diff options
-rw-r--r-- | ChangeLog | 4 | ||||
-rw-r--r-- | NEWS | 11 |
2 files changed, 15 insertions, 0 deletions
@@ -1,3 +1,7 @@ +Sun Jun 10 06:21:10 2012 Martin Bosslet <Martin.Bosslet@googlemail.com> + + * NEWS: document new features of Ruby OpenSSL. + Sun Jun 10 03:09:41 2012 Martin Bosslet <Martin.Bosslet@googlemail.com> * ext/openssl/ossl.c: Fix error in example. Patch by David Albert. @@ -120,6 +120,17 @@ with all sufficient information, see the ChangeLog file. instance whose value is nil. All instances of OpenSSL::ASN1::Constructive raise NoMethodError in the same case. Constructing such values is still permitted. + * TLS 1.1 & 1.2 support by setting OpenSSL::SSL::SSLContext#ssl_version to + :TLSv1_2, :TLSv1_2_server, :TLSv1_2_client or :TLSv1_1, :TLSv1_1_server + :TLSv1_1_client. The version being effectively used can be queried + with OpenSSL::SSL#ssl_version. Furthermore, it is also possible to + blacklist the new TLS versions with OpenSSL::SSL:OP_NO_TLSv1_1 and + OpenSSL::SSL::OP_NO_TLSv1_2. + * Added OpenSSL::SSL::SSLContext#renegotation_cb. A user-defined callback + may be set which gets called whenever a new handshake is negotiated. This + also allows to programmatically decline (client) renegotiation attempts. + * Support for "0/n" splitting of records as BEAST mitigation via + OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS. === Language changes === Compatibility issues (excluding feature bug fixes) |