wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/crypto
History
Matt Caswell f865b08143 Split configuration of TLSv1.3 ciphers from older ciphers 
With the current mechanism, old cipher strings that used to work in 1.1.0,
may inadvertently disable all TLSv1.3 ciphersuites causing connections to
fail. This is confusing for users.

In reality TLSv1.3 are quite different to older ciphers. They are much
simpler and there are only a small number of them so, arguably, they don't
need the same level of control that the older ciphers have.

This change splits the configuration of TLSv1.3 ciphers from older ones.
By default the TLSv1.3 ciphers are on, so you cannot inadvertently disable
them through your existing config.

Fixes #5359

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5392)
2018-03-14 10:15:50 +00:00
..
aes Always use adr with __thumb2__. 2018-02-27 18:46:33 -05:00
aria Fix potential null problem. 2017-09-01 09:30:18 +10:00
asn1 Integrate X448 and Ed448 into libcrypto 2018-03-02 10:14:31 +00:00
async Copyright update of more files that have changed this year 2018-01-19 13:34:03 +01:00
bf Harmonize the make variables across all known platforms families 2018-02-14 17:13:53 +01:00
bio Update copyright year 2018-02-27 13:59:42 +00:00
blake2 Remove parentheses of return. 2017-10-18 16:05:06 +01:00
bn bnrand_range: Always call bnrand() with the correct flag 2018-03-06 18:32:35 +01:00
buffer Remove parentheses of return. 2017-10-18 16:05:06 +01:00
camellia Harmonize the make variables across all known platforms families 2018-02-14 17:13:53 +01:00
cast Harmonize the make variables across all known platforms families 2018-02-14 17:13:53 +01:00
chacha Harmonize the make variables across all known platforms families 2018-02-14 17:13:53 +01:00
cmac Don't use deprecated EVP_CIPHER_CTX_cleanup() internally 2017-03-01 11:42:50 +01:00
cms Check for malloc failure 2017-11-27 14:47:42 -05:00
comp Add comments to NULL func ptrs in bio_method_st 2017-12-18 07:04:48 +10:00
conf CONF: On VMS, treat VMS syntax inclusion paths correctly 2018-03-12 23:01:02 +01:00
ct Null pointer used. 2017-09-18 06:52:13 +10:00
des Harmonize the make variables across all known platforms families 2018-02-14 17:13:53 +01:00
dh Support public key and param check in EVP interface 2017-11-20 07:20:30 +01:00
dsa Check return value of OBJ_nid2obj in dsa_pub_encode. 2017-11-03 15:46:51 +01:00
dso Remove parentheses of return. 2017-10-18 16:05:06 +01:00
ec ec/curve25519.c: resolve regression with Android NDK's arm64 gcc. 2018-03-13 19:31:53 +01:00
engine Fix issues in ia32 RDRAND asm leading to reduced entropy 2018-03-08 10:27:49 -05:00
err Split configuration of TLSv1.3 ciphers from older ciphers 2018-03-14 10:15:50 +00:00
evp Integrate X448 and Ed448 into libcrypto 2018-03-02 10:14:31 +00:00
hmac Remove OPENSSL_assert() from crypto/hmac 2017-08-21 08:44:44 +01:00
idea Remove parentheses of return. 2017-10-18 16:05:06 +01:00
include/internal Integrate X448 and Ed448 into libcrypto 2018-03-02 10:14:31 +00:00
kdf More updates following review feedback 2017-08-21 08:44:44 +01:00
lhash Remove unused num.pl,segregnam scripts 2018-02-22 15:36:27 -05:00
md2 Remove parentheses of return. 2017-10-18 16:05:06 +01:00
md4 Remove parentheses of return. 2017-10-18 16:05:06 +01:00
md5 Harmonize the make variables across all known platforms families 2018-02-14 17:13:53 +01:00
mdc2 Remove parentheses of return. 2017-10-18 16:05:06 +01:00
modes Harmonize the make variables across all known platforms families 2018-02-14 17:13:53 +01:00
objects Free the correct type in OBJ_add_object() 2018-03-12 19:49:44 +00:00
ocsp Update copyright year 2018-02-13 13:59:25 +00:00
pem Fix type error in PEM processing 2018-03-09 10:51:05 -06:00
perlasm Copyright update of more files that have changed this year 2018-01-19 13:34:03 +01:00
pkcs7 Improve error handling in pk7_doit 2018-03-12 19:09:04 +00:00
pkcs12 Add checks for alloc failing. 2017-09-06 09:52:16 -04:00
poly1305 Update copyright year 2018-02-27 13:59:42 +00:00
rand RAND_DRBG: add a function for setting the reseeding defaults 2018-03-10 00:26:30 +01:00
rc2 Remove email addresses from source code. 2017-10-13 10:06:59 -04:00
rc4 Make a few more asm modules conform: last argument is output file 2018-03-08 19:31:41 +01:00
rc5 Harmonize the make variables across all known platforms families 2018-02-14 17:13:53 +01:00
ripemd Harmonize the make variables across all known platforms families 2018-02-14 17:13:53 +01:00
