summaryrefslogtreecommitdiffstats
path: root/src/ssl
Commit message (Collapse)AuthorAgeFilesLines
* external/boringssl: disable ChaCha20-Poly1305 cipher suites.Adam Langley2015-05-132-0/+4
| | | | | | | | | | | | | These cipher suites aren't IETF defined (and the IETF will define them slightly differently when it finally does assign real code points to them.) Since an Android system release endures for many years, this change removes support for them so that we don't have to worry about this temporary design for years to come. (cherry picked from commit a070e0505bdc6059effdb77dba24c64f75957604) Bug: 20950559 Change-Id: I97bc7f72b44cf908e8ce74d4b1ab0b3c2970ec3c
* external/boringssl: add P-521 back into the ClientHello.Adam Langley2015-05-121-0/+3
| | | | | | | | | | | | This change does strange things to servers which take it as clue that nothing to do with P-521 is acceptable just because it's missing from the ClientHello. Hopefully for the next Android release we can remove this and replace it with the support for the CFRG curves. Bug: 20634927 Change-Id: I1d1a65cd82f68ac6d8da5560075cbacaebf539e1
* external/boringssl: bump revision.Adam Langley2015-05-1256-6230/+7528
| | | | | | This change bumps the BoringSSL revision to the current tip-of-tree. Change-Id: I91d5bf467e16e8d86cb19a4de873985f524e5faa
* Rename ECDHE-PSK-WITH-AES-128-GCM-SHA256 to follow the naming conventions.Adam Langley2015-04-291-1/+1
| | | | | | | | “ECDHE-PSK-WITH-AES-128-GCM-SHA256” doesn't follow the standard naming for OpenSSL: it was “-WITH-” in it and has a hyphen between “AES” and “128”. This change fixes that. Change-Id: Ie504624857f227fb18835a99cec7c3363beeed96
* Fix SSL_get0_chain_certs.Adam Langley2015-04-241-0/+1
| | | | | | | | | | | SSL_get0_chain_certs calls a ctrl function with SSL_CTRL_GET_CHAIN_CERTS. The switch failed to set a positive return value and so the call always appeared to fail. (Imported from upstream's https://boringssl-review.googlesource.com/#/c/4521/) Change-Id: Ia69c404c528b0cb01c7ff5e56ca8a8415265fa73
* Use SSL_MODE_SEND_FALLBACK_SCSV.Adam Langley2015-04-242-6/+1
| | | | | | | | | | Upstream settled in this API, and it's also the one that we expect internally and that third_party code will expect. This is an import of upstream's 5f0efe06e199a1bd96f161eb45f3dd76924cdc2a. Change-Id: Ib4c7054a382dccdd23919407742bd037b9653a4b
* Switch an assert back to a check.Adam Langley2015-03-161-0/+4
| | | | | | | The assert was supposed to be *added* in fcf25833 but instead replaced the check. Change-Id: I74d67f49a4375f6b9f1272cbfcf87a438b3b6f29
* Initial commit of BoringSSL for Android.Adam Langley2015-01-3062-0/+42559
generated by cgit v1.1 at 2025-01-08 02:20:42 +0000