# # ***** BEGIN LICENSE BLOCK ***** # Version: MPL 1.1/GPL 2.0/LGPL 2.1 # # The contents of this file are subject to the Mozilla Public License Version # 1.1 (the "License"); you may not use this file except in compliance with # the License. You may obtain a copy of the License at # http://www.mozilla.org/MPL/ # # Software distributed under the License is distributed on an "AS IS" basis, # WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License # for the specific language governing rights and limitations under the # License. # # The Original Code is the Netscape security libraries. # # The Initial Developer of the Original Code is # Netscape Communications Corporation. # Portions created by the Initial Developer are Copyright (C) 1994-2000 # the Initial Developer. All Rights Reserved. # # Contributor(s): # # Alternatively, the contents of this file may be used under the terms of # either the GNU General Public License Version 2 or later (the "GPL"), or # the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), # in which case the provisions of the GPL or the LGPL are applicable instead # of those above. If you wish to allow use of your version of this file only # under the terms of either the GPL or the LGPL, and not to allow others to # use your version of this file under the terms of the MPL, indicate your # decision by deleting the provisions above and replace them with the notice # and other provisions required by the GPL or the LGPL. If you do not delete # the provisions above, a recipient may use your version of this file under # the terms of any one of the MPL, the GPL or the LGPL. # # ***** END LICENSE BLOCK ***** [General] cTemplate = sslt.htp makeTemplate = ssl.mtp path = . testPrefix = sslt testSuffix = .h regressSpecfile = ssl.reg regressOutput = ssl.html mut = SSL mutversion = 1.0 timeout = 6 makefileOutput = Makefile reporterOutput = ssl.rpt singleSource = TRUE # The names given for the Client and Server Certificates are # nicknames from the database [ClientCert] IMPORTANCE = HIGH TYPE = int ClientCert_none = NO_CERT ClientCert_one = CLIENT_CERT_HARDCOREII_1024 #ClientCert_oneb = CLIENT_CERT_HARDCOREII_512 #ClientCert_two = CLIENT_CERT_SPARK #ClientCert_three = SERVER_CERT_HARDCOREII_1024 #ClientCert_four = CLIENT_CERT_VERISIGN [ServerCert] IMPORTANCE = HIGH TYPE = int #ServerCert_none = NO_CERT ServerCert_one = SERVER_CERT_HARDCOREII_512 #ServerCert_two = CLIENT_CERT_HARDCOREII_512 #ServerCert_three = SERVER_CERT_SPARK #ServerCert_four = SERVER_CERT_VERISIGN_REGULAR #ServerCert_five = SERVER_CERT_VERISIGN_STEPUP ##### POLICY #### # # (right now, policy can only be set globally. When bug #102853 is # fixed, I'll be able to bring ClientPolicy and ServerPolicy back) # [Policy] IMPORTANCE = HIGH TYPE = int ExportPolicy = POLICY_EXPORT DomesticPolicy = POLICY_DOMESTIC #[ClientPolicy] #IMPORTANCE = HIGH #TYPE = int #ExportPolicy = POLICY_EXPORT #DomesticPolicy = POLICY_DOMESTIC #[ServerPolicy] #IMPORTANCE = HIGH #TYPE = int #ServerExportPolicy = POLICY_EXPORT #ServerDomesticPolicy = POLICY_DOMESTIC # Which SSL version to enable. Like the policy, this is a global # setting, affecting both client and server sockets [SSLVersion2] IMPORTANCE = HIGH TYPE = int SSLVersion2 = PR_TRUE NO_SSLVersion2 = PR_FALSE [SSLVersion3] IMPORTANCE = HIGH TYPE = int SSLVersion3 = PR_TRUE NO_SSLVersion3 = PR_FALSE #[ClientIOModel] #IMPORTANCE = LOW #TYPE = int #ClientIOBlocking = 0 #ClientIONonBlocking = 1 #[ServerIOModel] #IMPORTANCE = LOW #TYPE = int #ServerIOBlocking = BLOCKING #ServerIONonBlocking = NON_BLOCKING [ClientIOSessionLength] IMPORTANCE = LOW TYPE = int ClientIOLength0 = 0 ClientIOLength1K = 1024 #ClientIOLength256K = 262144 #ClientIOLength5M = 5242880 [ServerIOSessionLength] IMPORTANCE = LOW TYPE = int ServerIOLength0 = 0 ServerIOLength1K = 1024 #ServerIOLength256K = 262144 #ServerIOLength5M = 5242880 [ServerDoClientAuth] IMPORTANCE = LOW TYPE = int #ClientAuthOnInitial = SSLT_CLIENTAUTH_INITIAL #ClientAuthOnRedo = SSLT_CLIENTAUTH_REDO ClientAuthOff = SSLT_CLIENTAUTH_OFF [ClientForceHandshake] IMPORTANCE = LOW TYPE = PRBool #ClientForceHandshake = PR_TRUE ClientNoForceHandshake = PR_FALSE [ServerForceHandshake] IMPORTANCE = LOW TYPE = PRBool ServerForceHandshake = PR_TRUE #ServerNoForceHandshake = PR_FALSE [ClientRedoHandshake] IMPORTANCE = LOW TYPE = PRBool #ClientRedoHandshake = PR_TRUE ClientNoRedoHandshake = PR_FALSE [ServerRedoHandshake] IMPORTANCE = LOW TYPE = PRBool #ServerRedoHandshake = PR_TRUE ServerNoRedoHandshake = PR_FALSE ########################################################################### # # C i p h e r S p e c s # ########################################################################### [Cipher_EN_RC4_128_WITH_MD5] IMPORTANCE = HIGH TYPE = PRBool Cipher_EN_RC4_128_WITH_MD5 = PR_TRUE No_Cipher_EN_RC4_128_WITH_MD5 = PR_FALSE [Cipher_EN_RC4_128_EXPORT40_WITH_MD5] IMPORTANCE = HIGH TYPE = PRBool Cipher_EN_RC4_128_EXPORT40_WITH_MD5 = PR_TRUE No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 = PR_FALSE [Cipher_EN_RC2_128_CBC_WITH_MD5] IMPORTANCE = HIGH TYPE = PRBool Cipher_EN_RC2_128_CBC_WITH_MD5 = PR_TRUE No_Cipher_EN_RC2_128_CBC_WITH_MD5 = PR_FALSE #[Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5] #IMPORTANCE = HIGH #TYPE = PRBool #Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5 = PR_TRUE #No_Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5 = PR_FALSE #[Cipher_EN_IDEA_128_CBC_WITH_MD5] #IMPORTANCE = HIGH #TYPE = PRBool #Cipher_EN_IDEA_128_CBC_WITH_MD5 = PR_TRUE #No_Cipher_EN_IDEA_128_CBC_WITH_MD5 = PR_FALSE #[Cipher_EN_DES_64_CBC_WITH_MD5] #IMPORTANCE = HIGH #TYPE = PRBool #Cipher_EN_DES_64_CBC_WITH_MD5 = PR_TRUE #No_Cipher_EN_DES_64_CBC_WITH_MD5 = PR_FALSE [Cipher_EN_DES_192_EDE3_CBC_WITH_MD5] IMPORTANCE = HIGH TYPE = PRBool Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 = PR_TRUE No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 = PR_FALSE # SSL v3 Cipher Suites #[Cipher_NULL_WITH_NULL_NULL] #IMPORTANCE = HIGH #TYPE = PRBool #Cipher_NULL_WITH_NULL_NULL = PR_TRUE #No_Cipher_NULL_WITH_NULL_NULL = PR_FALSE #[Cipher_RSA_WITH_NULL_MD5] #IMPORTANCE = HIGH #TYPE = PRBool #Cipher_RSA_WITH_NULL_MD5 = PR_TRUE #No_Cipher_RSA_WITH_NULL_MD5 = PR_FALSE #[Cipher_RSA_WITH_NULL_SHA] #IMPORTANCE = HIGH #TYPE = PRBool #Cipher_RSA_WITH_NULL_SHA = PR_TRUE #No_Cipher_RSA_WITH_NULL_SHA = PR_FALSE [Cipher_RSA_EXPORT_WITH_RC4_40_MD5] IMPORTANCE = HIGH TYPE = PRBool Cipher_RSA_EXPORT_WITH_RC4_40_MD5 = PR_TRUE No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 = PR_FALSE [Cipher_RSA_WITH_RC4_128_MD5] IMPORTANCE = HIGH TYPE = PRBool Cipher_RSA_WITH_RC4_128_MD5 = PR_TRUE No_Cipher_RSA_WITH_RC4_128_MD5 = PR_FALSE #[Cipher_RSA_WITH_RC4_128_SHA] #IMPORTANCE = HIGH #TYPE = PRBool #Cipher_RSA_WITH_RC4_128_SHA = PR_TRUE #No_Cipher_RSA_WITH_RC4_128_SHA = PR_FALSE [Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5] IMPORTANCE = HIGH TYPE = PRBool Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = PR_TRUE No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = PR_FALSE #[Cipher_RSA_WITH_IDEA_CBC_SHA] #IMPORTANCE = HIGH #TYPE = PRBool #Cipher_RSA_WITH_IDEA_CBC_SHA = PR_TRUE #No_Cipher_RSA_WITH_IDEA_CBC_SHA = PR_FALSE #[Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA] #IMPORTANCE = HIGH #TYPE = PRBool #Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_TRUE #No_Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_FALSE [Cipher_RSA_WITH_DES_CBC_SHA] IMPORTANCE = HIGH TYPE = PRBool Cipher_RSA_WITH_DES_CBC_SHA = PR_TRUE No_Cipher_RSA_WITH_DES_CBC_SHA = PR_FALSE [Cipher_RSA_WITH_3DES_EDE_CBC_SHA] IMPORTANCE = HIGH TYPE = PRBool Cipher_RSA_WITH_3DES_EDE_CBC_SHA = PR_TRUE No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA = PR_FALSE #[Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA] #IMPORTANCE = LOW #TYPE = PRBool #Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = PR_TRUE #No_Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = PR_FALSE #[Cipher_DH_DSS_WITH_DES_CBC_SHA] #IMPORTANCE = LOW #TYPE = PRBool #Cipher_DH_DSS_WITH_DES_CBC_SHA = PR_TRUE #No_Cipher_DH_DSS_WITH_DES_CBC_SHA = PR_FALSE #[Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA] #IMPORTANCE = LOW #TYPE = PRBool #Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA = PR_TRUE #No_Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA = PR_FALSE #[Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA] #IMPORTANCE = LOW #TYPE = PRBool #Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_TRUE #No_Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_FALSE #[Cipher_DH_RSA_WITH_DES_CBC_SHA] #IMPORTANCE = LOW #TYPE = PRBool #Cipher_DH_RSA_WITH_DES_CBC_SHA = PR_TRUE #No_Cipher_DH_RSA_WITH_DES_CBC_SHA = PR_FALSE #[Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA] #IMPORTANCE = LOW #TYPE = PRBool #Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA = PR_TRUE #No_Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA = PR_FALSE #[Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA] #IMPORTANCE = LOW #TYPE = PRBool #Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = PR_TRUE #No_Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = PR_FALSE #[Cipher_DHE_DSS_WITH_DES_CBC_SHA] #IMPORTANCE = LOW #TYPE = PRBool #Cipher_DHE_DSS_WITH_DES_CBC_SHA = PR_TRUE #No_Cipher_DHE_DSS_WITH_DES_CBC_SHA = PR_FALSE #[Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA] #IMPORTANCE = LOW #TYPE = PRBool #Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA = PR_TRUE #No_Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA = PR_FALSE #[Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA] #IMPORTANCE = LOW #TYPE = PRBool #Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_TRUE #No_Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_FALSE #[Cipher_DHE_RSA_WITH_DES_CBC_SHA] #IMPORTANCE = LOW #TYPE = PRBool #Cipher_DHE_RSA_WITH_DES_CBC_SHA = PR_TRUE #No_Cipher_DHE_RSA_WITH_DES_CBC_SHA = PR_FALSE #[Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA] #IMPORTANCE = LOW #TYPE = PRBool #Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA = PR_TRUE #No_Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA = PR_FALSE #[Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5] #IMPORTANCE = LOW #TYPE = PRBool #Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5 = PR_TRUE #No_Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5 = PR_FALSE #[Cipher_DH_ANON_WITH_RC4_128_MD5] #IMPORTANCE = LOW #TYPE = PRBool #Cipher_DH_ANON_WITH_RC4_128_MD5 = PR_TRUE #No_Cipher_DH_ANON_WITH_RC4_128_MD5 = PR_FALSE ###define SSL_DH_ANON_EXPORT_WITH_DES40_CBC_SHA 0x0019 #[Cipher_DH_ANON_WITH_DES_CBC_SHA] #IMPORTANCE = LOW #TYPE = PRBool #Cipher_DH_ANON_WITH_DES_CBC_SHA = PR_TRUE #No_Cipher_DH_ANON_WITH_DES_CBC_SHA = PR_FALSE #[Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA] #IMPORTANCE = LOW #TYPE = PRBool #Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA = PR_TRUE #No_Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA = PR_FALSE #[Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA] #IMPORTANCE = HIGH #TYPE = PRBool #Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA = PR_TRUE #No_Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA = PR_FALSE #[Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA] #IMPORTANCE = HIGH #TYPE = PRBool #Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA = PR_TRUE #No_Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA = PR_FALSE #[Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA] #IMPORTANCE = HIGH #TYPE = PRBool #Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA = PR_TRUE #No_Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA = PR_FALSE #[Cipher_RSA_FIPS_WITH_DES_CBC_SHA] #IMPORTANCE = HIGH #TYPE = PRBool #Cipher_RSA_FIPS_WITH_DES_CBC_SHA = PR_TRUE #No_Cipher_RSA_FIPS_WITH_DES_CBC_SHA = PR_FALSE