upstream/oracle/userland-gate: components/openssl/common/patches/041_rm_sslv2

4373 6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	1	#
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	2	# This was developed in house. Not applicable to the upstream.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	3	#
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	4	--- openssl-1.0.1/ssl/s2_meth.c Fri May 8 09:38:33 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	5	+++ openssl-1.0.1/ssl/s2_meth.c.new Fri May 8 09:51:53 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	6	@@ -74,6 +74,13 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	7	ssl2_accept, ssl2_connect, ssl2_get_method)
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	8	#else /* !OPENSSL_NO_SSL2 */
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	9
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	10	+/* stub function */
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	11	+const SSL_METHOD *
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	12	+SSLv2_method(void)
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	13	+{
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	14	+ return (NULL);
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	15	+}
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	16	+
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	17	# if PEDANTIC
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	18	static void *dummy = &dummy;
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	19	# endif
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	20	--- openssl-1.0.1/ssl/s2_clnt.c Fri May 8 09:37:51 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	21	+++ openssl-1.0.1/ssl/ss2_clnt.c.new Fri May 8 09:53:12 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	22	@@ -1087,6 +1087,13 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	23	}
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	24	#else /* !OPENSSL_NO_SSL2 */
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	25
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	26	+/* stub function */
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	27	+const SSL_METHOD *
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	28	+SSLv2_client_method(void)
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	29	+{
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	30	+ return (NULL);
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	31	+}
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	32	+
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	33	# if PEDANTIC
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	34	static void *dummy = &dummy;
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	35	# endif
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	36	--- openssl-1.0.1/ssl/s2_srvr.c Fri May 8 09:38:02 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	37	+++ openssl-1.0.1/ssl/s2_srvr.c.new Fri May 8 09:53:43 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	38	@@ -1150,6 +1150,13 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	39	}
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	40	#else /* !OPENSSL_NO_SSL2 */
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	41
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	42	+/* stub function */
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	43	+const SSL_METHOD *
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	44	+SSLv2_server_method(void)
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	45	+{
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	46	+ return (NULL);
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	47	+}
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	48	+
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	49	# if PEDANTIC
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	50	static void *dummy = &dummy;
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	51	# endif
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	52	--- openssl-1.0.1/ssl/ssl.h Tue May 26 11:13:15 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	53	+++ openssl-1.0.1/ssl/ssl.h.new Tue May 26 11:32:09 2015
4575 bd0427b0c2c0 21274628 python/cryptography doesn't build on s12-76 jenny.yung@oracle.com <jenny.yung@oracle.com> parents: 4373 diff changeset	54	@@ -2017,12 +2017,26 @@
4373 6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	55	/* This sets the 'default' SSL version that SSL_new() will create */
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	56	int SSL_CTX_set_ssl_version(SSL_CTX ctx, const SSL_METHOD meth);
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	57
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	58	-# ifndef OPENSSL_NO_SSL2
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	59	-const SSL_METHOD SSLv2_method(void); / SSLv2 */
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	60	-const SSL_METHOD SSLv2_server_method(void); / SSLv2 */
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	61	-const SSL_METHOD SSLv2_client_method(void); / SSLv2 */
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	62	-# endif
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	63
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	64	+#ifndef __has_attribute
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	65	+# define __has_attribute(x) 0
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	66	+#endif
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	67	+
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	68	+/* Mark SSLv2_* functions deprecated */
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	69	+#if __has_attribute(deprecated) \
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	70	+ \|\| (defined(__GNUC__) && ((__GNUC__ * 100 + __GNUC_MINOR__) >= 301)) \
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	71	+ \|\| (defined(__SUNPRO_C) && (__SUNPRO_C >= 0x5130))
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	72	+# define DEPRECATED __attribute__((deprecated))
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	73	+#else
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	74	+# define DEPRECATED
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	75	+#endif
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	76	+
4575 bd0427b0c2c0 21274628 python/cryptography doesn't build on s12-76 jenny.yung@oracle.com <jenny.yung@oracle.com> parents: 4373 diff changeset	77	+# ifndef OPENSSL_NO_SSL2
4373 6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	78	+DEPRECATED const SSL_METHOD SSLv2_method(void); / SSLv2 */
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	79	+DEPRECATED const SSL_METHOD SSLv2_server_method(void); / SSLv2 */
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	80	+DEPRECATED const SSL_METHOD SSLv2_client_method(void); / SSLv2 */
4575 bd0427b0c2c0 21274628 python/cryptography doesn't build on s12-76 jenny.yung@oracle.com <jenny.yung@oracle.com> parents: 4373 diff changeset	81	+# endif
4373 6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	82	+
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	83	# ifndef OPENSSL_NO_SSL3_METHOD
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	84	const SSL_METHOD SSLv3_method(void); / SSLv3 */
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	85	const SSL_METHOD SSLv3_server_method(void); / SSLv3 */
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	86	--- openssl-1.0.1/doc/ssl/SSL_CIPHER_get_name.pod Tue May 26 11:13:15 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	87	+++ openssl-1.0.1/doc/ssl/SSL_CIPHER_get_name.pod.new Tue May 26 11:32:09 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	88	@@ -25,7 +25,7 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	89
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	90	SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	91	version that first defined the cipher.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	92	-This is currently B<SSLv2> or B<TLSv1/SSLv3>.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	93	+This is currently B<TLSv1/SSLv3>.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	94	In some cases it should possibly return "TLSv1.2" but does not;
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	95	use SSL_CIPHER_description() instead.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	96	If B<cipher> is NULL, "(NONE)" is returned.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	97	@@ -56,7 +56,7 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	98
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	99	=item <protocol version>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	100
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	101	-Protocol version: B<SSLv2>, B<SSLv3>, B<TLSv1.2>. The TLSv1.0 ciphers are
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	102	+Protocol version: B<SSLv3>, B<TLSv1.2>. The TLSv1.0 ciphers are
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	103	flagged with SSLv3. No new ciphers were added by TLSv1.1.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	104
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	105	=item Kx=<key exchange>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	106	--- openssl-1.0.1/doc/ssl/SSL_CTX_new.pod Tue Jan 20 04:33:36 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	107	+++ openssl-1.0.1/doc/ssl/SSL_CTX_new.pod.new Tue May 26 11:37:24 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	108	@@ -25,19 +25,12 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	109
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	110	=item SSLv2_method(void), SSLv2_server_method(void), SSLv2_client_method(void)
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	111
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	112	-A TLS/SSL connection established with these methods will only understand
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	113	-the SSLv2 protocol. A client will send out SSLv2 client hello messages
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	114	-and will also indicate that it only understand SSLv2. A server will only
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	115	-understand SSLv2 client hello messages.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	116	+These functions are deprecated.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	117
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	118	=item SSLv3_method(void), SSLv3_server_method(void), SSLv3_client_method(void)
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	119
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	120	A TLS/SSL connection established with these methods will only understand the
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	121	-SSLv3 protocol. A client will send out SSLv3 client hello messages
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	122	-and will indicate that it only understands SSLv3. A server will only understand
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	123	-SSLv3 client hello messages. This especially means, that it will
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	124	-not understand SSLv2 client hello messages which are widely used for
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	125	-compatibility reasons, see SSLv23_*_method().
