globus_gssapi_gsi
12.1
Main Page
Modules
Files
File List
Globals
gsi.conf.h
1
static
char
*globus_l_gsi_conf_string =
2
"# Flag to choose SSL or TLS for GSSAPI protocol.\n"
3
"# Set to true to disable SSLv3, or false to allow either to be \n"
4
"# negotiated. The value of the GLOBUS_GSSAPI_FORCE_TLS environment\n"
5
"# variable overrides this\n"
6
"FORCE_TLS=false\n"
7
"# GSSAPI Name compatibility mode when trying to determine\n"
8
"# if a host certificate is legitimate. GSI predates RFC2818,\n"
9
"# so there are some old, less-secure, practices by default.\n"
10
"# The different modes are:\n"
11
"# STRICT_GT2:\n"
12
"# Strictly backward-compatible with GT 2.0 name matching. \n"
13
"# X.509 subjectAltName values are ignored. Names with\n"
14
"# hyphens are treated as wildcarded such that \n"
15
"# host-ANYTHING.example.com will match a certificate named\n"
16
"# host.example.com. The name matching will rely on canonical\n"
17
"# host (as resolved via getnameinfo) name associated with\n"
18
"# a connection's IP addresses.\n"
19
"# STRICT_RFC2818:\n"
20
"# Support RFC 2818 server identity processing. Hyphen \n"
21
"# characters are treated as normal part of a host name. \n"
22
"# dnsName and ipAddress subjectAltName extensions are matched\n"
23
"# against the host and port passed to GSSAPI. If subjectAltName \n"
24
"# is present, X.509 SubjectName is ignored. \n"
25
"# HYBRID:\n"
26
"# Support a hybrid of the two previous name matching algorithms,\n"
27
"# liberally matching both hyphen wildcards, canonical names\n"
28
"# associated with IP addresses, and subjectAltName extensions.\n"
29
"# This has been the default since GT 4.2\n"
30
"NAME_COMPATIBILITY=STRICT_RFC2818\n"
31
"# OpenSSL Cipher List. This is an preference-ordered list of OpenSSL cipher\n"
32
"# names. \n"
33
"CIPHERS=HIGH\n"
34
"# If true, when choosing a cipher, a server will use its own preferred\n"
35
"# order instead of the cipher order presented by the client. When not set, the\n"
36
"# SSL server will always follow the clients preferences.\n"
37
"SERVER_CIPHER_ORDER=true\n"
38
;
Generated by
1.8.10