rsa Test the result of CMS_RecipientInfo_ktri_get0_algs() before using its output in rsa_cms_encrypt(). 2018-03-01 09:05:42 -06:00
seed Use _WIN32 over WIN32 for preprocessor conditional 2017-02-16 08:59:47 -05:00
sha Make a few more asm modules conform: last argument is output file 2018-03-08 19:31:41 +01:00
siphash Remove email addresses from source code. 2017-10-13 10:06:59 -04:00
sm3 SM3: restructure to EVP internal and update doc to right location 2017-11-06 07:21:15 +08:00
sm4 SM4: Add SM4 block cipher to EVP 2017-10-31 15:19:14 +10:00
srp update SRP copyright notice 2018-03-13 18:33:44 +10:00
stack Add sk_TYPE_new_reserve() function 2017-10-26 09:35:36 +10:00
store store/loader_file.c: rename variables causing conflicts with Android NDK. 2018-03-13 19:31:44 +01:00
ts struct timeval include guards 2017-09-01 09:55:43 +10:00
txt_db Remove parentheses of return. 2017-10-18 16:05:06 +01:00
ui Removre comment with user's name 2017-11-08 10:37:52 -05:00
whrlpool Harmonize the make variables across all known platforms families 2018-02-14 17:13:53 +01:00
x509 Integrate X448 and Ed448 into libcrypto 2018-03-02 10:14:31 +00:00
x509v3 Update copyright year 2018-02-27 13:59:42 +00:00
alphacpuid.pl
arm64cpuid.pl Update copyright year 2018-02-13 13:59:25 +00:00
arm_arch.h Update copyright year 2018-02-13 13:59:25 +00:00
armcap.c crypto/armcap.c: mask SHA512 hardware detection on iOS. 2018-03-06 23:18:24 +01:00
armv4cpuid.pl ARMv4 assembly pack: harmonize Thumb-ification of iOS build. 2017-02-15 23:16:01 +01:00
build.info Display the library building flags 2018-03-09 14:07:59 +01:00
c64xpluscpuid.pl Many spelling fixes/typo's corrected. 2017-11-11 19:03:10 -05:00
cpt_err.c make error tables const and separate header file 2017-06-07 15:12:03 -04:00
cryptlib.c Make OPENSSL_rdtsc universally available. 2018-02-07 10:08:15 +10:00
ctype.c Check for EOF in ASCII conversions. 2017-08-25 06:42:17 +10:00
cversion.c Fix SOURCE_DATE_EPOCH bug; use UTC 2017-11-27 14:34:14 -05:00
dllmain.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
ebcdic.c Remove email addresses from source code. 2017-10-13 10:06:59 -04:00
ex_data.c Update copyright year 2018-02-13 13:59:25 +00:00
ia64cpuid.S Fix typo in files in crypto folder 2017-08-05 20:42:06 +02:00
init.c OPENSSL_cleanup: cleanup secure memory 2018-02-13 17:32:54 +01:00
LPdir_nyi.c Fix typo (note by oneton@users.github) 2017-06-20 08:15:00 -04:00
LPdir_unix.c Adjust LPdir_unix.c on VMS for OpenSSL expectations 2018-03-12 23:01:02 +01:00
LPdir_vms.c Fix typo (note by oneton@users.github) 2017-06-20 08:15:00 -04:00
LPdir_win.c Fix typo (note by oneton@users.github) 2017-06-20 08:15:00 -04:00
LPdir_win32.c Fix typo (note by oneton@users.github) 2017-06-20 08:15:00 -04:00
LPdir_wince.c Fix typo (note by oneton@users.github) 2017-06-20 08:15:00 -04:00
mem.c Avoid unconditional store in CRYPTO_malloc. 2018-03-06 13:21:49 -05:00
mem_clr.c
mem_dbg.c Update copyright year 2018-02-13 13:59:25 +00:00
mem_sec.c mem_sec.c: portability fixup. 2018-03-12 11:03:17 +01:00
mips_arch.h
o_dir.c Move e_os.h to be the very first include. 2017-08-30 07:20:44 +10:00
o_fips.c Clean up references to FIPS 2017-02-28 15:26:25 +01:00
o_fopen.c
o_init.c Use "" not <> on e_os.h include 2017-08-22 11:07:56 -04:00
o_str.c Revert "GH614: Use memcpy()/strdup() when possible" 2017-09-14 10:26:54 +10:00
o_time.c Fix typo in files in crypto folder 2017-08-05 20:42:06 +02:00
pariscid.pl
ppc_arch.h
ppccap.c crypto/ppccap.c: SIGILL-free processor capabilities detection on MacOS X. 2017-04-02 20:45:59 +02:00
ppccpuid.pl
s390x_arch.h s390x assembly pack: add KMAC code path for aes-ccm 2018-02-06 19:39:52 +01:00
s390xcap.c s390x assembly pack: extend s390x capability vector. 2017-10-30 14:31:32 +01:00
s390xcpuid.pl s390x assembly pack: implement OPENSSL_rdtsc as STCKF 2018-02-13 20:34:38 +01:00
sparc_arch.h
sparccpuid.S Clean up references to FIPS 2017-02-28 15:26:25 +01:00
sparcv9cap.c Create a prototype for OPENSSL_rdtsc 2017-11-25 14:30:11 +01:00
threads_none.c Add atomic write call 2017-10-10 08:45:53 +10:00
threads_pthread.c Return a value from atomic read on Windows. 2017-10-11 09:47:54 +10:00
threads_win.c Return a value from atomic read on Windows. 2017-10-11 09:47:54 +10:00
uid.c Cleaning UEFI Build with additional OPENSSL_SYS_UEFI flags 2017-03-29 07:35:59 +02:00
vms_rms.h
x86_64cpuid.pl Fix issues in ia32 RDRAND asm leading to reduced entropy 2018-03-08 10:27:49 -05:00
x86cpuid.pl Fix issues in ia32 RDRAND asm leading to reduced entropy 2018-03-08 10:27:49 -05:00