OpenSSL
The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, fully featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a full-strength general-purpose cryptography library.
| Tags | Software Development Libraries Security Cryptography |
|---|
Recent releases
- 07 Feb 2013 22:11
Release Notes: A weakness in the handling of CBC ciphersuites in SSL, TLS, and DTLS, exploited through timing differences arising during MAC processing, was fixed. This vulnerability was reported as CVE-2013-0169. A flaw in the handling of CBC ciphersuites in TLS 1.1 and TLS 1.2 on AES-NI supporting platforms was fixed. This vulnerability was reported as CVE-2012-2686. A flaw in the handling of OCSP response verification, exploitable with a denial of service attack, was fixed. This vulnerability was reported as CVE-2013-0166.
- 06 Jun 2012 22:25
Release Notes: Record length are now sanity checked before skipping explicit IV in TLS 1.2, 1.1, and DTLS, to avoid possible DoS attacks. A possible deadlock when decoding public keys has been fixed. The TLS 1.0 record version number is no longer used in the initial client hello if renegotiating. tkeylen in now initialized properly when encrypting CMS messages. In FIPS mode, composite ciphers are no longer used, as they are not approved.
- 20 Apr 2012 22:13
Release Notes: A check has been added for potentially exploitable overflows in asn1_d2i_read_bio, BUF_mem_grow, and BUF_mem_grow_clean. Workarounds have been introduced for some broken servers which "hang" if a client hello record length exceeds 255 bytes. Incorrect use of TLS 1.2 SHA-256 ciphersuites in TLS 1.0 and 1.1 connections is now avoided. A segmentation fault in the Vector Permutation AES module has been fixed.
- 14 Mar 2012 21:23
Release Notes: Initial TLSv1.1 support and TLS v1.2 support were implemented. Many improvements and minor bugfixes were made.
- 19 Jan 2012 14:37
Release Notes: This release fixed a DTLS DoS issue which was recently introduced by the fix for CVE-2011-4109.
Recent comments
Not free anymore
www.deadly.org/article... (www.deadly.org/article...)
It means that OpenSSL is becoming a non-free software project, because
the code from Sun contains licenses which invoke patent litigation;
the licence on the new code basically builds a contract that says "if
you use this code, you cannot sue Sun".
Re: OpenSSL
Yes, OpenSSL is based on SSLeay. SSLeay is dead, and a few people took the last source (0.9.1b) and made it into OpenSSL (0.9.1c). OpenSSL has developped from there.
OPEN SSL API DOCUMENTATION
Could anyone recommend a good place to get documentation on OpenSSL? I've downloaded the software and I need to port it to VxWorks as a client. I would like to find documentation that describes the necessary API calls and the order that they must be called.
THANKS!
Re: OpenSSL
> Uhhh.... They are the same thing.
> SSLeay was renamed to OpenSSL, AFAIK.
To quote OpenSSL's page, "OpenSSL is based on the excellent SSLeay library..."
> I would warn you - if you want
> documentation for your software - look
> elsewhere.
Or you could visit openssl.org/docs and read the library function definitions, then subscribe to the mailing list and read the source to the example programs (like openssl itself). The documentation isn't perfect, but its available.
I highly recommend ignoring anything this guy says!
Before using OpenSSL, I used SSLeay which was good in its own right but I believe that OpenSSL has a bigger and brighter future than SSLeay.
Uhhh.... They are the same thing. SSLeay was renamed to OpenSSL, AFAIK. So yeah, considering that SSLeay is dead, I'd say that OpenSSL has a brighter future. Or, considering that they are the same thing, I guess they have the same future.
OpenSSL is easy to setup and use and compiles on a variety of systems. I would highly recommend OpenSSL to anyone wanting well done SSL support!
I would warn you - if you want documentation for your software - look elsewhere. Then come back here because there is nothing else. I would highly recommend OpenSSL to anyone wanting free/opensource SSL support because you have no other real choice!
not-available
23 Dec 1998 13:04
Heartbeat
- Popularity Score
- 1,397.90
- Vitality Score
- 53.83
- Subscriptions
- 1057
