| Up to higher level directory | |||
| Name | Date | Size | |
|---|---|---|---|
| apps_Android.mk | 31-Jul-2010 | 1,013 | |
| arm-asm.patch | 31-Jul-2010 | 130.8K | |
| bad_version.patch | 31-Jul-2010 | 624 | |
| crypto_Android.mk | 31-Jul-2010 | 8.1K | |
| handshake_cutthrough.patch | 31-Jul-2010 | 10.3K | |
| progs.patch | 31-Jul-2010 | 3.2K | |
| README | 31-Jul-2010 | 1.3K | |
| small_records.patch | 31-Jul-2010 | 10.2K | |
| ssl_Android.mk | 31-Jul-2010 | 1.1K | |
| testssl.sh | 31-Jul-2010 | 2.1K | |
README
1 progs.patch: 2 3 Fixup sources under the apps/ directory that are not built under the android environment. 4 5 6 arm-asm.patch.patch: 7 8 ARM assembly routines (AES, BN, SHA1, SHA256, SHA512) 9 10 11 small_records.patch: 12 13 Reduce OpenSSL memory consumption. 14 SSL records may be as large as 16K, but are typically < 2K. In 15 addition, a historic bug in Windows allowed records to be as large 16 32K. OpenSSL statically allocates read and write buffers (34K and 17 18K respectively) used for processing records. 18 With this patch, OpenSSL statically allocates 4K + 4K buffers, with 19 the option of dynamically growing buffers to 34K + 4K, which is a 20 saving of 44K per connection for the typical case. 21 22 23 handshake_cutthrough.patch 24 25 Enables SSL3+ clients to send application data immediately following the 26 Finished message even when negotiating full-handshakes. With this patch, 27 clients can negotiate SSL connections in 1-RTT even when performing 28 full-handshakes. 29 30 31 bad_version.patch 32 33 Addresses CVE-2010-0740 http://www.openssl.org/news/secadv_20100324.txt 34 A peer can send us a mal-formed packet and we'll copy its 'version' 35 number in order to send an error back. However, if the version number 36 is an internal OpenSSL value (like DTLS1_VERSION) then we'll assume 37 that we have a valid DTLS state and crash when sending an alert. 38