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	126	+SSLv3 protocol. However, SSLv3 is not supported by this relese of OpenSSL.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	127
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	128	=item TLSv1_method(void), TLSv1_server_method(void), TLSv1_client_method(void)
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	129
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	130	@@ -51,34 +44,24 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	131
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	132	=item SSLv23_method(void), SSLv23_server_method(void), SSLv23_client_method(void)
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	133
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	134	-A TLS/SSL connection established with these methods may understand the SSLv2,
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	135	-SSLv3, TLSv1, TLSv1.1 and TLSv1.2 protocols.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	136	+A TLS/SSL connection established with these methods may understand the
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	137	+TLSv1, TLSv1.1 and TLSv1.2 protocols.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	138
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	139	-If the cipher list does not contain any SSLv2 ciphersuites (the default
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	140	-cipher list does not) or extensions are required (for example server name)
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	141	+If extensions are required (for example server name)
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	142	a client will send out TLSv1 client hello messages including extensions and
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	143	will indicate that it also understands TLSv1.1, TLSv1.2 and permits a
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	144	fallback to SSLv3. A server will support SSLv3, TLSv1, TLSv1.1 and TLSv1.2
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	145	protocols. This is the best choice when compatibility is a concern.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	146
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	147	-If any SSLv2 ciphersuites are included in the cipher list and no extensions
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	148	-are required then SSLv2 compatible client hellos will be used by clients and
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	149	-SSLv2 will be accepted by servers. This is B<not> recommended due to the
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	150	-insecurity of SSLv2 and the limited nature of the SSLv2 client hello
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	151	-prohibiting the use of extensions.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	152	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	153	=back
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	154
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	155	-The list of protocols available can later be limited using the SSL_OP_NO_SSLv2,
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	156	-SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1 and SSL_OP_NO_TLSv1_2
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	157	+The list of protocols available can later be limited using the
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	158	+SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1 and SSL_OP_NO_TLSv1_2
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	159	options of the SSL_CTX_set_options() or SSL_set_options() functions.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	160	Using these options it is possible to choose e.g. SSLv23_server_method() and
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	161	be able to negotiate with all possible clients, but to only allow newer
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	162	protocols like TLSv1, TLSv1.1 or TLS v1.2.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	163
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	164	-Applications which never want to support SSLv2 (even is the cipher string
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	165	-is configured to use SSLv2 ciphersuites) can set SSL_OP_NO_SSLv2.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	166	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	167	SSL_CTX_new() initializes the list of ciphers, the session cache setting,
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	168	the callbacks, the keys and certificates and the options to its default
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	169	values.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	170	--- openssl-1.0.1/doc/ssl/SSL_CTX_set_cipher_list.pod Thu Mar 19 06:37:10 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	171	+++ openssl-1.0.1/doc/ssl/SSL_CTX_set_cipher_list.pod.new Tue May 26 11:38:09 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	172	@@ -54,10 +54,6 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	173	keys), the "no shared cipher" (SSL_R_NO_SHARED_CIPHER) error is generated
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	174	and the handshake will fail.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	175
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	176	-If the cipher list does not contain any SSLv2 cipher suites (this is the
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	177	-default) then SSLv2 is effectively disabled and neither clients nor servers
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	178	-will attempt to use SSLv2.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	179	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	180	=head1 RETURN VALUES
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	181
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	182	SSL_CTX_set_cipher_list() and SSL_set_cipher_list() return 1 if any cipher
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	183	--- openssl-1.0.1/doc/ssl/SSL_CTX_set_generate_session_id.pod Thu Jan 15 06:43:49 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	184	+++ openssl-1.0.1/doc/ssl/SSL_CTX_set_generate_session_id.pod.new Tue May 26 11:40:47 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	185	@@ -32,9 +32,8 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	186
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	187	When a new session is established between client and server, the server
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	188	generates a session id. The session id is an arbitrary sequence of bytes.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	189	-The length of the session id is 16 bytes for SSLv2 sessions and between
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	190	-1 and 32 bytes for SSLv3/TLSv1. The session id is not security critical
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	191	-but must be unique for the server. Additionally, the session id is
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	192	+The length of the session id is between 1 and 32 bytes for TLSv1. The session id is not
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	193	+security critical but must be unique for the server. Additionally, the session id is
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	194	transmitted in the clear when reusing the session so it must not contain
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	195	sensitive information.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	196
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	197	@@ -51,12 +50,6 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	198	the callback B<must never> increase B<id_len> or write to the location
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	199	B<id> exceeding the given limit.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	200
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	201	-If a SSLv2 session id is generated and B<id_len> is reduced, it will be
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	202	-restored after the callback has finished and the session id will be padded
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	203	-with 0x00. It is not recommended to change the B<id_len> for SSLv2 sessions.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	204	-The callback can use the L<SSL_get_version(3)\|SSL_get_version(3)> function
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	205	-to check, whether the session is of type SSLv2.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	206	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	207	The location B<id> is filled with 0x00 before the callback is called, so the
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	208	callback may only fill part of the possible length and leave B<id_len>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	209	untouched while maintaining reproducibility.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	210	@@ -63,9 +56,8 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	211
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	212	Since the sessions must be distinguished, session ids must be unique.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	213	Without the callback a random number is used, so that the probability
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	214	-of generating the same session id is extremely small (2^128 possible ids
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	215	-for an SSLv2 session, 2^256 for SSLv3/TLSv1). In order to assure the
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	216	-uniqueness of the generated session id, the callback must call
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	217	+of generating the same session id is extremely small (2^256 for TLSv1).
