projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
New option to enable/disable connection to unpatched servers
[openssl.git] / CHANGES
diff --git a/CHANGES b/CHANGES
index 24be6c51bc9a19a60c4634205e00220624eb77f2..8041501448369fb58ac0408456bef1cd28f14133 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -863,6 +863,14 @@
 
  Changes between 0.9.8l (?) and 0.9.8m (?)  [xx XXX xxxx]
 
+  *) Add option SSL_OP_LEGACY_SERVER_CONNECT which will allow clients to
+     connect (but not renegotiate) with servers which do not support RI.
+     Until RI is more widely deployed this option is enabled by default.
+     [Steve Henson]
+
+  *) Add "missing" ssl ctrls to clear options and mode.
+     [Steve Henson]
+
   *) If client attempts to renegotiate and doesn't support RI respond with
      a no_renegotiation alert as required by draft-ietf-tls-renegotiation.
      Some renegotiating TLS clients will continue a connection gracefully
Unnamed repository; edit this file 'description' to name the repository.