openssl/ssl
Bodo Möller 0a05123a6c Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that a
ciphersuite string such as "DEFAULT:RSA" cannot enable
authentication-only ciphersuites.

Also, change ssl_create_cipher_list() so that it no longer
starts with an arbitrary ciphersuite ordering, but instead
uses the logic that we previously had in SSL_DEFEAULT_CIPHER_LIST.
SSL_DEFAULT_CIPHER_LIST simplifies into just "ALL:!aNULL:!eNULL".
2007-02-19 18:41:41 +00:00
..
.cvsignore Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
bio_ssl.c fix problems found by coverity: remove useless code 2006-03-15 17:45:43 +00:00
d1_both.c Fix signed/unsigned warnings. 2005-07-26 04:25:05 +00:00
d1_clnt.c fix warnings/inconsistencies caused by the recent changes to the 2007-02-19 14:53:18 +00:00
d1_enc.c add additional checks + cleanup 2006-01-29 23:12:22 +00:00
d1_lib.c Constify version strings is ssl lib. 2007-01-21 16:06:05 +00:00
d1_meth.c Let the TLSv1_method() etc. functions return a const SSL_METHOD 2005-08-14 21:48:33 +00:00
d1_pkt.c fix support for receiving fragmented handshake messages 2006-11-29 14:45:50 +00:00
d1_srvr.c fix warnings/inconsistencies caused by the recent changes to the 2007-02-19 14:53:18 +00:00
dtls1.h There's no such things as DTLS1_AD_MISSING_HANDSHAKE_MESSAGE. 2006-01-07 20:44:29 +00:00
install.com Synchronise more with the Unix build. 2005-05-31 20:28:41 +00:00
kssl.c use user-supplied malloc functions for persistent kssl objects 2007-02-10 10:42:48 +00:00
kssl.h Make kerberos ciphersuite code work with newer header files 2005-04-09 23:55:55 +00:00
kssl_lcl.h To avoid commit wars over dependencies, let's make it so things that 2001-10-10 07:55:02 +00:00
Makefile Update dependencies. 2006-04-08 13:04:31 +00:00
s2_clnt.c Fix buffer overflow in SSL_get_shared_ciphers() function. 2006-09-28 13:18:43 +00:00
s2_enc.c ensure that the EVP_CIPHER_CTX object is initialized 2007-02-16 20:34:15 +00:00
s2_lib.c fix warnings/inconsistencies caused by the recent changes to the 2007-02-19 14:53:18 +00:00
s2_meth.c Let the TLSv1_method() etc. functions return a const SSL_METHOD 2005-08-14 21:48:33 +00:00
s2_pkt.c Avoid including cryptlib.h, it's not really needed. 2003-12-27 16:10:30 +00:00
s2_srvr.c Avoid warnings on VC++ 2005. 2005-12-05 17:21:22 +00:00
s3_both.c Align data payload for better performance. 2006-10-20 11:26:00 +00:00
s3_clnt.c fix warnings/inconsistencies caused by the recent changes to the 2007-02-19 14:53:18 +00:00
s3_enc.c Reorganize the data used for SSL ciphersuite pattern matching. 2007-02-17 06:45:38 +00:00
s3_lib.c fix warnings for CIPHER_DEBUG builds 2007-02-19 16:59:13 +00:00
s3_meth.c Let the TLSv1_method() etc. functions return a const SSL_METHOD 2005-08-14 21:48:33 +00:00
s3_pkt.c fix support for receiving fragmented handshake messages 2006-11-29 14:45:50 +00:00
s3_srvr.c Reorganize the data used for SSL ciphersuite pattern matching. 2007-02-17 06:45:38 +00:00
s23_clnt.c fix support for receiving fragmented handshake messages 2006-11-29 14:45:50 +00:00
s23_lib.c remove unused internal foo_base_method functions 2005-08-08 19:04:37 +00:00
s23_meth.c recent changes from 0.9.8: fix cipher list order in s3_lib.c, 2006-01-15 17:35:28 +00:00
s23_pkt.c Reorder inclusion of header files: 2002-07-10 07:01:54 +00:00
s23_srvr.c fix support for receiving fragmented handshake messages 2006-11-29 14:45:50 +00:00
ssl-lib.com Synchronise more with the Unix build. 2005-05-31 20:28:41 +00:00
ssl.h Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that a 2007-02-19 18:41:41 +00:00
ssl2.h Implement msg_callback for SSL 2.0. 2001-11-10 01:16:28 +00:00
ssl3.h Align data payload for better performance. 2006-10-20 11:26:00 +00:00
ssl23.h Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
ssl_algs.c Camellia cipher, contributed by NTT 2006-06-09 15:44:59 +00:00
ssl_asn1.c Remove ECC extension information from external representation 2006-04-05 17:11:19 +00:00
ssl_cert.c Reorganize the data used for SSL ciphersuite pattern matching. 2007-02-17 06:45:38 +00:00
ssl_ciph.c Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that a 2007-02-19 18:41:41 +00:00
ssl_err.c Update from 0.9.8 stable. Eliminate duplicate error codes. 2006-11-21 21:29:44 +00:00
ssl_err2.c Use new-style system-id macros everywhere possible. I hope I haven't 2001-02-20 08:13:47 +00:00
ssl_lib.c fix warnings for CIPHER_DEBUG builds 2007-02-19 16:59:13 +00:00
ssl_locl.h Reorganize the data used for SSL ciphersuite pattern matching. 2007-02-17 06:45:38 +00:00
ssl_rsa.c add support for DER encoded private keys to SSL_CTX_use_PrivateKey_file() 2005-04-08 22:52:42 +00:00
ssl_sess.c use user-supplied malloc functions for persistent kssl objects 2007-02-10 10:42:48 +00:00
ssl_stat.c add initial support for RFC 4279 PSK SSL ciphersuites 2006-03-10 23:06:27 +00:00
ssl_task.c Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
ssl_txt.c add initial support for RFC 4279 PSK SSL ciphersuites 2006-03-10 23:06:27 +00:00
ssltest.c use BIO_snprintf() instead of snprintf + use BIO_FP_TEXT for text output 2006-03-12 22:16:57 +00:00
t1_clnt.c Let the TLSv1_method() etc. functions return a const SSL_METHOD 2005-08-14 21:48:33 +00:00
t1_enc.c Reorganize the data used for SSL ciphersuite pattern matching. 2007-02-17 06:45:38 +00:00
t1_lib.c Reorganize the data used for SSL ciphersuite pattern matching. 2007-02-17 06:45:38 +00:00
t1_meth.c Let the TLSv1_method() etc. functions return a const SSL_METHOD 2005-08-14 21:48:33 +00:00
t1_srvr.c Let the TLSv1_method() etc. functions return a const SSL_METHOD 2005-08-14 21:48:33 +00:00
tls1.h Disable invalid ciphersuites 2006-06-14 17:51:46 +00:00