git.openssl.org Git - openssl.git/commit

author	Dr. Stephen Henson <steve@openssl.org>
	Sun, 15 Dec 2013 13:32:24 +0000 (13:32 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Fri, 28 Mar 2014 14:56:30 +0000 (14:56 +0000)
commit	b362ccab5c1d52086f19d29a32f4acc11073b86b
tree	a6a2de4f90c8ce9272164ad448ac78cf95371909	tree \| snapshot
parent	66f96fe2d519147097c118d4bf60704c69ed0635	commit \| diff

Security framework.

Security callback: selects which parameters are permitted including
sensible defaults based on bits of security.

The "parameters" which can be selected include: ciphersuites,
curves, key sizes, certificate signature algorithms, supported
signature algorithms, DH parameters, SSL/TLS version, session tickets
and compression.

In some cases prohibiting the use of a parameters will mean they are
not advertised to the peer: for example cipher suites and ECC curves.
In other cases it will abort the handshake: e.g DH parameters or the
peer key size.

Documentation to follow...

16 files changed:

ssl/s23_clnt.c		diff \| blob \| history
ssl/s23_srvr.c		diff \| blob \| history
ssl/s2_clnt.c		diff \| blob \| history
ssl/s2_srvr.c		diff \| blob \| history
ssl/s3_both.c		diff \| blob \| history
ssl/s3_clnt.c		diff \| blob \| history
ssl/s3_lib.c		diff \| blob \| history
ssl/s3_srvr.c		diff \| blob \| history
ssl/ssl.h		diff \| blob \| history
ssl/ssl_cert.c		diff \| blob \| history
ssl/ssl_err.c		diff \| blob \| history
ssl/ssl_lib.c		diff \| blob \| history
ssl/ssl_locl.h		diff \| blob \| history
ssl/ssl_rsa.c		diff \| blob \| history
ssl/t1_lib.c		diff \| blob \| history
ssl/tls1.h		diff \| blob \| history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom