Dr. Stephen Henson
01f2f18f3c
Option to disable padding extension.
...
Add TLS padding extension to SSL_OP_ALL so it is used with other
"bugs" options and can be turned off.
This replaces SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG which is an ancient
option referring to SSLv2 and SSLREF.
PR#3336
2014-06-01 18:15:21 +01:00
Daniel Kahn Gillmor
0b30fc903f
documentation should use "DHE" instead of "EDH"
2014-01-09 15:43:28 +00:00
Rob Stradling
dece3209f2
Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X.
...
OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.
2013-09-05 13:09:03 +01:00
Bodo Möller
88f2a4cf9c
CVE-2010-4180 fix (from OpenSSL_1_0_0-stable)
2011-02-03 10:43:00 +00:00
Dr. Stephen Henson
69582a592e
clarify documentation
2010-02-18 12:41:33 +00:00
Dr. Stephen Henson
c2c49969e2
Allow renegotiation if SSL_OP_LEGACY_SERVER_CONNECT is set as well as
...
initial connection to unpatched servers. There are no additional security
concerns in doing this as clients don't see renegotiation during an
attack anyway.
2010-02-17 18:38:31 +00:00
Dr. Stephen Henson
f959598866
update references to new RI RFC
2010-02-12 21:59:31 +00:00
Dr. Stephen Henson
9fb6fd34f8
reword RI description
2010-01-27 18:53:33 +00:00
Dr. Stephen Henson
99b36a8c31
update documentation to reflect new renegotiation options
2010-01-27 17:46:24 +00:00
Dr. Stephen Henson
2a30fec786
Typo
2010-01-05 17:49:49 +00:00
Dr. Stephen Henson
b5c002d5a8
clarify docs
2009-12-09 18:16:50 +00:00
Dr. Stephen Henson
4db82571ba
Document option clearning functions.
...
Initial secure renegotiation documentation.
2009-12-09 17:59:29 +00:00
Dr. Stephen Henson
f3fef74b09
Document ticket disabling option.
2007-08-23 22:49:13 +00:00
Bodo Möller
72dce7685e
Add fixes for CAN-2005-2969.
...
(This were in 0.9.7-stable and 0.9.8-stable, but not in HEAD so far.)
2005-10-26 19:40:45 +00:00
Dr. Stephen Henson
e27a259696
Doc fixes.
2005-03-22 17:55:33 +00:00
Richard Levitte
d177e6180d
Spelling errors.
...
PR: 538
2003-03-20 11:41:59 +00:00
Lutz Jänicke
2edcb4ac71
Typos in links between manual pages
...
Submitted by: Richard.Koenning@fujitsu-siemens.com
Reviewed by:
PR: 129
2002-07-10 19:35:54 +00:00
Bodo Möller
c21506ba02
New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBC
...
vulnerability workaround (included in SSL_OP_ALL).
PR: #90
2002-06-14 12:21:11 +00:00
Bodo Möller
51008ffce1
document SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
2001-10-17 11:56:26 +00:00
Ulf Möller
3b80e3aa9e
ispell
2001-09-07 06:13:40 +00:00
Ulf Möller
f2ab7d1392
typo.
2001-08-22 18:35:17 +00:00
Lutz Jänicke
06da6e4977
Don't disable rollback attack detection as a recommended bug workaround.
2001-08-03 08:45:13 +00:00
Lutz Jänicke
37f599bcec
Reworked manual pages with a lot of input from Bodo Moeller.
2001-07-31 15:04:50 +00:00
Lutz Jänicke
4db48ec0bd
Documentation about ephemeral key exchange
2001-07-21 11:02:17 +00:00
Ulf Möller
52d160d85d
ispell
2001-02-16 02:09:53 +00:00
Lutz Jänicke
1b65ce7db3
Update for 0.9.7 with SSL_OP_CIPHER_SERVER_PREFERENCE.
2001-02-10 16:21:38 +00:00
Lutz Jänicke
7b9cb4a224
Manual page for SSL_CTX_set_options(). Unfortunately for some of the
...
options someone much longer working with OpenSSL/SSLeay is needed.
2001-02-10 16:18:35 +00:00