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	218	+In order to assure the uniqueness of the generated session id, the callback must call
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	219	SSL_has_matching_session_id() and generate another id if a conflict occurs.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	220	If an id conflict is not resolved, the handshake will fail.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	221	If the application codes e.g. a unique host id, a unique process number, and
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	222	@@ -85,10 +77,6 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	223	the external cache is not tested with SSL_has_matching_session_id()
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	224	and the same race condition applies.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	225
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	226	-When calling SSL_has_matching_session_id() for an SSLv2 session with
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	227	-reduced B<id_len>, the match operation will be performed using the
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	228	-fixed length required and with a 0x00 padded id.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	229	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	230	The callback must return 0 if it cannot generate a session id for whatever
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	231	reason and return 1 on success.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	232
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	233	@@ -104,12 +92,7 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	234	unsigned int *id_len)
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	235	{
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	236	unsigned int count = 0;
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	237	- const char *version;
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	238
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	239	- version = SSL_get_version(ssl);
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	240	- if (!strcmp(version, "SSLv2"))
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	241	- /* we must not change id_len */;
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	242	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	243	do {
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	244	RAND_pseudo_bytes(id, *id_len);
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	245	/* Prefix the session_id with the required prefix. NB: If our
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	246	--- openssl-1.0.1/doc/ssl/SSL_CTX_set_options.pod Tue Jan 20 04:33:36 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	247	+++ openssl-1.0.1/doc/ssl/SSL_CTX_set_options.pod.new Tue May 26 11:41:47 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	248	@@ -63,18 +63,11 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	249
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	250	=item SSL_OP_MICROSOFT_SESS_ID_BUG
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	251
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	252	-www.microsoft.com - when talking SSLv2, if session-id reuse is
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	253	-performed, the session-id passed back in the server-finished message
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	254	-is different from the one decided upon.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	255	+As of OpenSSL 1.0.0 this option has no effect.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	256
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	257	=item SSL_OP_NETSCAPE_CHALLENGE_BUG
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	258
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	259	-Netscape-Commerce/1.12, when talking SSLv2, accepts a 32 byte
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	260	-challenge but then appears to only use 16 bytes when generating the
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	261	-encryption keys. Using 16 bytes is ok but it should be ok to use 32.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	262	-According to the SSLv3 spec, one should use 32 bytes for the challenge
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	263	-when operating in SSLv2/v3 compatibility mode, but as mentioned above,
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	264	-this breaks this server so 16 bytes is the way to go.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	265	+As of OpenSSL 1.0.0 this option has no effect.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	266
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	267	=item SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	268
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	269	--- openssl-1.0.1/doc/ssl/SSL_get_default_timeout.pod Thu Jan 15 06:43:49 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	270	+++ openssl-1.0.1/doc/ssl/SSL_get_default_timeout.pod.new Tue May 26 11:42:15 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	271	@@ -24,7 +24,7 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	272	timeout for the protocol will be used.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	273
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	274	SSL_get_default_timeout() return this hardcoded value, which is 300 seconds
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	275	-for all currently supported protocols (SSLv2, SSLv3, and TLSv1).
