projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
New functions SSL_get_finished, SSL_get_peer_finished.
[openssl.git] / CHANGES
diff --git a/CHANGES b/CHANGES
index 5572e1fd318499d592f91e6fefa7ee6beb1d2314..52e0ffb3f2fa91a64b89dac313191377da516fca 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,7 +4,16 @@
 
  Changes between 0.9.4 and 0.9.5  [xx XXX 1999]
 
-  *) Clean up 'Finished' handling.
+  *) Clean up 'Finished' handling, and add functions SSL_get_finished and
+     SSL_get_peer_finished to allow applications to obtain the latest
+     Finished messages sent to the peer or expected from the peer,
+     respectively.  (SSL_get_peer_finished is usually the Finished message
+     actually received from the peer, otherwise the protocol will be aborted.)
+
+     As the Finished message are message digests of the complete handshake
+     (with a total of 192 bits for TLS 1.0 and more for SSL 3.0), they can
+     be used for external authentication procedures when the authentication
+     provided by SSL/TLS is not desired or is not enough.
      [Bodo Moeller]
 
   *) Enhanced support for Alpha Linux is added. Now ./config checks if
Unnamed repository; edit this file 'description' to name the repository.