* NEWS: document new features of Ruby OpenSSL.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@35997 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

1 files changed, 11 insertions, 0 deletions

diff --git a/NEWS b/NEWS
index 6d6f9acf90..d09bd53a17 100644
--- a/NEWS
+++ b/NEWS
@@ -120,6 +120,17 @@ with all sufficient information, see the ChangeLog file.
     instance whose value is nil. All instances of OpenSSL::ASN1::Constructive
     raise NoMethodError in the same case. Constructing such values is still
     permitted.
+  * TLS 1.1 & 1.2 support by setting OpenSSL::SSL::SSLContext#ssl_version to
+    :TLSv1_2, :TLSv1_2_server, :TLSv1_2_client or :TLSv1_1, :TLSv1_1_server 
+    :TLSv1_1_client. The version being effectively used can be queried
+    with OpenSSL::SSL#ssl_version. Furthermore, it is also possible to 
+    blacklist the new TLS versions with OpenSSL::SSL:OP_NO_TLSv1_1 and
+    OpenSSL::SSL::OP_NO_TLSv1_2. 
+  * Added OpenSSL::SSL::SSLContext#renegotation_cb. A user-defined callback
+    may be set which gets called whenever a new handshake is negotiated. This
+    also allows to programmatically decline (client) renegotiation attempts.
+  * Support for "0/n" splitting of records as BEAST mitigation via 
+    OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS.
 
 === Language changes
 === Compatibility issues (excluding feature bug fixes)