mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-18 13:44:20 +08:00
Code Issues Packages Projects Releases Wiki Activity
a556f34220
openssl/ssl
History
Emilia Kasper a556f34220 Rework the default cipherlist. 
- Always prefer forward-secure handshakes.
 - Consistently order ECDSA above RSA.
 - Next, always prefer AEADs to non-AEADs, irrespective of strength.
 - Within AEADs, prefer GCM > CHACHA > CCM for a given strength.
 - Prefer TLS v1.2 ciphers to legacy ciphers.
 - Remove rarely used DSS, IDEA, SEED, CAMELLIA, CCM from the default
   list to reduce ClientHello bloat.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-07 16:53:42 +01:00
..
record Remove unused parameters from internal functions 2016-02-22 13:39:44 -05:00
statem Adds CT validation to SSL connections 2016-03-04 10:50:10 -05:00
bio_ssl.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
build.info Update build.info files for auto-init/de-init 2016-02-09 15:11:38 +00:00
d1_lib.c Remove unused parameters from internal functions 2016-02-22 13:39:44 -05:00
d1_msg.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
d1_srtp.c Add new DTLS-SRTP protection profiles from RFC 7714 2016-02-04 22:52:21 +00:00
Makefile.in Always build library object files with shared library cflags 2016-02-20 16:51:31 +01:00
methods.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
packet_locl.h Refactor ClientHello extension parsing 2016-03-03 13:53:26 +01:00
pqueue.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
s3_cbc.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
s3_enc.c Refactor ClientHello extension parsing 2016-03-03 13:53:26 +01:00
s3_lib.c Rework the default cipherlist. 2016-03-07 16:53:42 +01:00
s3_msg.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
ssl_asn1.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
ssl_cert.c Fix MacOS/X build warnings 2016-02-11 13:53:39 -05:00
ssl_ciph.c Rework the default cipherlist. 2016-03-07 16:53:42 +01:00
ssl_conf.c Remove outdated DEBUG flags. 2016-02-18 17:14:50 -05:00
ssl_err.c Adds CT validation to SSL connections 2016-03-04 10:50:10 -05:00
ssl_init.c Hide OPENSSL_INIT_SETTINGS. 2016-02-11 08:43:46 -05:00
ssl_lib.c Adds CT validation to SSL connections 2016-03-04 10:50:10 -05:00
ssl_locl.h Rework the default cipherlist. 2016-03-07 16:53:42 +01:00
ssl_mcnf.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
ssl_rsa.c fix no-ec build 2016-03-03 13:27:34 +00:00
ssl_sess.c Move to REF_DEBUG, for consistency. 2016-02-11 12:40:32 -05:00
ssl_stat.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
ssl_txt.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
ssl_utst.c Fix build-break 2016-02-15 10:17:12 -05:00
t1_enc.c Refactor ClientHello extension parsing 2016-03-03 13:53:26 +01:00
t1_ext.c Adds CT validation to SSL connections 2016-03-04 10:50:10 -05:00
t1_lib.c Adds CT validation to SSL connections 2016-03-04 10:50:10 -05:00
t1_reneg.c Remove outdated DEBUG flags. 2016-02-18 17:14:50 -05:00
t1_trce.c Adds CT validation to SSL connections 2016-03-04 10:50:10 -05:00
tls_srp.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00