Loading CHANGES +5 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,11 @@ Changes between 1.0.2 and 1.1.0 [xx XXX xxxx] *) Remove support for all 40 and 56 bit ciphers. This includes all the export ciphers who are no longer supported and drops support the ephemeral RSA key exchange. The LOW ciphers currently doesn't have any ciphers in it. [Kurt Roeckx] *) Added ASYNC support. Libcrypto now includes the async sub-library to enable cryptographic operations to be performed asynchronously as long as an asynchronous capable engine is used. See the ASYNC_start_job() man page for Loading apps/s_server.c +2 −45 Original line number Diff line number Diff line Loading @@ -190,9 +190,6 @@ typedef unsigned int u_int; # undef FIONBIO #endif #ifndef OPENSSL_NO_RSA static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength); #endif static int not_resumable_sess_cb(SSL *s, int is_forward_secure); static int sv_body(char *hostname, int s, int stype, unsigned char *context); static int www_body(char *hostname, int s, int stype, unsigned char *context); Loading Loading @@ -807,7 +804,7 @@ typedef enum OPTION_choice { OPT_DEBUG, OPT_TLSEXTDEBUG, OPT_STATUS, OPT_STATUS_VERBOSE, OPT_STATUS_TIMEOUT, OPT_STATUS_URL, OPT_MSG, OPT_MSGFILE, OPT_TRACE, OPT_SECURITY_DEBUG, OPT_SECURITY_DEBUG_VERBOSE, OPT_STATE, OPT_CRLF, OPT_QUIET, OPT_BRIEF, OPT_NO_TMP_RSA, OPT_NO_DHE, OPT_NO_ECDHE, OPT_QUIET, OPT_BRIEF, OPT_NO_DHE, OPT_NO_ECDHE, OPT_NO_RESUME_EPHEMERAL, OPT_PSK_HINT, OPT_PSK, OPT_SRPVFILE, OPT_SRPUSERSEED, OPT_REV, OPT_WWW, OPT_UPPER_WWW, OPT_HTTP, OPT_ASYNC, OPT_SSL3, Loading Loading @@ -866,7 +863,6 @@ OPTIONS s_server_options[] = { "Do not load certificates from the default certificates directory"}, {"nocert", OPT_NOCERT, '-', "Don't use any certificates (Anon-DH)"}, {"quiet", OPT_QUIET, '-', "No server output"}, {"no_tmp_rsa", OPT_NO_TMP_RSA, '-', "Do not generate a tmp RSA key"}, {"tls1_2", OPT_TLS1_2, '-', "just talk TLSv1.2"}, {"tls1_1", OPT_TLS1_1, '-', "Just talk TLSv1.1"}, {"tls1", OPT_TLS1, '-', "Just talk TLSv1"}, Loading Loading @@ -1004,7 +1000,7 @@ int s_server_main(int argc, char *argv[]) #ifndef OPENSSL_NO_DH int no_dhe = 0; #endif int no_tmp_rsa = 0, no_ecdhe = 0, nocert = 0, ret = 1; int no_ecdhe = 0, nocert = 0, ret = 1; int noCApath = 0, noCAfile = 0; int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM; Loading Loading @@ -1295,9 +1291,6 @@ int s_server_main(int argc, char *argv[]) case OPT_BRIEF: s_quiet = s_brief = verify_quiet = 1; break; case OPT_NO_TMP_RSA: no_tmp_rsa = 1; break; case OPT_NO_DHE: #ifndef OPENSSL_NO_DH no_dhe = 1; Loading Loading @@ -1824,13 +1817,6 @@ int s_server_main(int argc, char *argv[]) if (!set_cert_key_stuff(ctx, s_dcert, s_dkey, s_dchain, build_chain)) goto end; } #ifndef OPENSSL_NO_RSA if (!no_tmp_rsa) { SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb); if (ctx2) SSL_CTX_set_tmp_rsa_callback(ctx2, tmp_rsa_cb); } #endif if (no_resume_ephemeral) { SSL_CTX_set_not_resumable_session_callback(ctx, Loading Loading @@ -3135,35 +3121,6 @@ static int rev_body(char *hostname, int s, int