Commit 96de98ba authored by Matt Caswell's avatar Matt Caswell
Browse files

Update CHANGES with info about SSL_OP_NO_RENGOTIATION 



Reviewed-by: default avatarBen Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4901)
parent 6e127fdd

CHANGES

+13 −0
Original line number Diff line number Diff line
@@ -9,6 +9,19 @@ 














 Changes between 1.1.0g and 1.1.0h [xx XXX xxxx]



























  *) Backport SSL_OP_NO_RENGOTIATION

























     OpenSSL 1.0.2 and below had the ability to disable renegotiation using the













     (undocumented) SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS flag. Due to the opacity













     changes this is no longer possible in 1.1.0. Therefore the new













     SSL_OP_NO_RENEGOTIATION option from 1.1.1-dev has been backported to













     1.1.0 to provide equivalent functionality.

























     Note that if an application built against 1.1.0h headers (or above) is run













     using an older version of 1.1.0 (prior to 1.1.0h) then the option will be













     accepted but nothing will happen, i.e. renegotiation will not be prevented.













     [Matt Caswell]



























  *) Removed the OS390-Unix config target.  It relied on a script that doesn't















     exist.















     [Rich Salz]