Victor_VG
Tracker Mod | Редактировать | Профиль | Сообщение | Цитировать | Сообщить модератору
Changes between 1.1.1g and 1.1.1h [22 Sep 2020]
*) Certificates with explicit curve parameters are now disallowed in
verification chains if the X509_V_FLAG_X509_STRICT flag is used.
[Tomas Mraz]
*) The 'MinProtocol' and 'MaxProtocol' configuration commands now silently
ignore TLS protocol version bounds when configuring DTLS-based contexts, and
conversely, silently ignore DTLS protocol version bounds when configuring
TLS-based contexts. The commands can be repeated to set bounds of both
types. The same applies with the corresponding "min_protocol" and
"max_protocol" command-line switches, in case some application uses both TLS
and DTLS.
SSL_CTX instances that are created for a fixed protocol version (e.g.
TLSv1_server_method()) also silently ignore version bounds. Previously
attempts to apply bounds to these protocol versions would result in an
error. Now only the "version-flexible" SSL_CTX instances are subject to
limits in configuration files in command-line options.
[Viktor Dukhovni]
*) Handshake now fails if Extended Master Secret extension is dropped
on renegotiation.
[Tomas Mraz]
*) The Oracle Developer Studio compiler will start reporting deprecated APIs |
Всего записей: 33225 | Зарегистр. 31-07-2002 | Отправлено: 08:44 24-09-2020 | Исправлено: Victor_VG, 09:04 24-09-2020 |
|