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	276	+for all currently supported protocols.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	277
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	278	=head1 RETURN VALUES
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	279
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	280	--- openssl-1.0.1/doc/ssl/SSL_get_version.pod Thu Jan 15 06:43:49 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	281	+++ openssl-1.0.1/doc/ssl/SSL_get_version.pod.new Tue May 26 11:42:45 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	282	@@ -21,14 +21,6 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	283
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	284	=over 4
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	285
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	286	-=item SSLv2
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	287	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	288	-The connection uses the SSLv2 protocol.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	289	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	290	-=item SSLv3
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	291	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	292	-The connection uses the SSLv3 protocol.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	293	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	294	=item TLSv1
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	295
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	296	The connection uses the TLSv1.0 protocol.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	297	--- openssl-1.0.1/doc/ssl/SSL_new.pod Thu Jan 15 06:43:49 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	298	+++ openssl-1.0.1/doc/ssl/SSL_new.pod.new Tue May 26 11:43:12 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	299	@@ -14,7 +14,7 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	300
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	301	SSL_new() creates a new B<SSL> structure which is needed to hold the
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	302	data for a TLS/SSL connection. The new structure inherits the settings
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	303	-of the underlying context B<ctx>: connection method (SSLv2/v3/TLSv1),
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	304	+of the underlying context B<ctx>: connection method,
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	305	options, verification settings, timeout settings.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	306
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	307	=head1 RETURN VALUES
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	308	--- openssl-1.0.1/doc/ssl/SSL_shutdown.pod Thu Mar 19 06:37:10 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	309	+++ openssl-1.0.1/doc/ssl/SSL_shutdown.pod.new Tue May 26 11:43:56 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	310	@@ -60,9 +60,7 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	311
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	312	It is therefore recommended, to check the return value of SSL_shutdown()
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	313	and call SSL_shutdown() again, if the bidirectional shutdown is not yet
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	314	-complete (return value of the first call is 0). As the shutdown is not
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	315	-specially handled in the SSLv2 protocol, SSL_shutdown() will succeed on
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	316	-the first call.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	317	+complete (return value of the first call is 0).
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	318
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	319	The behaviour of SSL_shutdown() additionally depends on the underlying BIO.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	320
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	321	--- openssl-1.0.1/doc/ssl/ssl.pod Thu Mar 19 06:37:10 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	322	+++ openssl-1.0.1/doc/ssl/ssl.pod.new Tue May 26 11:47:38 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	323	@@ -9,9 +9,8 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	324
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	325	=head1 DESCRIPTION
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	326
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	327	-The OpenSSL B<ssl> library implements the Secure Sockets Layer (SSL v2/v3) and
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	328	-Transport Layer Security (TLS v1) protocols. It provides a rich API which is
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	329	-documented here.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	330	+The OpenSSL B<ssl> library implements the Transport Layer Security (TLS v1)
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	331	+protocols. It provides a rich API which is documented here.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	332
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	333	At first the library must be initialized; see
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	334	L<SSL_library_init(3)\|SSL_library_init(3)>.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	335	@@ -45,8 +44,8 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	336	=item B<SSL_METHOD> (SSL Method)
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	337
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	338	That's a dispatch structure describing the internal B<ssl> library
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	339	-methods/functions which implement the various protocol versions (SSLv1, SSLv2
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	340	-and TLSv1). It's needed to create an B<SSL_CTX>.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	341	+methods/functions which implement the various protocol versions (TLSv1, ...).
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	342	+It's needed to create an B<SSL_CTX>.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	343
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	344	=item B<SSL_CIPHER> (SSL Cipher)
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	345
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	346	@@ -105,8 +104,8 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	347
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	348	=item B<ssl23.h>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	349
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	350	-That's the sub header file dealing with the combined use of the SSLv2 and
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	351	-SSLv3 protocols.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	352	+That's the sub header file dealing with the combined use of different
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	353	+protocol version.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	354	I<Usually you don't have to include it explicitly because
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	355	it's already included by ssl.h>.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	356
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	357	@@ -132,15 +131,15 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	358
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	359	=item const SSL_METHOD *B<SSLv2_client_method>(void);
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	360
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	361	-Constructor for the SSLv2 SSL_METHOD structure for a dedicated client.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	362	+Constructor for the SSLv2 SSL_METHOD structure for a dedicated client. (deprecated)
