summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog4
-rw-r--r--NEWS7
2 files changed, 11 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 6c64707e6a..ca6f444e09 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+Sun Jun 10 10:27:34 2012 Martin Bosslet <Martin.Bosslet@googlemail.com>
+
+ * NEWS: Add note about the new private key export behavior.
+
Sun Jun 10 10:24:51 2012 Tanaka Akira <akr@fsij.org>
* process.c (rb_exec_async_signal_safe): exported.
diff --git a/NEWS b/NEWS
index 7a67533b1e..f51398e948 100644
--- a/NEWS
+++ b/NEWS
@@ -131,6 +131,13 @@ with all sufficient information, see the ChangeLog file.
also allows to programmatically decline (client) renegotiation attempts.
* Support for "0/n" splitting of records as BEAST mitigation via
OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS.
+ * OpenSSL requires passwords for decrypting PEM-encoded files to be at least
+ four characters long. This led to awkward situations where an export with
+ a password with fewer than four characters was possible, but accessing the
+ file afterwards failed. OpenSSL::PKey::RSA, OpenSSL::PKey::DSA and
+ OpenSSL::PKey::EC therefore now enforce the same check when exporting a
+ private key to PEM with a password - it has to be at least four characters
+ long.
=== Language changes
=== Compatibility issues (excluding feature bug fixes)
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-10 07:14:41 +0000