generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
openssl/doc/ssl
History
Matt Caswell c5b831f21d Always generate DH keys for ephemeral DH cipher suites 
Modified version of the commit ffaef3f15 in the master branch by Stephen
Henson. This makes the SSL_OP_SINGLE_DH_USE option a no-op and always
generates a new DH key for every handshake regardless.

CVE-2016-0701 (fix part 2 or 2)

Issue reported by Antonio Sanso

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-28 13:49:56 +00:00
..
d2i_SSL_SESSION.pod
Merge branch 'rsalz-docfixes'
2014-07-03 12:57:16 -04:00
SSL_accept.pod
Remove MS SGC
2015-01-02 23:01:38 +00:00
SSL_alert_type_string.pod
PR: 1794
2011-11-13 13:13:14 +00:00
SSL_check_chain.pod
Documentation for SSL_check_chain()
2015-08-14 06:25:43 +01:00
SSL_CIPHER_get_name.pod
Allow ECDHE and DHE as forward-compatible aliases for EECDH and EDH
2014-11-10 10:58:49 +01:00
SSL_clear.pod
POD: Fix item numbering
2014-04-30 23:44:54 +01:00
SSL_COMP_add_compression_method.pod
RT1207: document SSL_COMP_free_compression_methods.
2015-05-13 13:03:32 -04:00
SSL_CONF_cmd_argv.pod
Merge branch 'rsalz-docfixes'
2014-07-03 12:57:16 -04:00
SSL_CONF_cmd.pod
Add support for ServerInfo SSL_CONF option.
2015-03-18 12:31:06 +00:00
SSL_CONF_CTX_new.pod
Update SSL_CONF docs.
2013-02-26 15:29:49 +00:00
SSL_CONF_CTX_set1_prefix.pod
Update SSL_CONF docs.
2013-02-26 15:29:49 +00:00
SSL_CONF_CTX_set_flags.pod
typo
2015-02-22 14:44:21 +00:00
SSL_CONF_CTX_set_ssl_ctx.pod
Merge branch 'rsalz-docfixes'
2014-07-03 12:57:16 -04:00
SSL_connect.pod
POD: Fix item numbering
2014-04-30 23:44:54 +01:00
SSL_CTX_add1_chain_cert.pod
Fixed various pod errors
2014-05-01 00:07:28 +01:00
SSL_CTX_add_extra_chain_cert.pod
Update docs.
2015-08-14 06:35:20 +01:00
SSL_CTX_add_session.pod
Merge branch 'rsalz-docfixes'
2014-07-03 12:57:16 -04:00
SSL_CTX_ctrl.pod
New functions SSL[_CTX]_set_msg_callback().
2001-10-20 17:56:36 +00:00
SSL_CTX_flush_sessions.pod
Documenting session caching, 2nd step.
2001-02-04 18:05:27 +00:00
SSL_CTX_free.pod
Add warning about unwanted side effect when calling SSL_CTX_free():
2003-03-27 22:04:05 +00:00
SSL_CTX_get0_param.pod
correct example
2015-07-09 21:23:25 +01:00
SSL_CTX_get_ex_new_index.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_CTX_get_verify_mode.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_CTX_load_verify_locations.pod
POD: Fix item numbering
2014-04-30 23:44:54 +01:00
SSL_CTX_new.pod
Clarify protocols supported.
2014-06-29 00:07:07 +01:00
SSL_CTX_sess_number.pod
ispell
2001-02-16 02:09:53 +00:00
SSL_CTX_sess_set_cache_size.pod
RT468: SSL_CTX_sess_set_cache_size wrong
2014-09-08 11:26:19 -04:00
SSL_CTX_sess_set_get_cb.pod
Add warning about unwanted side effect when calling SSL_CTX_free():
2003-03-27 22:04:05 +00:00
SSL_CTX_sessions.pod
ispell
2001-02-16 02:09:53 +00:00
SSL_CTX_set1_curves.pod
Clarify the return values for SSL_get_shared_curve.
2014-12-05 18:31:57 +01:00
SSL_CTX_set1_verify_cert_store.pod
The functions take a SSL *, not a SSL_CTX *
2015-12-23 22:33:26 +01:00
SSL_CTX_set_cert_cb.pod
Merge branch 'rsalz-docfixes'
2014-07-03 12:57:16 -04:00
SSL_CTX_set_cert_store.pod
Add documentation.
2013-08-18 13:53:32 +01:00
SSL_CTX_set_cert_verify_callback.pod
Add 'void *' argument to app_verify_callback.
2002-02-28 10:52:56 +00:00
SSL_CTX_set_cipher_list.pod
Allow ECDHE and DHE as forward-compatible aliases for EECDH and EDH
2014-11-10 10:58:49 +01:00
SSL_CTX_set_client_CA_list.pod
Merge branch 'rsalz-docfixes'
2014-07-03 12:57:16 -04:00
SSL_CTX_set_client_cert_cb.pod
Merge branch 'rsalz-docfixes'
2014-07-03 12:57:16 -04:00
SSL_CTX_set_custom_cli_ext.pod
Custom extension documentation.
2014-08-28 18:10:21 +01:00
SSL_CTX_set_default_passwd_cb.pod
Clarify! (based on recent mailing-list discussions)
2001-07-11 15:10:28 +00:00
SSL_CTX_set_generate_session_id.pod
Describe new callback for session id generation.
2001-02-23 21:38:42 +00:00
SSL_CTX_set_info_callback.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_CTX_set_max_cert_list.pod
Make maximum certifcate chain size accepted from the peer application
2001-09-11 13:08:51 +00:00
SSL_CTX_set_mode.pod
Fix and improve SSL_MODE_SEND_FALLBACK_SCSV documentation.
2014-10-21 22:39:26 +02:00
SSL_CTX_set_msg_callback.pod
Fixed error in args for SSL_set_msg_callback and SSL_set_msg_callback_arg
2014-05-25 23:47:32 +01:00
SSL_CTX_set_options.pod
Only allow ephemeral RSA keys in export ciphersuites.
2015-01-06 12:45:10 +00:00
SSL_CTX_set_psk_client_callback.pod
add initial support for RFC 4279 PSK SSL ciphersuites
