Skip to content
  1. Jun 17, 2016
    • Matt Caswell's avatar
      Change default directory for storing the .rnd file on Windows · 13c03c8d
      Matt Caswell authored
      
      
      Previously we would try %RANDFILE%, then %HOME% and finally "C:".
      Unfortunately this often ends up being "C:" which the user may not
      have write permission for.
      
      Now we try %RANDFILE% first, and then the same set of environment vars
      as GetTempFile() uses, i.e. %TMP%, then %TEMP%, %USERPROFILE% and
      %SYSTEMROOT%. If all else fails we fall back to %HOME% and only then "C:".
      
      Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
      13c03c8d
  2. Jun 16, 2016
  3. Jun 06, 2016
  4. Jun 01, 2016
  5. May 20, 2016
    • Rich Salz's avatar
      Rename lh_xxx,sk_xxx tp OPENSSL_{LH,SK}_xxx · 739a1eb1
      Rich Salz authored
      
      
      Rename sk_xxx to OPENSSL_sk_xxx and _STACK to OPENSSL_STACK
      Rename lh_xxx API to OPENSSL_LH_xxx and LHASH_NODE to OPENSSL_LH_NODE
      Make lhash stuff opaque.
      Use typedefs for function pointers; makes the code simpler.
      Remove CHECKED_xxx macros.
      Add documentation; remove old X509-oriented doc.
      Add API-compat names for entire old API
      
      Reviewed-by: default avatarDr. Stephen Henson <steve@openssl.org>
      739a1eb1
  6. May 16, 2016
  7. May 12, 2016
  8. May 11, 2016
  9. May 10, 2016
  10. May 09, 2016
  11. May 05, 2016
  12. May 03, 2016
  13. May 02, 2016
  14. Apr 15, 2016
  15. Apr 14, 2016
  16. Apr 13, 2016
  17. Apr 09, 2016
  18. Apr 06, 2016
  19. Apr 02, 2016
  20. Mar 29, 2016
  21. Mar 21, 2016
  22. Mar 20, 2016
  23. Mar 17, 2016
  24. Mar 16, 2016
  25. Mar 11, 2016
  26. Mar 09, 2016
  27. Mar 08, 2016
  28. Mar 07, 2016
    • Emilia Kasper's avatar
      Rework the default cipherlist. · a556f342
      Emilia Kasper authored
      
      
       - Always prefer forward-secure handshakes.
       - Consistently order ECDSA above RSA.
       - Next, always prefer AEADs to non-AEADs, irrespective of strength.
       - Within AEADs, prefer GCM > CHACHA > CCM for a given strength.
       - Prefer TLS v1.2 ciphers to legacy ciphers.
       - Remove rarely used DSS, IDEA, SEED, CAMELLIA, CCM from the default
         list to reduce ClientHello bloat.
      
      Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
      a556f342
  29. Mar 04, 2016