diff options
author | Parménides GV <parmegv@sdf.org> | 2015-06-04 19:20:15 +0200 |
---|---|---|
committer | Parménides GV <parmegv@sdf.org> | 2015-06-04 19:20:15 +0200 |
commit | 27594eeae6f40a402bc3110f06d57975168e74e3 (patch) | |
tree | cdabf6571e6f4ff07205fd6921d8095539a1fcdc /app/openssl/patches/README | |
parent | 8dc4f58d96892fbfd83094fb85b1d17656035290 (diff) |
ics-openvpn as a submodule! beautiful
ics-openvpn is now officially on GitHub, and they track openssl and
openvpn as submodules, so it's easier to update everything. Just a git
submodule update --recursive.
I've also set up soft links to native modules from ics-openvpn in app,
so that we don't copy files in Gradle (which was causing problems with
the submodules .git* files, not being copied). That makes the repo
cleaner.
Diffstat (limited to 'app/openssl/patches/README')
-rw-r--r-- | app/openssl/patches/README | 82 |
1 files changed, 0 insertions, 82 deletions
diff --git a/app/openssl/patches/README b/app/openssl/patches/README deleted file mode 100644 index 53444701..00000000 --- a/app/openssl/patches/README +++ /dev/null @@ -1,82 +0,0 @@ -progs.patch: - -Fixup sources under the apps/ directory that are not built under the android environment. - - -handshake_cutthrough.patch - -Enables SSL3+ clients to send application data immediately following the -Finished message even when negotiating full-handshakes. With this patch, -clients can negotiate SSL connections in 1-RTT even when performing -full-handshakes. - -jsse.patch - -Support for JSSE implementation based on OpenSSL. - -channelid.patch - -Implements TLS Channel ID support as both a client and a server. -See http://tools.ietf.org/html/draft-balfanz-tls-channelid-00. - -eng_dyn_dirs.patch - -Fixes the case of having multiple DIR_ADD commands sent to eng_dyn - -fix_clang_build.patch - -Fixes the Clang based build. - -tls12_digests.patch - -Fixes a bug with handling TLS 1.2 and digest functions for DSA and ECDSA -keys. - -alpn.patch - -This change adds support for ALPN in OpenSSL. ALPN is the IETF -blessed version of NPN and we'll be supporting both ALPN and NPN for -some time yet. - -cbc_record_splitting.patch - -BEAST attack client-side mitigation. Removes 0/n record splitting, adds 1/n-1 -record splitting. Record splitting is disabled by default. - -dsa_nonce.patch - -Adds an option to mix in hash of message and private key into (EC)DSA nonces to -make (EC)DSA more resilient to weaknesses in RNGs used for nonces. The feature -is disabled by default. - -ecdhe_psk.patch - -Adds support for ECDHE Pre-Shared Key (PSK) TLS cipher suites. - -ecdhe_psk_part2.patch - -Removes ECHDE-PSK cipher suites with SHA-2 because they cannot be used with -SSLv3 (and there's no way to express that in OpenSSL's configuration). Adds -SHA-1 based ECDHE-PSK AES-CBC cipher suites instead. - -arm_asm.patch - -Adds newer ARM assembly pack with BSAES for ARMv7 and acceleration for ARMv8 -Based on branch available at: -https://git.linaro.org/people/ard.biesheuvel/openssl.git/shortlog/refs/heads/openssl-1.0.1f-with-arm-patches -c7b582ef23eb6f4386664e841e6e406d984c38d3^..cb8b1ab03e5c179a719afe83f03fecb1c2c78730 - -tls_psk_hint.patch - -Fixes issues with TLS-PSK identity hint implementation where -per-connection/session and per-context hints were being mixed up. - -psk_client_callback_128_byte_id_bug.patch - -Fixes the issue where it was impossible to return a 128 byte long PSK identity -(the maximum supported length) from psk_client_callback. - -tls_fallback_scsv.patch - -Adds the signalling cipher suite value (SCSV) from -https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 |