Home | History | Annotate | Download | only in patches
      1 progs.patch:
      2 
      3 Fixup sources under the apps/ directory that are not built under the android environment.
      4 
      5 
      6 handshake_cutthrough.patch
      7 
      8 Enables SSL3+ clients to send application data immediately following the
      9 Finished message even when negotiating full-handshakes.  With this patch,
     10 clients can negotiate SSL connections in 1-RTT even when performing
     11 full-handshakes.
     12 
     13 jsse.patch
     14 
     15 Support for JSSE implementation based on OpenSSL.
     16 
     17 channelid.patch
     18 
     19 Implements TLS Channel ID support as both a client and a server.
     20 See http://tools.ietf.org/html/draft-balfanz-tls-channelid-00.
     21 
     22 eng_dyn_dirs.patch
     23 
     24 Fixes the case of having multiple DIR_ADD commands sent to eng_dyn
     25 
     26 fix_clang_build.patch
     27 
     28 Fixes the Clang based build.
     29 
     30 tls12_digests.patch
     31 
     32 Fixes a bug with handling TLS 1.2 and digest functions for DSA and ECDSA
     33 keys.
     34 
     35 alpn.patch
     36 
     37 This change adds support for ALPN in OpenSSL. ALPN is the IETF
     38 blessed version of NPN and we'll be supporting both ALPN and NPN for
     39 some time yet.
     40 
     41 cbc_record_splitting.patch
     42 
     43 BEAST attack client-side mitigation. Removes 0/n record splitting, adds 1/n-1
     44 record splitting. Record splitting is disabled by default.
     45 
     46 dsa_nonce.patch
     47 
     48 Adds an option to mix in hash of message and private key into (EC)DSA nonces to
     49 make (EC)DSA more resilient to weaknesses in RNGs used for nonces. The feature
     50 is disabled by default.
     51 
     52 ecdhe_psk.patch
     53 
     54 Adds support for ECDHE Pre-Shared Key (PSK) TLS cipher suites.
     55 
     56 ecdhe_psk_part2.patch
     57 
     58 Removes ECHDE-PSK cipher suites with SHA-2 because they cannot be used with
     59 SSLv3 (and there's no way to express that in OpenSSL's configuration). Adds
     60 SHA-1 based ECDHE-PSK AES-CBC cipher suites instead.
     61 
     62 arm_asm.patch
     63 
     64 Adds newer ARM assembly pack with BSAES for ARMv7 and acceleration for ARMv8
     65 Based on branch available at:
     66 https://git.linaro.org/people/ard.biesheuvel/openssl.git/shortlog/refs/heads/openssl-1.0.1f-with-arm-patches
     67 c7b582ef23eb6f4386664e841e6e406d984c38d3^..cb8b1ab03e5c179a719afe83f03fecb1c2c78730
     68 
     69 tls_psk_hint.patch
     70 
     71 Fixes issues with TLS-PSK identity hint implementation where
     72 per-connection/session and per-context hints were being mixed up.
     73 
     74 psk_client_callback_128_byte_id_bug.patch
     75 
     76 Fixes the issue where it was impossible to return a 128 byte long PSK identity
     77 (the maximum supported length) from psk_client_callback.
     78 
     79 tls_fallback_scsv.patch
     80 
     81 Adds the signalling cipher suite value (SCSV) from
     82 https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00
     83