "<p>The minimum number of bits to secure "    "connections.</p>\n"    "<p>Common ciphers (subject to availability) " -  "in order of bits:\n" +  "in order of effective key bits:\n"    "<dl>\n" -  "<dt>40</dt>\n" -  "<dd>Export DES (aka DES-40)</dd>\n" +  "<dt>24</dt>\n"    "<dd>Export RC4 (aka RC4-40)</dd>\n" -  "<dt>56</dt>\n" +  "<dt>32</dt>\n" +  "<dd>Export DES (aka DES-40)</dd>\n" +  "<dt>38</dt>\n" +  "<dd>RC4</dd>\n" +  "<dt>40</dt>\n"    "<dd>DES</dd>\n"    "<dt>112</dt>\n"    "<dd>3-DES (Note that this cipher is the "    "minimum required cipher in many versions "    "of TLS)</dd>\n"    "<dt>128</dt>\n"    "<dd>AES-128</dd>\n"    "<dd>Camellia-128</dd>\n" -  "<dd>RC4</dd>\n" +     "<dt>256</dt>\n"    "<dd>AES-256</dd>\n"    "<dd>Camellia-256</dd>\n" -  +  "<dd>ChaCha20</dd>\n"    "</dl>\n"    "</p>\n")))->set_range(0, Variable.no_limit);       defvar("ssl_suite_filter",    Variable.IntChoice(0,    ([    0: "Default",    4: "Ephemeral key exchanges only",    8: "Suite B (relaxed)",    12: "Suite B (ephemeral only)",