diff options
author | emboss <emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2012-06-09 21:24:40 +0000 |
---|---|---|
committer | emboss <emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2012-06-09 21:24:40 +0000 |
commit | f17591876595104a79b1a41e020bd379b781487f (patch) | |
tree | 62c15d46b6cee43305960816bd8ccef3854d66a2 | |
parent | 21f1af2ec217c6e64af2095186c558b81a00e212 (diff) | |
download | ruby-f17591876595104a79b1a41e020bd379b781487f.tar.gz |
* NEWS: document new features of Ruby OpenSSL.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35997 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | ChangeLog | 4 | ||||
-rw-r--r-- | NEWS | 11 |
2 files changed, 15 insertions, 0 deletions
@@ -1,3 +1,7 @@ +Sun Jun 10 06:21:10 2012 Martin Bosslet <Martin.Bosslet@googlemail.com> + + * NEWS: document new features of Ruby OpenSSL. + Sun Jun 10 03:09:41 2012 Martin Bosslet <Martin.Bosslet@googlemail.com> * ext/openssl/ossl.c: Fix error in example. Patch by David Albert. @@ -120,6 +120,17 @@ with all sufficient information, see the ChangeLog file. instance whose value is nil. All instances of OpenSSL::ASN1::Constructive raise NoMethodError in the same case. Constructing such values is still permitted. + * TLS 1.1 & 1.2 support by setting OpenSSL::SSL::SSLContext#ssl_version to + :TLSv1_2, :TLSv1_2_server, :TLSv1_2_client or :TLSv1_1, :TLSv1_1_server + :TLSv1_1_client. The version being effectively used can be queried + with OpenSSL::SSL#ssl_version. Furthermore, it is also possible to + blacklist the new TLS versions with OpenSSL::SSL:OP_NO_TLSv1_1 and + OpenSSL::SSL::OP_NO_TLSv1_2. + * Added OpenSSL::SSL::SSLContext#renegotation_cb. A user-defined callback + may be set which gets called whenever a new handshake is negotiated. This + also allows to programmatically decline (client) renegotiation attempts. + * Support for "0/n" splitting of records as BEAST mitigation via + OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS. === Language changes === Compatibility issues (excluding feature bug fixes) |