Go to file
Adam Langley ac61fa379f Implement TLS_FALLBACK_SCSV support for the client.
With this change, calling SSL_enable_fallback_scsv on a client SSL* will
cause the fallback SCSV to be sent.

This is intended to be set when the client is performing TLS fallback
after a failed connection. (This only happens if the application itself
implements this behaviour: OpenSSL does not do fallback automatically.)

The fallback SCSV indicates to the server that it should reject the
connection if the version indicated by the client is less than the
version supported by the server.

See http://tools.ietf.org/html/draft-bmoeller-tls-downgrade-scsv-02.

Change-Id: I478d6d5135016f1b7c4aaa6c306a1a64b1d215a6
2014-06-23 12:03:11 -07:00
crypto Try both old and new X.509 hashes. 2014-06-20 15:31:01 -07:00
doc Inital import. 2014-06-20 13:17:32 -07:00
include/openssl ChaCha20-Poly1305 support. 2014-06-20 13:17:35 -07:00
ssl Implement TLS_FALLBACK_SCSV support for the client. 2014-06-23 12:03:11 -07:00
tool Silence spurious GCC warning. 2014-06-23 11:25:49 -07:00
util Unit/regression test for TLS heartbeats. 2014-06-20 13:17:40 -07:00
.clang-format Inital import. 2014-06-20 13:17:32 -07:00
.gitignore Inital import. 2014-06-20 13:17:32 -07:00
BUGS Inital import. 2014-06-20 13:17:32 -07:00
BUILDING Inital import. 2014-06-20 13:17:32 -07:00
CMakeLists.txt Inital import. 2014-06-20 13:17:32 -07:00