projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 55d894b)
PreferNoDHEKEX changelog and history anticipating inclusion in OpenSSL version 3.3.
authorMarkus Minichmayr <markus@tapkey.com>
Wed, 22 Nov 2023 16:43:27 +0000 (17:43 +0100)
committerMatt Caswell <matt@openssl.org>
Fri, 24 Nov 2023 15:08:04 +0000 (15:08 +0000)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22794)

CHANGES.md patch | blob | history
doc/man3/SSL_CONF_cmd.pod patch | blob | history

diff --git a/CHANGES.md b/CHANGES.md
index 81044b3d7078da6efb25cee598904131ca2e7d12..93365619fa8f8f3f3f379fbeb31e03d732a50aae 100644 (file)
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -45,6 +45,12 @@ OpenSSL 3.3
 
    *Ahelenia ZiemiaƄska*
 
+ * New option `SSL_OP_PREFER_NO_DHE_KEX`, which allows configuring a TLS1.3
+   server to prefer session resumption using PSK-only key exchange over PSK
+   with DHE, if both are available.
+
+   *Markus Minichmayr, Tapkey GmbH*
+
 OpenSSL 3.2
 -----------
 
diff --git a/doc/man3/SSL_CONF_cmd.pod b/doc/man3/SSL_CONF_cmd.pod
index a0e4d52892c312411dba67426a53145c8ad75773..54ab886af10c878b22b2039f2565b47d3fd4f031 100644 (file)
--- a/doc/man3/SSL_CONF_cmd.pod
+++ b/doc/man3/SSL_CONF_cmd.pod
@@ -789,6 +789,8 @@ OpenSSL 3.0.
 The B<TxCertificateCompression> and B<RxCertificateCompression> options were
 added in OpenSSL 3.2.
 
+B<PreferNoDHEKEX> was added in OpenSSL 3.3.
+
 =head1 COPYRIGHT
 
 Copyright 2012-2023 The OpenSSL Project Authors. All Rights Reserved.
Unnamed repository; edit this file 'description' to name the repository.