projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Correct the UnsafeLegacyServerConnect docs
[openssl.git] / doc / man3 / SSL_CONF_cmd.pod
diff --git a/doc/man3/SSL_CONF_cmd.pod b/doc/man3/SSL_CONF_cmd.pod
index 7971d6e0b5e79816b56455a92f40dac9b5915201..d4deeb5e82e6ea5a1616cc32ce3f009eac61fa74 100644 (file)
--- a/doc/man3/SSL_CONF_cmd.pod
+++ b/doc/man3/SSL_CONF_cmd.pod
@@ -496,7 +496,6 @@ Equivalent to B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION>.
 
 B<UnsafeLegacyServerConnect>: permits the use of unsafe legacy renegotiation
 for OpenSSL clients only. Equivalent to B<SSL_OP_LEGACY_SERVER_CONNECT>.
-Set by default.
 
 B<EncryptThenMac>: use encrypt-then-mac extension, enabled by
 default. Inverse of B<SSL_OP_NO_ENCRYPT_THEN_MAC>: that is,
@@ -731,6 +730,9 @@ B<MinProtocol> and B<MaxProtocol> where added in OpenSSL 1.1.0.
 
 B<AllowNoDHEKEX> and B<PrioritizeChaCha> were added in OpenSSL 1.1.1.
 
+The B<UnsafeLegacyServerConnect> option is no longer set by default from
+OpenSSL 3.0.
+
 =head1 COPYRIGHT
 
 Copyright 2012-2021 The OpenSSL Project Authors. All Rights Reserved.
Unnamed repository; edit this file 'description' to name the repository.