stype, unsigned char *context) return (ret); } #ifndef OPENSSL_NO_RSA static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength) { BIGNUM *bn = NULL; static RSA *rsa_tmp = NULL; if (!rsa_tmp && ((bn = BN_new()) == NULL)) BIO_printf(bio_err, "Allocation error in generating RSA key\n"); if (!rsa_tmp && bn) { if (!s_quiet) { BIO_printf(bio_err, "Generating temp (%d bit) RSA key...", keylength); (void)BIO_flush(bio_err); } if (!BN_set_word(bn, RSA_F4) || ((rsa_tmp = RSA_new()) == NULL) || !RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) { RSA_free(rsa_tmp); rsa_tmp = NULL; } if (!s_quiet) { BIO_printf(bio_err, "\n"); (void)BIO_flush(bio_err); } BN_free(bn); } return (rsa_tmp); } #endif #define MAX_SESSION_ID_ATTEMPTS 10 static int generate_session_id(const SSL *ssl, unsigned char *id, unsigned int *id_len) Loading demos/easy_tls/easy-tls.c +0 −15 Original line number Diff line number Diff line Loading @@ -651,7 +651,6 @@ struct tls_create_ctx_args tls_create_ctx_defaultargs(void) ret.ca_file = NULL; ret.verify_depth = -1; ret.fail_unless_verified = 0; ret.export_p = 0; return ret; } Loading Loading @@ -781,20 +780,6 @@ SSL_CTX *tls_create_ctx(struct tls_create_ctx_args a, void *apparg) /* avoid small subgroup attacks: */ SSL_CTX_set_options(ret, SSL_OP_SINGLE_DH_USE); } #ifndef NO_RSA if (!a.client_p && a.export_p) { RSA *tmpkey; tmpkey = RSA_generate_key(512, RSA_F4, 0, NULL); if (tmpkey == NULL) goto err; if (!SSL_CTX_set_tmp_rsa(ret, tmpkey)) { RSA_free(tmpkey); goto err; } RSA_free(tmpkey); /* SSL_CTX_set_tmp_rsa uses a duplicate. */ } #endif return ret; Loading demos/easy_tls/easy-tls.h +0 −1 Original line number Diff line number Diff line Loading @@ -34,7 +34,6 @@ struct tls_create_ctx_args { const char *ca_file; int verify_depth; int fail_unless_verified; int export_p; }; struct tls_create_ctx_args tls_create_ctx_defaultargs(void); /* Loading doc/apps/ciphers.pod +0 −32 Original line number Diff line number Diff line Loading @@ -168,18 +168,6 @@ encryption. "low" encryption cipher suites, currently those using 64 or 56 bit encryption algorithms but excluding export cipher suites. =item B<EXP>, B<EXPORT> export encryption algorithms. Including 40 and 56 bits algorithms. =item B<EXPORT40> 40 bit export encryption algorithms =item B<EXPORT56> 56 bit export encryption algorithms. This list is empty. =item B<eNULL>, B<NULL> the "NULL" ciphers that is those offering no encryption. Because these offer no Loading Loading @@ -387,12 +375,9 @@ e.g. DES-CBC3-SHA. In these cases, RSA authentication is used. SSL_RSA_WITH_NULL_MD5 NULL-MD5 SSL_RSA_WITH_NULL_SHA NULL-SHA SSL_RSA_EXPORT_WITH_RC4_40_MD5 EXP-RC4-MD5 SSL_RSA_WITH_RC4_128_MD5 RC4-MD5 SSL_RSA_WITH_RC4_128_SHA RC4-SHA SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 EXP-RC2-CBC-MD5 SSL_RSA_WITH_IDEA_CBC_SHA IDEA-CBC-SHA SSL_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-DES-CBC-SHA SSL_RSA_WITH_DES_CBC_SHA DES-CBC-SHA SSL_RSA_WITH_3DES_EDE_CBC_SHA DES-CBC3-SHA Loading @@ -400,16 +385,12 @@ e.g. DES-CBC3-SHA. In these cases, RSA authentication is used. SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA DH-DSS-DES-CBC3-SHA SSL_DH_RSA_WITH_DES_CBC_SHA DH-RSA-DES-CBC-SHA SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA DH-RSA-DES-CBC3-SHA SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA EXP-DHE-DSS-DES-CBC-SHA SSL_DHE_DSS_WITH_DES_CBC_SHA DHE-DSS-CBC-SHA SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA DHE-DSS-DES-CBC3-SHA SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-DHE-RSA-DES-CBC-SHA SSL_DHE_RSA_WITH_DES_CBC_SHA DHE-RSA-DES-CBC-SHA SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA DHE-RSA-DES-CBC3-SHA SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 EXP-ADH-RC4-MD5 SSL_DH_anon_WITH_RC4_128_MD5 ADH-RC4-MD5 SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA EXP-ADH-DES-CBC-SHA SSL_DH_anon_WITH_DES_CBC_SHA ADH-DES-CBC-SHA SSL_DH_anon_WITH_3DES_EDE_CBC_SHA ADH-DES-CBC3-SHA Loading @@ -421,31 +402,22 @@ e.g. DES-CBC3-SHA. In these cases, RSA authentication is used. TLS_RSA_WITH_NULL_MD5 NULL-MD5 TLS_RSA_WITH_NULL_SHA NULL-SHA TLS_RSA_EXPORT_WITH_RC4_40_MD5 EXP-RC4-MD5 TLS_RSA_WITH_RC4_128_MD5 RC4-MD5 TLS_RSA_WITH_RC4_128_SHA RC4-SHA TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 EXP-RC2-CBC-MD5 TLS_RSA_WITH_IDEA_CBC_SHA IDEA-CBC-SHA TLS_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-DES-CBC-SHA TLS_RSA_WITH_DES_CBC_SHA DES-CBC-SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA DES-CBC3-SHA TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA Not implemented. TLS_DH_DSS_WITH_DES_CBC_SHA Not implemented. TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA Not implemented. TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA Not implemented. TLS_DH_RSA_WITH_DES_CBC_SHA Not implemented. TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA Not implemented. TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA EXP-DHE-DSS-DES-CBC-SHA TLS_DHE_DSS_WITH_DES_CBC_SHA DHE-DSS-CBC-SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA DHE-DSS-DES-CBC3-SHA TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-DHE-RSA-DES-CBC-SHA TLS_DHE_RSA_WITH_DES_CBC_SHA DHE-RSA-DES-CBC-SHA TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA DHE-RSA-DES-CBC3-SHA TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 EXP-ADH-RC4-MD5 TLS_DH_anon_WITH_RC4_128_MD5 ADH-RC4-MD5 TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA EXP-ADH-DES-CBC-SHA TLS_DH_anon_WITH_DES_CBC_SHA ADH-DES-CBC-SHA TLS_DH_anon_WITH_3DES_EDE_CBC_SHA ADH-DES-CBC3-SHA Loading Loading @@ -511,10 +483,6 @@ algorithms, such as the B<ccgost> engine, included in the OpenSSL distribution. Note: these ciphers can also be used in SSL v3. TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA EXP1024-DES-CBC-SHA TLS_RSA_EXPORT1024_WITH_RC4_56_SHA EXP1024-RC4-SHA TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA EXP1024-DHE-DSS-DES-CBC-SHA TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA EXP1024-DHE-DSS-RC4-SHA TLS_DHE_DSS_WITH_RC4_128_SHA DHE-DSS-RC4-SHA =head2 Elliptic curve cipher suites. Loading Loading
CHANGES +5 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,11 @@ Changes between 1.0.2 and 1.1.0 [xx XXX xxxx] *) Remove support for all 40 and 56 bit ciphers. This includes all the export ciphers who are no longer supported and drops support the ephemeral RSA key exchange. The LOW ciphers currently doesn't have any ciphers in it. [Kurt Roeckx] *) Added ASYNC support. Libcrypto now includes the async sub-library to enable cryptographic operations to be performed asynchronously as long as an asynchronous capable engine is used. See the ASYNC_start_job() man page for Loading
apps/s_server.c +2 −45 Original line number Diff line number Diff line Loading @@ -190,9 +190,6 @@ typedef unsigned int u_int; # undef FIONBIO #endif #ifndef OPENSSL_NO_RSA static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength); #endif static int not_resumable_sess_cb(SSL *s, int is_forward_secure); static int sv_body(char *hostname, int s, int stype, unsigned char *context); static int www_body(char *hostname, int s, int stype, unsigned char *context); Loading Loading @@ -807,7 +804,7 @@ typedef enum OPTION_choice { OPT_DEBUG, OPT_TLSEXTDEBUG, OPT_STATUS, OPT_STATUS_VERBOSE, OPT_STATUS_TIMEOUT, OPT_STATUS_URL, OPT_MSG, OPT_MSGFILE, OPT_TRACE, OPT_SECURITY_DEBUG, OPT_SECURITY_DEBUG_VERBOSE, OPT_STATE, OPT_CRLF, OPT_QUIET, OPT_BRIEF, OPT_NO_TMP_RSA, OPT_NO_DHE, OPT_NO_ECDHE, OPT_QUIET, OPT_BRIEF, OPT_NO_DHE, OPT_NO_ECDHE, OPT_NO_RESUME_EPHEMERAL, OPT_PSK_HINT, OPT_PSK, OPT_SRPVFILE, OPT_SRPUSERSEED, OPT_REV, OPT_WWW, OPT_UPPER_WWW, OPT_HTTP, OPT_ASYNC, OPT_SSL3, Loading Loading @@ -866,7 +863,6 @@ OPTIONS s_server_options[] = { "Do not load certificates from the default certificates directory"}, {"nocert", OPT_NOCERT, '-', "Don't use any certificates (Anon-DH)"}, {"quiet", OPT_QUIET, '-', "No server output"}, {"no_tmp_rsa", OPT_NO_TMP_RSA, '-', "Do not generate a tmp RSA key"}, {"tls1_2", OPT_TLS1_2, '-', "just talk TLSv1.2"}, {"tls1_1", OPT_TLS1_1, '-', "Just talk TLSv1.1"}, {"tls1", OPT_TLS1, '-', "Just talk TLSv1"}, Loading Loading @@ -1004,7 +1000,7 @@ int s_server_main(int argc, char *argv[]) #ifndef OPENSSL_NO_DH int no_dhe = 0; #endif int no_tmp_rsa = 0, no_ecdhe = 0, nocert = 0, ret = 1; int no_ecdhe = 0, nocert = 0, ret = 1; int noCApath = 0, noCAfile = 0; int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM; Loading Loading @@ -1295,9 +1291,6 @@ int s_server_main(int argc, char *argv[]) case OPT_BRIEF: s_quiet = s_brief = verify_quiet = 1; break; case OPT_NO_TMP_RSA: no_tmp_rsa = 1; break; case OPT_NO_DHE: #ifndef OPENSSL_NO_DH no_dhe = 1; Loading Loading @@ -1824,13 +1817,6 @@ int s_server_main(int argc, char *argv[]) if (!set_cert_key_stuff(ctx, s_dcert, s_dkey, s_dchain, build_chain)) goto end; } #ifndef OPENSSL_NO_RSA if (!no_tmp_rsa) { SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb); if (ctx2) SSL_CTX_set_tmp_rsa_callback(ctx2, tmp_rsa_cb); } #endif if (no_resume_ephemeral) { SSL_CTX_set_not_resumable_session_callback(ctx, Loading Loading @@ -3135,35 +3121,6 @@ static int rev_body(char *hostname, int s, int stype, unsigned char *context) return (ret); } #ifndef OPENSSL_NO_RSA static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength) { BIGNUM *bn = NULL; static RSA *rsa_tmp = NULL; if (!rsa_tmp && ((bn = BN_new()) == NULL)) BIO_printf(bio_err, "Allocation error in generating RSA key\n"); if (!rsa_tmp && bn) { if (!s_quiet) { BIO_printf(bio_err, "Generating temp (%d bit) RSA key...", keylength); (void)BIO_flush(bio_err); } if (!BN_set_word(bn, RSA_F4) || ((rsa_tmp = RSA_new()) == NULL) || !RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) { RSA_free(rsa_tmp); rsa_tmp = NULL; } if (!s_quiet) { BIO_printf(bio_err, "\n"); (void)BIO_flush(bio_err); } BN_free(bn); } return (rsa_tmp); } #endif #define MAX_SESSION_ID_ATTEMPTS 10 static int generate_session_id(const SSL *ssl, unsigned char *id, unsigned int *id_len) Loading
demos/easy_tls/easy-tls.c +0 −15 Original line number Diff line number Diff line Loading @@ -651,7 +651,6 @@ struct tls_create_ctx_args tls_create_ctx_defaultargs(void) ret.ca_file = NULL; ret.verify_depth = -1; ret.fail_unless_verified = 0; ret.export_p = 0; return ret; } Loading Loading @@ -781,20 +780,6 @@ SSL_CTX *tls_create_ctx(struct tls_create_ctx_args a, void *apparg) /* avoid small subgroup attacks: */ SSL_CTX_set_options(ret, SSL_OP_SINGLE_DH_USE); } #ifndef NO_RSA if (!a.client_p && a.export_p) { RSA *tmpkey; tmpkey = RSA_generate_key(512, RSA_F4, 0, NULL); if (tmpkey == NULL) goto err; if (!SSL_CTX_set_tmp_rsa(ret, tmpkey)) { RSA_free(tmpkey); goto err; } RSA_free(tmpkey); /* SSL_CTX_set_tmp_rsa uses a duplicate. */ } #endif return ret; Loading
demos/easy_tls/easy-tls.h +0 −1 Original line number Diff line number Diff line Loading @@ -34,7 +34,6 @@ struct tls_create_ctx_args { const char *ca_file; int verify_depth; int fail_unless_verified; int export_p; }; struct tls_create_ctx_args tls_create_ctx_defaultargs(void); /* Loading
doc/apps/ciphers.pod +0 −32 Original line number Diff line number Diff line Loading @@ -168,18 +168,6 @@ encryption. "low" encryption cipher suites, currently those using 64 or 56 bit encryption algorithms but excluding export cipher suites. =item B<EXP>, B<EXPORT> export encryption algorithms. Including 40 and 56 bits algorithms. =item B<EXPORT40> 40 bit export encryption algorithms =item B<EXPORT56> 56 bit export encryption algorithms. This list is empty. =item B<eNULL>, B<NULL> the "NULL" ciphers that is those offering no encryption. Because these offer no Loading Loading @@ -387,12 +375,9 @@ e.g. DES-CBC3-SHA. In these cases, RSA authentication is used. SSL_RSA_WITH_NULL_MD5 NULL-MD5 SSL_RSA_WITH_NULL_SHA NULL-SHA SSL_RSA_EXPORT_WITH_RC4_40_MD5 EXP-RC4-MD5 SSL_RSA_WITH_RC4_128_MD5 RC4-MD5 SSL_RSA_WITH_RC4_128_SHA RC4-SHA SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 EXP-RC2-CBC-MD5 SSL_RSA_WITH_IDEA_CBC_SHA IDEA-CBC-SHA SSL_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-DES-CBC-SHA SSL_RSA_WITH_DES_CBC_SHA DES-CBC-SHA SSL_RSA_WITH_3DES_EDE_CBC_SHA DES-CBC3-SHA Loading @@ -400,16 +385,12 @@ e.g. DES-CBC3-SHA. In these cases, RSA authentication is used. SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA