generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
openssl/doc/ssl
History
Dr. Stephen Henson ce325c60c7 Only allow ephemeral RSA keys in export ciphersuites. 
OpenSSL clients would tolerate temporary RSA keys in non-export
ciphersuites. It also had an option SSL_OP_EPHEMERAL_RSA which
enabled this server side. Remove both options as they are a
protocol violation.

Thanks to Karthikeyan Bhargavan for reporting this issue.
(CVE-2015-0204)
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-01-06 02:06:39 +00:00
..
d2i_SSL_SESSION.pod
Close a whole bunch of documentation-related tickets:
2014-07-02 22:42:40 -04:00
SSL_accept.pod
Remove MS SGC
2015-01-02 22:56:54 +00:00
SSL_alert_type_string.pod
PR: 1794
2011-11-13 13:13:01 +00:00
SSL_CIPHER_get_name.pod
Remove SSLv2 support
2014-12-04 11:55:03 +01:00
SSL_clear.pod
POD: Fix item numbering
2013-10-22 07:38:25 +01:00
SSL_COMP_add_compression_method.pod
POD: Fix item numbering
2013-10-22 07:38:25 +01:00
SSL_CONF_cmd_argv.pod
Close a whole bunch of documentation-related tickets:
2014-07-02 22:42:40 -04:00
SSL_CONF_cmd.pod
Remove SSLv2 support
2014-12-04 11:55:03 +01:00
SSL_CONF_CTX_new.pod
Update SSL_CONF docs.
2013-02-26 15:29:11 +00:00
SSL_CONF_CTX_set1_prefix.pod
Update SSL_CONF docs.
2013-02-26 15:29:11 +00:00
SSL_CONF_CTX_set_flags.pod
Extend SSL_CONF
2013-10-20 22:07:36 +01:00
SSL_CONF_CTX_set_ssl_ctx.pod
Close a whole bunch of documentation-related tickets:
2014-07-02 22:42:40 -04:00
SSL_connect.pod
POD: Fix item numbering
2013-10-22 07:38:25 +01:00
SSL_CTX_add1_chain_cert.pod
Update chain building function.
2014-03-27 14:24:40 +00:00
SSL_CTX_add_extra_chain_cert.pod
Clarify docs.
2014-06-27 16:39:11 +01:00
SSL_CTX_add_session.pod
Close a whole bunch of documentation-related tickets:
2014-07-02 22:42:40 -04:00
SSL_CTX_ctrl.pod
New functions SSL[_CTX]_set_msg_callback().
2001-10-20 17:56:36 +00:00
SSL_CTX_flush_sessions.pod
Documenting session caching, 2nd step.
2001-02-04 18:05:27 +00:00
SSL_CTX_free.pod
Add warning about unwanted side effect when calling SSL_CTX_free():
2003-03-27 22:04:05 +00:00
SSL_CTX_get_ex_new_index.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_CTX_get_verify_mode.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_CTX_load_verify_locations.pod
POD: Fix item numbering
2013-10-22 07:38:25 +01:00
SSL_CTX_new.pod
Remove SSLv2 support
2014-12-04 11:55:03 +01:00
SSL_CTX_sess_number.pod
ispell
2001-02-16 02:09:53 +00:00
SSL_CTX_sess_set_cache_size.pod
RT468: SSL_CTX_sess_set_cache_size wrong
2014-09-08 11:26:03 -04:00
SSL_CTX_sess_set_get_cb.pod
Add warning about unwanted side effect when calling SSL_CTX_free():
2003-03-27 22:04:05 +00:00
SSL_CTX_sessions.pod
ispell
2001-02-16 02:09:53 +00:00
SSL_CTX_set1_curves.pod
Clarify the return values for SSL_get_shared_curve.
2014-12-05 18:31:21 +01:00
SSL_CTX_set1_verify_cert_store.pod
POD: Fix list termination
2013-10-22 07:38:25 +01:00
SSL_CTX_set_cert_cb.pod
Close a whole bunch of documentation-related tickets:
2014-07-02 22:42:40 -04:00
SSL_CTX_set_cert_store.pod
Add documentation.
2013-08-17 17:41:14 +01:00
SSL_CTX_set_cert_verify_callback.pod
Add 'void *' argument to app_verify_callback.
2002-02-28 10:52:56 +00:00
SSL_CTX_set_cipher_list.pod
Remove SSLv2 support
2014-12-04 11:55:03 +01:00
SSL_CTX_set_client_CA_list.pod
Close a whole bunch of documentation-related tickets:
2014-07-02 22:42:40 -04:00
SSL_CTX_set_client_cert_cb.pod
Close a whole bunch of documentation-related tickets:
2014-07-02 22:42:40 -04:00
SSL_CTX_set_custom_cli_ext.pod
Custom extension documentation.
2014-08-28 17:06:53 +01:00
SSL_CTX_set_default_passwd_cb.pod
Clarify! (based on recent mailing-list discussions)
2001-07-11 15:10:28 +00:00
SSL_CTX_set_generate_session_id.pod
Remove SSLv2 support
2014-12-04 11:55:03 +01:00
SSL_CTX_set_info_callback.pod
Fix RT 3193
2014-07-01 12:44:32 -04:00
SSL_CTX_set_max_cert_list.pod
RT3239: Extra comma in NAME lines of two manpages
2014-08-12 15:59:18 -04:00
SSL_CTX_set_mode.pod
Fix and improve SSL_MODE_SEND_FALLBACK_SCSV documentation.
