mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-09 05:51:54 +08:00
Code Issues Packages Projects Releases Wiki Activity
f865b08143
openssl/ssl
History
Matt Caswell f865b08143 Split configuration of TLSv1.3 ciphers from older ciphers 
With the current mechanism, old cipher strings that used to work in 1.1.0,
may inadvertently disable all TLSv1.3 ciphersuites causing connections to
fail. This is confusing for users.

In reality TLSv1.3 are quite different to older ciphers. They are much
simpler and there are only a small number of them so, arguably, they don't
need the same level of control that the older ciphers have.

This change splits the configuration of TLSv1.3 ciphers from older ones.
By default the TLSv1.3 ciphers are on, so you cannot inadvertently disable
them through your existing config.

Fixes #5359

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5392)
2018-03-14 10:15:50 +00:00
..
record Use the TLSv1.3 record header as AAD 2018-03-14 09:51:20 +00:00
statem Only allow supported_versions in a TLSv1.3 ServerHello 2018-03-14 09:51:20 +00:00
bio_ssl.c Add comments to NULL func ptrs in bio_method_st 2017-12-18 07:04:48 +10:00
build.info Move ssl/t1_ext.c to ssl/statem/extensions_cust.c 2017-04-07 13:41:04 +01:00
d1_lib.c More record layer conversions to use SSLfatal() 2017-12-08 16:42:02 +00:00
d1_msg.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
d1_srtp.c Move client parsing of ServerHello extensions into new framework 2016-12-08 17:18:25 +00:00
methods.c Drop support for OPENSSL_NO_TLS1_3_METHOD 2017-06-30 09:41:46 +01:00
packet_locl.h TLS1.3 Padding 2017-05-02 09:44:43 +01:00
packet.c Move ossl_assert 2017-08-03 10:48:00 +01:00
pqueue.c Update copyright header 2017-07-30 17:42:00 -04:00
s3_cbc.c Move ossl_assert 2017-08-03 10:48:00 +01:00
s3_enc.c Tell the ciphers which DRBG to use for generating random bytes. 2018-02-28 21:20:01 +01:00
s3_lib.c Split configuration of TLSv1.3 ciphers from older ciphers 2018-03-14 10:15:50 +00:00
s3_msg.c Update copyright year 2018-02-13 13:59:25 +00:00
ssl_asn1.c Session Ticket app data 2018-03-12 10:31:09 +00:00
ssl_cert_table.h Add X448/Ed448 support to libssl 2018-03-05 11:39:20 +00:00
ssl_cert.c Update copyright years on all files merged since Jan 1st 2018 2018-01-09 05:49:01 +01:00
ssl_ciph.c Split configuration of TLSv1.3 ciphers from older ciphers 2018-03-14 10:15:50 +00:00
ssl_conf.c Split configuration of TLSv1.3 ciphers from older ciphers 2018-03-14 10:15:50 +00:00
ssl_err.c Split configuration of TLSv1.3 ciphers from older ciphers 2018-03-14 10:15:50 +00:00
ssl_init.c In OPENSSL_init_ssl(), run the base ssl init before OPENSSL_init_crypto() 2017-12-08 16:08:39 +01:00
ssl_lib.c Split configuration of TLSv1.3 ciphers from older ciphers 2018-03-14 10:15:50 +00:00
ssl_locl.h Split configuration of TLSv1.3 ciphers from older ciphers 2018-03-14 10:15:50 +00:00
ssl_mcnf.c Fix misc size_t issues causing Windows warnings in 64 bit 2016-11-04 12:09:46 +00:00
ssl_rsa.c Add SSL/SSL_CTX_use_cert_and_key() 2018-03-09 10:28:04 -06:00
ssl_sess.c Introduce SSL_CTX_set_stateless_cookie_{generate,verify}_cb 2018-03-12 19:34:13 +00:00
ssl_stat.c Merge HRR into ServerHello 2017-12-14 15:06:37 +00:00
ssl_txt.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
ssl_utst.c Remove heartbeat support 2016-11-13 16:24:02 -05:00
t1_enc.c Tell the ciphers which DRBG to use for generating random bytes. 2018-02-28 21:20:01 +01:00
t1_lib.c Session Ticket app data 2018-03-12 10:31:09 +00:00
t1_trce.c Fix enable-ssl-trace 2018-03-12 19:45:14 +00:00
tls13_enc.c Tell the ciphers which DRBG to use for generating random bytes. 2018-02-28 21:20:01 +01:00
tls_srp.c update SRP copyright notice 2018-03-13 18:33:44 +10:00