1733  * Fixed a bug where the RC4-MD5 ciphersuite incorrectly used the
1752    the handshake when using this ciphersuite.
1755    cannot decrypt data that has been encrypted using this ciphersuite - they can
1759    the RC4-MD5 ciphersuite. This ciphersuite is not compiled by default in
1761    ciphersuite list. This ciphersuite will never be used if TLSv1.3 has been
1762    negotiated. In order for an OpenSSL 3.0 endpoint to use this ciphersuite the
1771    3) The ciphersuite must have been explicitly added to the ciphersuite list
1777    6) Both endpoints must negotiate the RC4-MD5 ciphersuite in preference to any
4147  * Separated TLSv1.3 ciphersuite configuration out from TLSv1.2 ciphersuite
4150    In order to avoid issues where legacy TLSv1.2 ciphersuite configuration
4603    During key agreement in a TLS handshake using a DH(E) based ciphersuite a
4817    this can cause OpenSSL to crash (dependent on ciphersuite). Both clients
5675    in 1.0.2 EXPORT was already removed and the only RC2 ciphersuite is also
6205    This parameter will be set to 1 or 0 depending on the ciphersuite selected
6388    During key agreement in a TLS handshake using a DH(E) based ciphersuite a
7061    reusing the private DH exponent or it's using a static DH ciphersuite.
7379    ciphersuite being selected and a zero length ClientKeyExchange message
7393    - A ciphersuite is used that does not require additional random data from
7658  * New function ssl_set_client_disabled to set a ciphersuite disabled
7660    hello and checking the requested ciphersuite.
7815  * Support for fixed DH ciphersuite client authentication: where both
8748    ciphersuite and sending carefully crafted handshake messages.
8791    dereference (read) by specifying an SRP ciphersuite even though it was not
8962  * Call OCSP Stapling callback after ciphersuite has been chosen, so
9743    ciphersuite and sending carefully crafted handshake messages.
9900  * Call OCSP Stapling callback after ciphersuite has been chosen, so
10085    and servers: an attacker can use it in a ciphersuite downgrade attack.
10533    ciphersuite support.
10559    the work each time a ciphersuite string requests enabling
10591  * Split the SSL/TLS algorithm mask (as used for ciphersuite string
10608    With the change, we also introduce new ciphersuite aliases that
10743    The temporary ciphersuite alias "ECCdraft" is no longer
11028  * New option -V for 'openssl ciphers'. This prints the ciphersuite code
11782    different requirements, clients could circumvent ciphersuite
11789    a ciphersuite string such as "DEFAULT:RSA" cannot enable
11858  * Since 0.9.8b, ciphersuite strings naming explicit ciphersuites
11862    have a single AES bit in the ciphersuite description bitmap.
11863    That change, however, also applied to ciphersuite strings such as
11869    ciphersuite selects this one ciphersuite, and any other similar
11870    ciphersuite (same bitmap) from *other* protocol versions.
11872    ciphersuite and the SSL 3.0/TLS 1.0 ciphersuite.
12709    the "ECCdraft" ciphersuite group alias can be used to select them.
12971    a ciphersuite string such as "DEFAULT:RSA" cannot enable
13031  * Change ciphersuite string processing so that an explicit
13032    ciphersuite selects this one ciphersuite (so that "AES256-SHA"
13034    ciphersuite (same bitmap) from *other* protocol versions (so that
13035    "RC4-MD5" will still include both the SSL 2.0 ciphersuite and the
13036    SSL 3.0/TLS 1.0 ciphersuite).  This is a backport combining
14948    not enabled by default and were not part of the "ALL" ciphersuite
14950    explicitly requested by specifying the "AESdraft" ciphersuite

Last Index update Fri Sep 27 20:08:26 UTC 2024

Dedicated to & Maintained by Room-11