Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / openssl / refs/heads/fp2-sibon / . / patches / README
blob: 53444701cdf912a3d49e296fb29c1150a639c008 [file] [log] [blame]
Nagendra Modadugu1fada292009-10-01 11:02:45 -0700[diff] [blame]1progs.patch:
2
3Fixup sources under the apps/ directory that are not built under the android environment.
4
5
Nagendra Modadugu1fada292009-10-01 11:02:45 -0700[diff] [blame]6handshake_cutthrough.patch
7
8Enables SSL3+ clients to send application data immediately following the
9Finished message even when negotiating full-handshakes. With this patch,
10clients can negotiate SSL connections in 1-RTT even when performing
11full-handshakes.
Brian Carlstromfd113c02010-04-23 15:24:16 -0700[diff] [blame]12
13jsse.patch
14
15Support for JSSE implementation based on OpenSSL.
16
Adam Langley45bcfbc2013-01-16 13:43:53 -0800[diff] [blame]17channelid.patch
18
19Implements TLS Channel ID support as both a client and a server.
20See http://tools.ietf.org/html/draft-balfanz-tls-channelid-00.
Kenny Rootd38060a2013-02-08 11:22:25 -0800[diff] [blame]21
22eng_dyn_dirs.patch
23
24Fixes the case of having multiple DIR_ADD commands sent to eng_dyn
David 'Digit' Turner365d7e82013-03-05 19:52:51 +0100[diff] [blame]25
26fix_clang_build.patch
27
28Fixes the Clang based build.
Kenny Root9296b4b2013-06-24 12:03:19 -0700[diff] [blame]29
30tls12_digests.patch
31
32Fixes a bug with handling TLS 1.2 and digest functions for DSA and ECDSA
33keys.
Kenny Rootee53ab12013-06-24 12:07:13 -0700[diff] [blame]34
35alpn.patch
36
37This change adds support for ALPN in OpenSSL. ALPN is the IETF
38blessed version of NPN and we'll be supporting both ALPN and NPN for
39some time yet.
Adam Langleye6443cd2013-11-04 16:01:27 -0800[diff] [blame]40
41cbc_record_splitting.patch
42
43BEAST attack client-side mitigation. Removes 0/n record splitting, adds 1/n-1
44record splitting. Record splitting is disabled by default.
Adam Langley5df7c8e2014-01-23 09:40:22 -0800[diff] [blame]45
Adam Langley23b95682014-01-28 13:29:39 -0800[diff] [blame]46dsa_nonce.patch
47
48Adds an option to mix in hash of message and private key into (EC)DSA nonces to
49make (EC)DSA more resilient to weaknesses in RNGs used for nonces. The feature
50is disabled by default.
Alex Klyubinde9675d2014-04-28 15:57:15 -0700[diff] [blame]51
52ecdhe_psk.patch
53
54Adds support for ECDHE Pre-Shared Key (PSK) TLS cipher suites.
Alex Klyubin3355e0f2014-05-05 10:15:30 -0700[diff] [blame]55
Alex Klyubin37da3e82014-06-04 11:37:59 -0700[diff] [blame]56ecdhe_psk_part2.patch
57
58Removes ECHDE-PSK cipher suites with SHA-2 because they cannot be used with
59SSLv3 (and there's no way to express that in OpenSSL's configuration). Adds
60SHA-1 based ECDHE-PSK AES-CBC cipher suites instead.
61
Kenny Root3f9e6ad2014-06-19 00:10:12 -0700[diff] [blame]62arm_asm.patch
63
64Adds newer ARM assembly pack with BSAES for ARMv7 and acceleration for ARMv8
65Based on branch available at:
66https://git.linaro.org/people/ard.biesheuvel/openssl.git/shortlog/refs/heads/openssl-1.0.1f-with-arm-patches
67c7b582ef23eb6f4386664e841e6e406d984c38d3^..cb8b1ab03e5c179a719afe83f03fecb1c2c78730
68
Alex Klyubin3355e0f2014-05-05 10:15:30 -0700[diff] [blame]69tls_psk_hint.patch
70
71Fixes issues with TLS-PSK identity hint implementation where
72per-connection/session and per-context hints were being mixed up.
Alex Klyubin9b5f19e2014-05-28 12:21:14 -0700[diff] [blame]73
74psk_client_callback_128_byte_id_bug.patch
75
76Fixes the issue where it was impossible to return a 128 byte long PSK identity
77(the maximum supported length) from psk_client_callback.
Bodo Moeller9a68a8f2014-10-03 03:12:15 -0700[diff] [blame]78
79tls_fallback_scsv.patch
80
81Adds the signalling cipher suite value (SCSV) from
82https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00