2014-10-21 22:43:08 +02:00
SSL_CTX_set_msg_callback.pod
Fixed error in args for SSL_set_msg_callback and SSL_set_msg_callback_arg
2014-05-25 23:45:12 +01:00
SSL_CTX_set_options.pod
Only allow ephemeral RSA keys in export ciphersuites.
2015-01-06 02:06:39 +00:00
SSL_CTX_set_psk_client_callback.pod
add initial support for RFC 4279 PSK SSL ciphersuites
2006-03-10 23:06:27 +00:00
SSL_CTX_set_quiet_shutdown.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_CTX_set_security_level.pod
Close a whole bunch of documentation-related tickets:
2014-07-02 22:42:40 -04:00
SSL_CTX_set_session_cache_mode.pod
Add a HISTORY section to the man page to mention the new flags.
2002-10-29 18:05:16 +00:00
SSL_CTX_set_session_id_context.pod
POD: Fix item numbering
2013-10-22 07:38:25 +01:00
SSL_CTX_set_ssl_version.pod
POD: Fix item numbering
2013-10-22 07:38:25 +01:00
SSL_CTX_set_timeout.pod
More details about session timeout settings.
2001-08-17 16:36:51 +00:00
SSL_CTX_set_tlsext_ticket_key_cb.pod
Fixed error in pod files with latest versions of pod2man
2014-07-06 00:03:13 +01:00
SSL_CTX_set_tmp_dh_callback.pod
RT1744: SSL_CTX_set_dump_dh() doc feedback
2014-08-26 13:47:23 -04:00
SSL_CTX_set_tmp_rsa_callback.pod
Only allow ephemeral RSA keys in export ciphersuites.
2015-01-06 02:06:39 +00:00
SSL_CTX_set_verify.pod
Close a whole bunch of documentation-related tickets:
2014-07-02 22:42:40 -04:00
SSL_CTX_use_certificate.pod
Use algorithm specific chains for certificates.
2014-01-03 22:39:49 +00:00
SSL_CTX_use_psk_identity_hint.pod
RT2518: fix pod2man errors
2014-09-08 11:18:30 -04:00
SSL_CTX_use_serverinfo.pod
typo
2014-01-10 23:00:50 +00:00
SSL_do_handshake.pod
Remove MS SGC
2015-01-02 22:56:54 +00:00
SSL_free.pod
PR: 1835
2009-02-14 21:49:38 +00:00
SSL_get_ciphers.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_get_client_CA_list.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_get_current_cipher.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_get_default_timeout.pod
Remove SSLv2 support
2014-12-04 11:55:03 +01:00
SSL_get_error.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_get_ex_data_X509_STORE_CTX_idx.pod
Documentation about SSL_get_ex_data_X509_STORE_CTX_idx and
2001-01-20 16:22:43 +00:00
SSL_get_ex_new_index.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_get_fd.pod
Document updates from wiki.
2013-06-12 23:42:08 +01:00
SSL_get_peer_cert_chain.pod
typo in SSL_get_peer_cert_chain docs
2014-05-01 13:40:01 +02:00
SSL_get_peer_certificate.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_get_psk_identity.pod
add initial support for RFC 4279 PSK SSL ciphersuites
2006-03-10 23:06:27 +00:00
SSL_get_rbio.pod
Document updates from wiki.
2013-06-12 23:42:08 +01:00
SSL_get_session.pod
Document updates from wiki.
2013-06-12 23:42:08 +01:00
SSL_get_SSL_CTX.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_get_verify_result.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_get_version.pod
Remove SSLv2 support
2014-12-04 11:55:03 +01:00
SSL_library_init.pod
Add SHA2 algorithms to SSL_library_init(). Although these aren't used
2010-04-07 13:18:07 +00:00
SSL_load_client_CA_file.pod
More SSL functions documented. Submitted by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-10-03 22:02:28 +00:00
SSL_new.pod
Remove SSLv2 support
2014-12-04 11:55:03 +01:00
SSL_pending.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_read.pod
POD: Fix item numbering
2013-10-22 07:38:25 +01:00
SSL_rstate_string.pod
More manual pages. Constify.
2001-08-23 17:22:43 +00:00
SSL_SESSION_free.pod
PR: 1835
2009-02-14 21:49:38 +00:00
SSL_SESSION_get_ex_new_index.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_SESSION_get_time.pod
fix typos
2006-12-21 21:13:27 +00:00
SSL_session_reused.pod
POD: Fix item numbering
2013-10-22 07:38:25 +01:00
SSL_set_bio.pod
Change spelling back to "behaviour" and "flavour" instead of the
2000-09-16 16:00:38 +00:00
SSL_set_connect_state.pod
Document updates from wiki.
2013-06-12 23:42:08 +01:00
SSL_set_fd.pod
POD: Fix item numbering
2013-10-22 07:38:25 +01:00
SSL_set_session.pod
POD: Fix item numbering
2013-10-22 07:38:25 +01:00
SSL_set_shutdown.pod
Fix additional pod errors with numbered items.
2014-02-14 22:30:26 +00:00
SSL_set_verify_result.pod
New documents. Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2000-09-20 16:55:26 +00:00
SSL_shutdown.pod
Remove SSLv2 support
2014-12-04 11:55:03 +01:00
SSL_state_string.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_want.pod
update docs (recent constification)
2005-03-30 11:50:14 +00:00
SSL_write.pod
POD: Fix item numbering
2013-10-22 07:38:25 +01:00
ssl.pod
Remove SSLv2 support
2014-12-04 11:55:03 +01:00