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	363
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	364	=item const SSL_METHOD *B<SSLv2_server_method>(void);
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	365
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	366	-Constructor for the SSLv2 SSL_METHOD structure for a dedicated server.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	367	+Constructor for the SSLv2 SSL_METHOD structure for a dedicated server. (deprecated)
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	368
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	369	=item const SSL_METHOD *B<SSLv2_method>(void);
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	370
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	371	-Constructor for the SSLv2 SSL_METHOD structure for combined client and server.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	372	+Constructor for the SSLv2 SSL_METHOD structure for combined client and server. (deprecated)
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	373
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	374	=item const SSL_METHOD *B<SSLv3_client_method>(void);
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	375
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	376	@@ -189,12 +188,12 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	377	=item const char B<SSL_CIPHER_get_name>(SSL_CIPHER cipher);
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	378
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	379	Return the internal name of I<cipher> as a string. These are the various
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	380	-strings defined by the I<SSL2_TXT_xxx>, I<SSL3_TXT_xxx> and I<TLS1_TXT_xxx>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	381	+strings defined by the I<SSL3_TXT_xxx> and I<TLS1_TXT_xxx>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	382	definitions in the header files.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	383
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	384	=item char B<SSL_CIPHER_get_version>(SSL_CIPHER cipher);
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	385
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	386	-Returns a string like "C<TLSv1/SSLv3>" or "C<SSLv2>" which indicates the
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	387	+Returns a string like "C<TLSv1/SSLv3>" which indicates the
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	388	SSL/TLS protocol version to which I<cipher> belongs (i.e. where it was defined
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	389	in the specification the first time).
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	390
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	391	--- openssl-1.0.1/doc/apps/ciphers.pod Thu Mar 19 06:37:10 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	392	+++ openssl-1.0.1/doc/apps/ciphers.pod.new Tue May 26 12:07:35 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	393	@@ -9,8 +9,6 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	394	B<openssl> B<ciphers>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	395	[B<-v>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	396	[B<-V>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	397	-[B<-ssl2>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	398	-[B<-ssl3>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	399	[B<-tls1>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	400	[B<cipherlist>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	401
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	402	@@ -26,26 +24,14 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	403
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	404	=item B<-v>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	405
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	406	-Verbose option. List ciphers with a complete description of
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	407	-protocol version (SSLv2 or SSLv3; the latter includes TLS), key exchange,
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	408	-authentication, encryption and mac algorithms used along with any key size
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	409	-restrictions and whether the algorithm is classed as an "export" cipher.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	410	-Note that without the B<-v> option, ciphers may seem to appear twice
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	411	-in a cipher list; this is when similar ciphers are available for
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	412	-SSL v2 and for SSL v3/TLS v1.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	413	+Verbose option. List ciphers with a complete description of protocol version,
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	414	+key exchange, authentication, encryption and mac algorithms used along with any
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	415	+key size restrictions and whether the algorithm is classed as an "export" cipher.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	416
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	417	=item B<-V>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	418
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	419	Like B<-v>, but include cipher suite codes in output (hex format).
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	420
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	421	-=item B<-ssl3>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	422	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	423	-only include SSL v3 ciphers.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	424	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	425	-=item B<-ssl2>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	426	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	427	-only include SSL v2 ciphers.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	428	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	429	=item B<-tls1>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	430
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	431	only include TLS v1 ciphers.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	432	@@ -246,9 +232,9 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	433	ciphers suites using FORTEZZA key exchange, authentication, encryption or all
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	434	FORTEZZA algorithms. Not implemented.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	435
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	436	-=item B<TLSv1.2>, B<TLSv1>, B<SSLv3>, B<SSLv2>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	437	+=item B<TLSv1.2>, B<TLSv1>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	438
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	439	-TLS v1.2, TLS v1.0, SSL v3.0 or SSL v2.0 cipher suites respectively. Note:
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	440	+TLS v1.2 or TLS v1.0 cipher suites respectively. Note:
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	441	there are no ciphersuites specific to TLS v1.1.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	442
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	443	=item B<AES128>, B<AES256>, B<AES>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	444	@@ -569,16 +555,6 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	445	TLS_PSK_WITH_AES_128_CBC_SHA PSK-AES128-CBC-SHA
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	446	TLS_PSK_WITH_AES_256_CBC_SHA PSK-AES256-CBC-SHA
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	447
