diff options
author | emboss <emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2012-06-09 21:24:40 +0000 |
---|---|---|
committer | emboss <emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2012-06-09 21:24:40 +0000 |
commit | f17591876595104a79b1a41e020bd379b781487f (patch) | |
tree | 62c15d46b6cee43305960816bd8ccef3854d66a2 /NEWS | |
parent | 21f1af2ec217c6e64af2095186c558b81a00e212 (diff) |
* NEWS: document new features of Ruby OpenSSL.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35997 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 11 |
1 files changed, 11 insertions, 0 deletions
@@ -120,6 +120,17 @@ with all sufficient information, see the ChangeLog file. instance whose value is nil. All instances of OpenSSL::ASN1::Constructive raise NoMethodError in the same case. Constructing such values is still permitted. + * TLS 1.1 & 1.2 support by setting OpenSSL::SSL::SSLContext#ssl_version to + :TLSv1_2, :TLSv1_2_server, :TLSv1_2_client or :TLSv1_1, :TLSv1_1_server + :TLSv1_1_client. The version being effectively used can be queried + with OpenSSL::SSL#ssl_version. Furthermore, it is also possible to + blacklist the new TLS versions with OpenSSL::SSL:OP_NO_TLSv1_1 and + OpenSSL::SSL::OP_NO_TLSv1_2. + * Added OpenSSL::SSL::SSLContext#renegotation_cb. A user-defined callback + may be set which gets called whenever a new handshake is negotiated. This + also allows to programmatically decline (client) renegotiation attempts. + * Support for "0/n" splitting of records as BEAST mitigation via + OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS. === Language changes === Compatibility issues (excluding feature bug fixes) |