diff options
author | Arne Schwabe <arne@rfc2549.org> | 2015-04-15 00:17:26 +0200 |
---|---|---|
committer | Arne Schwabe <arne@rfc2549.org> | 2015-04-15 00:20:23 +0200 |
commit | c3ae4aaac9f0b168aed063d3e86c5196608eaba1 (patch) | |
tree | 1a18e7d8751d4dd3682d82d12c8441b335112984 /main/openssl/patches/README | |
parent | 5e42114d22faefe7c272b1b498fdf5640da494c7 (diff) |
Move more to git, add submodules, fix build script, change hgignore to gitignore
Diffstat (limited to 'main/openssl/patches/README')
m--------- | main/openssl | 0 | ||||
-rw-r--r-- | main/openssl/patches/README | 82 |
2 files changed, 0 insertions, 82 deletions
diff --git a/main/openssl b/main/openssl new file mode 160000 +Subproject 4d377a9ce111930d8a8f06dc0e94a892a7f6c51 diff --git a/main/openssl/patches/README b/main/openssl/patches/README deleted file mode 100644 index 53444701..00000000 --- a/main/openssl/patches/README +++ /dev/null @@ -1,82 +0,0 @@ -progs.patch: - -Fixup sources under the apps/ directory that are not built under the android environment. - - -handshake_cutthrough.patch - -Enables SSL3+ clients to send application data immediately following the -Finished message even when negotiating full-handshakes. With this patch, -clients can negotiate SSL connections in 1-RTT even when performing -full-handshakes. - -jsse.patch - -Support for JSSE implementation based on OpenSSL. - -channelid.patch - -Implements TLS Channel ID support as both a client and a server. -See http://tools.ietf.org/html/draft-balfanz-tls-channelid-00. - -eng_dyn_dirs.patch - -Fixes the case of having multiple DIR_ADD commands sent to eng_dyn - -fix_clang_build.patch - -Fixes the Clang based build. - -tls12_digests.patch - -Fixes a bug with handling TLS 1.2 and digest functions for DSA and ECDSA -keys. - -alpn.patch - -This change adds support for ALPN in OpenSSL. ALPN is the IETF -blessed version of NPN and we'll be supporting both ALPN and NPN for -some time yet. - -cbc_record_splitting.patch - -BEAST attack client-side mitigation. Removes 0/n record splitting, adds 1/n-1 -record splitting. Record splitting is disabled by default. - -dsa_nonce.patch - -Adds an option to mix in hash of message and private key into (EC)DSA nonces to -make (EC)DSA more resilient to weaknesses in RNGs used for nonces. The feature -is disabled by default. - -ecdhe_psk.patch - -Adds support for ECDHE Pre-Shared Key (PSK) TLS cipher suites. - -ecdhe_psk_part2.patch - -Removes ECHDE-PSK cipher suites with SHA-2 because they cannot be used with -SSLv3 (and there's no way to express that in OpenSSL's configuration). Adds -SHA-1 based ECDHE-PSK AES-CBC cipher suites instead. - -arm_asm.patch - -Adds newer ARM assembly pack with BSAES for ARMv7 and acceleration for ARMv8 -Based on branch available at: -https://git.linaro.org/people/ard.biesheuvel/openssl.git/shortlog/refs/heads/openssl-1.0.1f-with-arm-patches -c7b582ef23eb6f4386664e841e6e406d984c38d3^..cb8b1ab03e5c179a719afe83f03fecb1c2c78730 - -tls_psk_hint.patch - -Fixes issues with TLS-PSK identity hint implementation where -per-connection/session and per-context hints were being mixed up. - -psk_client_callback_128_byte_id_bug.patch - -Fixes the issue where it was impossible to return a 128 byte long PSK identity -(the maximum supported length) from psk_client_callback. - -tls_fallback_scsv.patch - -Adds the signalling cipher suite value (SCSV) from -https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 |