2006-03-10 23:06:27 +00:00
SSL_CTX_set_quiet_shutdown.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_CTX_set_read_ahead.pod
Provide documentation for all SSL(_CTX)?_(get|set)(_default)?_read_ahead
2015-01-27 14:30:25 +00:00
SSL_CTX_set_session_cache_mode.pod
Add a HISTORY section to the man page to mention the new flags.
2002-10-29 18:05:16 +00:00
SSL_CTX_set_session_id_context.pod
POD: Fix item numbering
2014-04-30 23:44:54 +01:00
SSL_CTX_set_ssl_version.pod
POD: Fix item numbering
2014-04-30 23:44:54 +01:00
SSL_CTX_set_timeout.pod
More details about session timeout settings.
2001-08-17 16:36:51 +00:00
SSL_CTX_set_tlsext_status_cb.pod
Add some documentation for the OCSP callback functions
2015-12-27 22:02:33 +00:00
SSL_CTX_set_tlsext_ticket_key_cb.pod
Update ticket callback docs.
2014-07-06 12:40:16 +01:00
SSL_CTX_set_tmp_dh_callback.pod
Always generate DH keys for ephemeral DH cipher suites
2016-01-28 13:49:56 +00:00
SSL_CTX_set_tmp_rsa_callback.pod
Only allow ephemeral RSA keys in export ciphersuites.
2015-01-06 12:45:10 +00:00
SSL_CTX_set_verify.pod
Merge branch 'rsalz-docfixes'
2014-07-03 12:57:16 -04:00
SSL_CTX_use_certificate.pod
Use algorithm specific chains for certificates.
2014-01-03 22:45:20 +00:00
SSL_CTX_use_psk_identity_hint.pod
RT2518: fix pod2man errors
2014-09-08 11:18:58 -04:00
SSL_CTX_use_serverinfo.pod
GH297: Fix NAME section of SSL_CTX_use_serverinfo.pod
2015-06-23 08:17:57 -04:00
SSL_do_handshake.pod
Remove MS SGC
2015-01-02 23:01:38 +00:00
SSL_free.pod
PR: 1835
2009-02-14 21:49:38 +00:00
SSL_get_ciphers.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_get_client_CA_list.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_get_current_cipher.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_get_default_timeout.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_get_error.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_get_ex_data_X509_STORE_CTX_idx.pod
Documentation about SSL_get_ex_data_X509_STORE_CTX_idx and
2001-01-20 16:22:43 +00:00
SSL_get_ex_new_index.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_get_fd.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_get_peer_cert_chain.pod
typo in SSL_get_peer_cert_chain docs
2014-05-02 00:26:05 +01:00
SSL_get_peer_certificate.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_get_psk_identity.pod
add initial support for RFC 4279 PSK SSL ciphersuites
2006-03-10 23:06:27 +00:00
SSL_get_rbio.pod
ispell and some other nit-picking
2000-09-16 15:39:28 +00:00
SSL_get_session.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_get_SSL_CTX.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_get_verify_result.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_get_version.pod
Merge branch 'rsalz-docfixes'
2014-07-03 12:57:16 -04:00
SSL_library_init.pod
Add SHA2 algorithms to SSL_library_init(). Although these aren't used
2010-04-07 13:18:30 +00:00
SSL_load_client_CA_file.pod
More SSL functions documented. Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-10-03 22:02:28 +00:00
SSL_new.pod
One more function documented.
2001-08-17 15:54:50 +00:00
SSL_pending.pod
Provide documentation for all SSL(_CTX)?_(get|set)(_default)?_read_ahead
2015-01-27 14:30:25 +00:00
SSL_read.pod
POD: Fix item numbering
2014-04-30 23:44:54 +01:00
SSL_rstate_string.pod
More manual pages. Constify.
2001-08-23 17:22:43 +00:00
SSL_SESSION_free.pod
PR: 1835
2009-02-14 21:49:38 +00:00
SSL_SESSION_get_ex_new_index.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_SESSION_get_time.pod
fix typos
2006-12-21 21:13:27 +00:00
SSL_session_reused.pod
POD: Fix item numbering
2014-04-30 23:44:54 +01:00
SSL_set_bio.pod
Change spelling back to "behaviour" and "flavour" instead of the
2000-09-16 16:00:38 +00:00
SSL_set_connect_state.pod
Manual page for SSL_do_handshake().
2002-07-19 11:05:50 +00:00
SSL_set_fd.pod
POD: Fix item numbering
2014-04-30 23:44:54 +01:00
SSL_set_session.pod
POD: Fix item numbering
2014-04-30 23:44:54 +01:00
SSL_set_shutdown.pod
Fix additional pod errors with numbered items.
2014-02-14 22:35:15 +00:00
SSL_set_verify_result.pod
New documents. Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-09-20 16:55:26 +00:00
SSL_shutdown.pod
RT2518: fix pod2man errors
2014-09-08 11:18:58 -04:00
SSL_state_string.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_want.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_write.pod
POD: Fix item numbering
2014-04-30 23:44:54 +01:00
ssl.pod
Provide documentation for all SSL(_CTX)?_(get|set)(_default)?_read_ahead
2015-01-27 14:30:25 +00:00