| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
...in order to safely remove the obsolete OpenSSL flag
SSL_OP_SINGLE_DH_USE.
|
|
|
|
|
| |
While here, rearrange COPYING a little bit and add a few paragraphs.
Zeilen,
|
| |
|
|
|
|
|
| |
Move SSL subsection up under AUTHENTICATION and ENCRYPTION,
where it belongs.
|
|
|
|
|
|
|
|
|
| |
When Gene Heskett was updating his OpenSSL on Debian oldstable, we figured
that it might be helpful to print where OpenSSL goes look for the trusted
certificate. Add this information.
Also add documentation of OpenSSL's SSL_CERT_DIR/SSL_CERT_FILE environment
variables.
|
|
|
|
|
|
|
|
|
|
|
| |
OpenSSL 1.0.2 is EOL since end of 2019, so warn if it is to be used
at configure and compile time.
The assumption is that 1.0.2 may still be in use by maintainers that
backport security fixes.
Also warn, at configure time, about "OpenSSL" API-compatible libraries
that do not declare TLS1_3_VERSION.
|
|
|
|
|
|
|
| |
and fix a typo in README.SSL. The reference will be printed if there is
no trust anchor.
Fixes #4 (Gitlab issue).
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Removes SSLv2, enables TLSv1.1 and v1.2 more easily,
permits SSLv3 (only if specified) and newer TLSv1.1+ for STLS/STARTTLS.
Only negotiates TLSv1 and newer by default, SSLv3 must now be specified
explicitly, as a consequence of the POODLE attack.
This is meant to be a minimally upgraded version, and cannot be usefully
done as a 6.3.X release.
It is strongly recommended that users review their configuration -
especially --sslproto - per instructions in the NEWS file and manual
page. It has changed semantics and in many cases --sslproto auto or
perhaps --sslproto tls1.2+ should be used now.
|
|
|
|
| |
svn path=/branches/BRANCH_6-3/; revision=5460
|
|
|
|
| |
svn path=/branches/BRANCH_6-3/; revision=5426
|
|
|
|
| |
svn path=/branches/BRANCH_6-3/; revision=5304
|
|
|
|
| |
svn path=/branches/BRANCH_6-3/; revision=5297
|
|
svn path=/trunk/; revision=3881
|