cef7583633436f800ce0b820c68db2d3eb2d2468 - boringssl

commit	cef7583633436f800ce0b820c68db2d3eb2d2468	[log] [tgz]
author	Adam Langley <agl@google.com>	Thu Sep 03 14:51:12 2015 -0700
committer	Adam Langley <agl@google.com>	Thu Sep 03 22:44:36 2015 +0000
tree	fc1796671ed16063649c7db91606cad489f9035c
parent	23b185a3cf7dfab0834f28619568a6444fdea9aa [diff]

Add cipher suite settings for TLS ≥ 1.0.

This change adds the ability to configure ciphers specifically for
TLS ≥ 1.0. This compliments the existing ability to specify ciphers
for TLS ≥ 1.1.

This is useful because TLS 1.0 is the first version not to suffer from
POODLE. (Assuming that it's implemented correctly[1].) Thus one might
wish to reserve RC4 solely for SSLv3.

[1] https://www.imperialviolet.org/2014/12/08/poodleagain.html

Change-Id: I774d5336fead48f03d8a0a3cf80c369692ee60df
Reviewed-on: https://boringssl-review.googlesource.com/5793
Reviewed-by: Adam Langley <agl@google.com>

include/openssl/ssl.h[diff]
ssl/s3_lib.c[diff]
ssl/ssl_lib.c[diff]
ssl/test/bssl_shim.cc[diff]
ssl/test/runner/runner.go[diff]
ssl/test/test_config.cc[diff]
ssl/test/test_config.h[diff]

7 files changed

tree: fc1796671ed16063649c7db91606cad489f9035c

crypto/
decrepit/
include/
ssl/
tool/
util/
.clang-format
.gitignore
BUILDING.md
CMakeLists.txt
codereview.settings
LICENSE
PORTING.md
STYLE.md