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	448	-=head2 Deprecated SSL v2.0 cipher suites.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	449	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	450	- SSL_CK_RC4_128_WITH_MD5 RC4-MD5
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	451	- SSL_CK_RC4_128_EXPORT40_WITH_MD5 EXP-RC4-MD5
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	452	- SSL_CK_RC2_128_CBC_WITH_MD5 RC2-MD5
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	453	- SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 EXP-RC2-MD5
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	454	- SSL_CK_IDEA_128_CBC_WITH_MD5 IDEA-CBC-MD5
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	455	- SSL_CK_DES_64_CBC_WITH_MD5 DES-CBC-MD5
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	456	- SSL_CK_DES_192_EDE3_CBC_WITH_MD5 DES-CBC3-MD5
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	457	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	458	=head1 NOTES
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	459
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	460	The non-ephemeral DH modes are currently unimplemented in OpenSSL
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	461	--- openssl-1.0.1/doc/apps/s_client.pod Thu Mar 19 06:37:10 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	462	+++ openssl-1.0.1/doc/apps/s_client.pod.new Tue May 26 12:15:40 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	463	@@ -31,12 +31,12 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	464	[B<-ign_eof>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	465	[B<-no_ign_eof>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	466	[B<-quiet>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	467	-[B<-ssl2>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	468	-[B<-ssl3>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	469	[B<-tls1>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	470	-[B<-no_ssl2>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	471	-[B<-no_ssl3>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	472	+[B<-tls1_1>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	473	+[B<-tls1_2>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	474	[B<-no_tls1>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	475	+[B<-no_tls1_1>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	476	+[B<-no_tls1_2>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	477	[B<-bugs>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	478	[B<-cipher cipherlist>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	479	[B<-serverpref>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	480	@@ -196,11 +196,11 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	481	given as a hexadecimal number without leading 0x, for example -psk
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	482	1a2b3c4d.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	483
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	484	-=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	485	+=item B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	486
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	487	-these options disable the use of certain SSL or TLS protocols. By default
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	488	+these options disable the use of certain TLS protocols. By default
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	489	the initial handshake uses a method which should be compatible with all
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	490	-servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	491	+servers.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	492
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	493	Unfortunately there are a lot of ancient and broken servers in use which
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	494	cannot handle this technique and will fail to connect. Some servers only
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	495	@@ -219,10 +219,6 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	496	supported cipher in the list sent by the client. See the B<ciphers>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	497	command for more information.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	498
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	499	-=item B<-serverpref>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	500	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	501	-use the server's cipher preferences; only used for SSLV2.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	502	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	503	=item B<-starttls protocol>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	504
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	505	send the protocol-specific message(s) to switch to TLS for communication.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	506	@@ -299,8 +295,8 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	507	then an HTTP command can be given such as "GET /" to retrieve a web page.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	508
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	509	If the handshake fails then there are several possible causes, if it is
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	510	-nothing obvious like no client certificate then the B<-bugs>, B<-ssl2>,
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	511	-B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1> options can be tried
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	512	+nothing obvious like no client certificate then the B<-bugs>, B<-tls1>, B<-tls1_1>,
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	513	+B<-tls1_2>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2> options can be tried
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	514	in case it is a buggy server. In particular you should play with these
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	515	options B<before> submitting a bug report to an OpenSSL mailing list.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	516
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	517	@@ -322,10 +318,6 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	518	If there are problems verifying a server certificate then the
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	519	B<-showcerts> option can be used to show the whole chain.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	520
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	521	-Since the SSLv23 client hello cannot include compression methods or extensions
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	522	-these will only be supported if its use is disabled, for example by using the
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	523	-B<-no_sslv2> option.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	524	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	525	The B<s_client> utility is a test tool and is designed to continue the
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	526	handshake after any certificate verification errors. As a result it will
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	527	accept any certificate chain (trusted or not) sent by the peer. None test
