OpenSSL
The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, fully featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a full-strength general-purpose cryptography library.
| Tags | Software Development Libraries Security Cryptography |
|---|
Recent releases
- 19 Jan 2012 14:37
Release Notes: This release fixed a DTLS DoS issue which was recently introduced by the fix for CVE-2011-4109.
- 06 Jan 2012 22:01
Release Notes: A fix was introduced for a security issue where an extension of the Vaudenay padding oracle attack on CBC mode encryption enables an efficient plaintext recovery attack against the OpenSSL implementation of DTLS. This issue was originally reported as CVE-2011-4108. Various other bugfixes and improvements were made.
- 07 Sep 2011 10:49
Release Notes: Initialization of X509_STORE_CTX was fixed to eliminate a case where CRLs with "nextUpdate" in the past were sometimes accepted. (This was reported as CVE-2011-3207.) An error in SSL memory handling for (EC)DH ciphersuites was fixed (CVE-2011-3210). A memory leak on bad inputs to x509_name_ex_d2i was fixed. Some ECC ciphersuites are no longer restricted to SHA1. Protection against ECDSA timing attacks was introduced.
- 10 Feb 2011 13:10
Release Notes: Parsing of the OCSP stapling ClientHello extension was fixed. This issue was reported as CVE-2011-0014. A bug in string printing code, where the escape character itself was not escaped, was fixed.
- 07 Dec 2010 02:35
Release Notes: An error was fixed in the experimental J-PAKE implementation, which could lead to successful validation by someone with no knowledge of the shared secret. This issue was reported as CVE-2010-4252. An old bug in a workaround that allowed malicious clients to modify the stored session cache ciphersuite was fixed. This issue was reported as CVE-2010-4180.
Recent comments
Not free anymore
www.deadly.org/article... (www.deadly.org/article...)
It means that OpenSSL is becoming a non-free software project, because
the code from Sun contains licenses which invoke patent litigation;
the licence on the new code basically builds a contract that says "if
you use this code, you cannot sue Sun".
Re: OpenSSL
Yes, OpenSSL is based on SSLeay. SSLeay is dead, and a few people took the last source (0.9.1b) and made it into OpenSSL (0.9.1c). OpenSSL has developped from there.
OPEN SSL API DOCUMENTATION
Could anyone recommend a good place to get documentation on OpenSSL? I've downloaded the software and I need to port it to VxWorks as a client. I would like to find documentation that describes the necessary API calls and the order that they must be called.
THANKS!
Re: OpenSSL
> Uhhh.... They are the same thing.
> SSLeay was renamed to OpenSSL, AFAIK.
To quote OpenSSL's page, "OpenSSL is based on the excellent SSLeay library..."
> I would warn you - if you want
> documentation for your software - look
> elsewhere.
Or you could visit openssl.org/docs and read the library function definitions, then subscribe to the mailing list and read the source to the example programs (like openssl itself). The documentation isn't perfect, but its available.
I highly recommend ignoring anything this guy says!
Before using OpenSSL, I used SSLeay which was good in its own right but I believe that OpenSSL has a bigger and brighter future than SSLeay.
Uhhh.... They are the same thing. SSLeay was renamed to OpenSSL, AFAIK. So yeah, considering that SSLeay is dead, I'd say that OpenSSL has a brighter future. Or, considering that they are the same thing, I guess they have the same future.
OpenSSL is easy to setup and use and compiles on a variety of systems. I would highly recommend OpenSSL to anyone wanting well done SSL support!
I would warn you - if you want documentation for your software - look elsewhere. Then come back here because there is nothing else. I would highly recommend OpenSSL to anyone wanting free/opensource SSL support because you have no other real choice!
not-available
23 Dec 1998 13:04
Heartbeat
- Popularity Score
- 1,768.08
- Vitality Score
- 103.65
- Subscriptions
- 1074
