generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
openssl/ssl
History
Bodo Möller 4d936ace08 Disable SHA-2 ciphersuites in < TLS 1.2 connections. 
(TLS 1.2 clients could end up negotiating these with an OpenSSL server
with TLS 1.2 disabled, which is problematic.)

Submitted by: Adam Langley
2012-04-17 15:20:17 +00:00
..
.cvsignore
Add emacs cache files to .cvsignore.
2005-04-11 14:17:07 +00:00
bio_ssl.c
OPENSSL_NO_SOCK fixes [from HEAD].
2012-04-16 17:43:15 +00:00
d1_both.c
PR: 2755
2012-03-06 13:47:27 +00:00
d1_clnt.c
PR: 2748
2012-03-06 13:24:16 +00:00
d1_enc.c
Since DTLS 1.0 is based on TLS 1.1 we should never return a decryption_failed
2011-01-04 19:33:30 +00:00
d1_lib.c
PR: 2756
2012-03-09 15:52:20 +00:00
d1_meth.c
Let the TLSv1_method() etc. functions return a const SSL_METHOD
2005-08-14 21:48:33 +00:00
d1_pkt.c
PR: 2756
2012-03-09 15:52:20 +00:00
d1_srtp.c
Submitted by: Eric Rescorla <ekr@rtfm.com>
2012-02-11 22:53:48 +00:00
d1_srvr.c
PR: 2778(part)
2012-03-31 18:02:43 +00:00
dtls1.h
PR: 2658
2011-12-31 23:00:36 +00:00
install-ssl.com
Apply all the changes submitted by Steven M. Schweda <sms@antinode.info>
2011-03-19 09:47:47 +00:00
kssl_lcl.h
Some fixes for kerberos builds.
2009-04-21 22:20:12 +00:00
kssl.c
make kerberos work with OPENSSL_NO_SSL_INTERN
2011-05-11 22:52:34 +00:00
kssl.h
make kerberos work with OPENSSL_NO_SSL_INTERN
2011-05-11 22:52:34 +00:00
Makefile
make update
2012-01-02 16:41:11 +00:00
s2_clnt.c
Updatde from stable branch.
2009-01-07 23:44:27 +00:00
s2_enc.c
Update ssl library to support EVP_PKEY MAC API. Include generic MAC support.
2007-06-04 17:04:40 +00:00
s2_lib.c
Make no-ssl2 work including on Win32 builds.
2009-04-04 17:57:34 +00:00
s2_meth.c
Type-checked (and modern C compliant) OBJ_bsearch.
2008-10-12 14:32:47 +00:00
s2_pkt.c
Use new common flags and fix resulting warnings.
2009-02-15 14:08:51 +00:00
s2_srvr.c
Assorted bugfixes:
2011-02-03 12:03:57 +00:00
s3_both.c
Add Next Protocol Negotiation.
2011-11-13 21:55:42 +00:00
s3_clnt.c
Additional workaround for PR#2771
2012-04-17 14:41:23 +00:00
s3_enc.c
Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576)
2012-01-04 23:13:29 +00:00
s3_lib.c
Disable SHA-2 ciphersuites in < TLS 1.2 connections.
2012-04-17 15:20:17 +00:00
s3_meth.c
Type-checked (and modern C compliant) OBJ_bsearch.
2008-10-12 14:32:47 +00:00
s3_pkt.c
Partial workaround for PR#2771.
2012-04-17 13:20:19 +00:00
s3_srvr.c
s3_srvr.c: fix typo [from HEAD].
2012-04-15 17:23:41 +00:00
s23_clnt.c
Additional workaround for PR#2771
2012-04-17 14:41:23 +00:00
s23_lib.c
Fix warnings (From HEAD, original patch by Ben).
2010-06-15 17:25:15 +00:00
s23_meth.c
Backport TLS v1.2 support from HEAD.
2011-05-11 13:37:52 +00:00
s23_pkt.c
Reorder inclusion of header files:
2002-07-10 07:01:54 +00:00
s23_srvr.c
add FIPS support to ssl: doesn't do anything on this branch yet as there is no FIPS compilation support
2011-05-19 18:22:16 +00:00
srtp.h
move internal functions to ssl_locl.h
2011-11-21 22:52:01 +00:00
ssl2.h
Initial "opaque SSL" framework. If an application defines OPENSSL_NO_SSL_INTERN
2011-05-11 12:56:38 +00:00
ssl3.h
ABI compliance fixes.
2012-02-22 14:01:44 +00:00
ssl23.h
Import of old SSLeay release: SSLeay 0.9.0b
1998-12-21 10:56:39 +00:00
ssl_algs.c
1.0.1-specific OPNESSL vs. OPENSSL typo.
2012-01-15 13:42:50 +00:00
ssl_asn1.c
Use correct tag for SRP username.
2011-10-25 12:52:47 +00:00
ssl_cert.c
Backport TLS v1.2 support from HEAD.
2011-05-11 13:37:52 +00:00
ssl_ciph.c
ssl/ssl_ciph.c: interim solution for assertion in d1_pkt.c(444) [from HEAD].
2012-04-04 20:51:27 +00:00
ssl_err2.c
Use new-style system-id macros everywhere possible. I hope I haven't
2001-02-20 08:13:47 +00:00
ssl_err.c
ABI compliance fixes.
2012-02-22 14:01:44 +00:00
ssl_lib.c
Fix for builds without DTLS support.
2012-01-05 10:22:39 +00:00
ssl_locl.h
PR: 2756
2012-03-09 15:52:20 +00:00
ssl_rsa.c
PR: 1411
2009-09-12 23:09:26 +00:00
ssl_sess.c
New ctrl values to clear or retrieve extra chain certs from an SSL_CTX.
2011-12-22 15:01:16 +00:00
ssl_stat.c
PR: 1794
2011-11-25 00:18:10 +00:00
ssl_task.c
Security fixes brought forward from 0.9.7.
2002-11-13 15:43:43 +00:00
ssl_txt.c
Backport TLS v1.2 support from HEAD.
2011-05-11 13:37:52 +00:00
ssl-lib.com
PR: 2652
2012-01-05 14:30:08 +00:00
ssl.h
ABI compliance fixes.
2012-02-22 14:01:44 +00:00
ssltest.c
PR: 1794
2011-12-14 22:18:03 +00:00
t1_clnt.c
Backport TLS v1.2 support from HEAD.
2011-05-11 13:37:52 +00:00
t1_enc.c
ssl/t1_enc.c: pay attention to EVP_CIPH_FLAG_CUSTOM_CIPHER [from HEAD].
2012-03-13 19:21:15 +00:00
t1_lib.c
use client version when deciding whether to send supported signature algorithms extension
2012-03-21 21:32:57 +00:00
t1_meth.c
Backport TLS v1.2 support from HEAD.
2011-05-11 13:37:52 +00:00
t1_reneg.c
Update RI to match latest spec.
2009-12-27 22:59:09 +00:00
t1_srvr.c
Backport TLS v1.2 support from HEAD.
2011-05-11 13:37:52 +00:00
tls1.h
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
2012-03-09 18:37:41 +00:00
tls_srp.c
PR: 1794
2011-12-14 22:18:03 +00:00