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	528	--- openssl-1.0.1/doc/apps/s_server.pod Thu Mar 19 06:37:10 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	529	+++ openssl-1.0.1/doc/apps/s_server.pod.new Tue May 26 12:15:02 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	530	@@ -38,12 +38,12 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	531	[B<-serverpref>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	532	[B<-quiet>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	533	[B<-no_tmp_rsa>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	534	-[B<-ssl2>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	535	-[B<-ssl3>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	536	[B<-tls1>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	537	-[B<-no_ssl2>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	538	-[B<-no_ssl3>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	539	+[B<-tls1_1>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	540	+[B<-tls1_2>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	541	[B<-no_tls1>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	542	+[B<-no_tls1_1>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	543	+[B<-no_tls1_2>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	544	[B<-no_dhe>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	545	[B<-no_ecdhe>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	546	[B<-bugs>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	547	@@ -216,11 +216,11 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	548	given as a hexadecimal number without leading 0x, for example -psk
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	549	1a2b3c4d.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	550
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	551	-=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	552	+=item B<-tls1>, B<-tls1_1>, B<-tls1_2>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	553
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	554	these options disable the use of certain SSL or TLS protocols. By default
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	555	the initial handshake uses a method which should be compatible with all
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	556	-servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	557	+servers.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	558
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	559	=item B<-bugs>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	560
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	561	--- openssl-1.0.1/doc/apps/s_time.pod Thu Jan 15 06:43:49 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	562	+++ openssl-1.0.1/doc/apps/s_time.pod.new Tue May 26 12:20:09 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	563	@@ -19,8 +19,6 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	564	[B<-verify depth>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	565	[B<-nbio>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	566	[B<-time seconds>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	567	-[B<-ssl2>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	568	-[B<-ssl3>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	569	[B<-bugs>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	570	[B<-cipher cipherlist>]
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	571
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	572	@@ -92,19 +90,6 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	573
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	574	turns on non-blocking I/O.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	575
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	576	-=item B<-ssl2>, B<-ssl3>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	577	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	578	-these options disable the use of certain SSL or TLS protocols. By default
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	579	-the initial handshake uses a method which should be compatible with all
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	580	-servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	581	-The timing program is not as rich in options to turn protocols on and off as
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	582	-the L<s_client(1)\|s_client(1)> program and may not connect to all servers.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	583	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	584	-Unfortunately there are a lot of ancient and broken servers in use which
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	585	-cannot handle this technique and will fail to connect. Some servers only
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	586	-work if TLS is turned off with the B<-ssl3> option; others
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	587	-will only support SSL v2 and may need the B<-ssl2> option.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	588	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	589	=item B<-bugs>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	590
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	591	there are several known bug in SSL and TLS implementations. Adding this
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	592	@@ -137,8 +122,7 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	593	for details.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	594
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	595	If the handshake fails then there are several possible causes, if it is
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	596	-nothing obvious like no client certificate then the B<-bugs>, B<-ssl2>,
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	597	-B<-ssl3> options can be tried
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	598	+nothing obvious like no client certificate then the B<-bugs> option can be tried
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	599	in case it is a buggy server. In particular you should play with these
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	600	options B<before> submitting a bug report to an OpenSSL mailing list.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	601
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	602	--- openssl-1.0.1/doc/apps/sess_id.pod Thu Jan 15 06:43:49 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	603	+++ openssl-1.0.1/doc/apps/sess_id.pod.new Tue May 26 12:21:07 2015
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	604	@@ -91,7 +91,7 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	605
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	606	=item B<Protocol>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	607
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	608	-this is the protocol in use TLSv1, SSLv3 or SSLv2.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	609	+this is the protocol in use.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	610
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	611	=item B<Cipher>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	612
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	613	@@ -110,10 +110,6 @@
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	614
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	615	this is the SSL session master key.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	616
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	617	-=item B<Key-Arg>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	618	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	619	-the key argument, this is only used in SSL v2.
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	620	-
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	621	=item B<Start Time>
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	622
6d5db1ada4a5 PSARC/2015/249 EOL of OpenSSL SSLv2/v3 support Misaki Miyashita <Misaki.Miyashita@Oracle.COM> parents: diff changeset	623	this is the session start time represented as an integer in standard Unix format.

author	jenny.yung@oracle.com <jenny.yung@oracle.com>
	Tue, 30 Jun 2015 13:45:00 -0700
changeset 4575	bd0427b0c2c0
parent 4373	6d5db1ada4a5
child 4822	1fb8a14c6702
permissions	-rw-r--r--