DH-DSS-DES-CBC3-SHA SSL_DH_RSA_WITH_DES_CBC_SHA DH-RSA-DES-CBC-SHA SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA DH-RSA-DES-CBC3-SHA SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA EXP-DHE-DSS-DES-CBC-SHA SSL_DHE_DSS_WITH_DES_CBC_SHA DHE-DSS-CBC-SHA SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA DHE-DSS-DES-CBC3-SHA SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-DHE-RSA-DES-CBC-SHA SSL_DHE_RSA_WITH_DES_CBC_SHA DHE-RSA-DES-CBC-SHA SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA DHE-RSA-DES-CBC3-SHA SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 EXP-ADH-RC4-MD5 SSL_DH_anon_WITH_RC4_128_MD5 ADH-RC4-MD5 SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA EXP-ADH-DES-CBC-SHA SSL_DH_anon_WITH_DES_CBC_SHA ADH-DES-CBC-SHA SSL_DH_anon_WITH_3DES_EDE_CBC_SHA ADH-DES-CBC3-SHA Loading @@ -421,31 +402,22 @@ e.g. DES-CBC3-SHA. In these cases, RSA authentication is used. TLS_RSA_WITH_NULL_MD5 NULL-MD5 TLS_RSA_WITH_NULL_SHA NULL-SHA TLS_RSA_EXPORT_WITH_RC4_40_MD5 EXP-RC4-MD5 TLS_RSA_WITH_RC4_128_MD5 RC4-MD5 TLS_RSA_WITH_RC4_128_SHA RC4-SHA TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 EXP-RC2-CBC-MD5 TLS_RSA_WITH_IDEA_CBC_SHA IDEA-CBC-SHA TLS_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-DES-CBC-SHA TLS_RSA_WITH_DES_CBC_SHA DES-CBC-SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA DES-CBC3-SHA TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA Not implemented. TLS_DH_DSS_WITH_DES_CBC_SHA Not implemented. TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA Not implemented. TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA Not implemented. TLS_DH_RSA_WITH_DES_CBC_SHA Not implemented. TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA Not implemented. TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA EXP-DHE-DSS-DES-CBC-SHA TLS_DHE_DSS_WITH_DES_CBC_SHA DHE-DSS-CBC-SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA DHE-DSS-DES-CBC3-SHA TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-DHE-RSA-DES-CBC-SHA TLS_DHE_RSA_WITH_DES_CBC_SHA DHE-RSA-DES-CBC-SHA TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA DHE-RSA-DES-CBC3-SHA TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 EXP-ADH-RC4-MD5 TLS_DH_anon_WITH_RC4_128_MD5 ADH-RC4-MD5 TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA EXP-ADH-DES-CBC-SHA TLS_DH_anon_WITH_DES_CBC_SHA ADH-DES-CBC-SHA TLS_DH_anon_WITH_3DES_EDE_CBC_SHA ADH-DES-CBC3-SHA Loading Loading @@ -511,10 +483,6 @@ algorithms, such as the B<ccgost> engine, included in the OpenSSL distribution. Note: these ciphers can also be used in SSL v3. TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA EXP1024-DES-CBC-SHA TLS_RSA_EXPORT1024_WITH_RC4_56_SHA EXP1024-RC4-SHA TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA EXP1024-DHE-DSS-DES-CBC-SHA TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA EXP1024-DHE-DSS-RC4-SHA TLS_DHE_DSS_WITH_RC4_128_SHA DHE-DSS-RC4-SHA =head2 Elliptic curve cipher suites. Loading
Rich Salz <rsalz@openssl.org>
MR: #364Rich Salz <rsalz@openssl.org>
MR: #364