diff options
Diffstat (limited to 'lib/ssl')
-rw-r--r-- | lib/ssl/doc/src/notes.xml | 122 | ||||
-rw-r--r-- | lib/ssl/vsn.mk | 2 |
2 files changed, 1 insertions, 123 deletions
diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 795c38bd8e..34fe352d08 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -27,128 +27,6 @@ </header> <p>This document describes the changes made to the SSL application.</p> -<section><title>SSL 9.0</title> - - <section><title>Fixed Bugs and Malfunctions</title> - <list> - <item> - <p> - Correct handling of ECDH suites.</p> - <p> - Own Id: OTP-14974</p> - </item> - <item> - <p> - Proper handling of clients that choose to send an empty - answer to a certificate request</p> - <p> - Own Id: OTP-15050</p> - </item> - </list> - </section> - - - <section><title>Improvements and New Features</title> - <list> - <item> - <p> - Distribution over SSL (inet_tls) has, to improve - performance, been rewritten to not use intermediate - processes and ports.</p> - <p> - Own Id: OTP-14465</p> - </item> - <item> - <p> - Add suport for ECDHE_PSK cipher suites</p> - <p> - Own Id: OTP-14547</p> - </item> - <item> - <p> - For security reasons no longer support 3-DES cipher - suites by default</p> - <p> - *** INCOMPATIBILITY with possibly ***</p> - <p> - Own Id: OTP-14768</p> - </item> - <item> - <p> - For security reasons RSA-key exchange cipher suites are - no longer supported by default</p> - <p> - *** INCOMPATIBILITY with possible ***</p> - <p> - Own Id: OTP-14769</p> - </item> - <item> - <p> - The interoperability option to fallback to insecure - renegotiation now has to be explicitly turned on.</p> - <p> - *** INCOMPATIBILITY with possibly ***</p> - <p> - Own Id: OTP-14789</p> - </item> - <item> - <p> - Drop support for SSLv2 enabled clients. SSLv2 has been - broken for decades and never supported by the Erlang - SSL/TLS implementation. This option was by default - disabled and enabling it has proved to sometimes break - connections not using SSLv2 enabled clients.</p> - <p> - *** POTENTIAL INCOMPATIBILITY ***</p> - <p> - Own Id: OTP-14824</p> - </item> - <item> - <p> - Remove CHACHA20_POLY1305 ciphers form default for now. We - have discovered interoperability problems, ERL-538, that - we believe needs to be solved in crypto.</p> - <p> - *** INCOMPATIBILITY with possibly ***</p> - <p> - Own Id: OTP-14882</p> - </item> - <item> - <p> - Generalize DTLS packet multiplexing to make it easier to - add future DTLS features and uses.</p> - <p> - Own Id: OTP-14888</p> - </item> - <item> - <p> - Use uri_string module instead of http_uri.</p> - <p> - Own Id: OTP-14902</p> - </item> - <item> - <p> - The SSL distribution protocol <c>-proto inet_tls</c> has - stopped setting the SSL option - <c>server_name_indication</c>. New verify funs for client - and server in <c>inet_tls_dist</c> has been added, not - documented yet, that checks node name if present in peer - certificate. Usage is still also yet to be documented.</p> - <p> - Own Id: OTP-14969 Aux Id: OTP-14465, ERL-598 </p> - </item> - <item> - <p> - Deprecate ssl:ssl_accept/[1,2,3] in favour of - ssl:handshake/[1,2,3]</p> - <p> - Own Id: OTP-15056</p> - </item> - </list> - </section> - -</section> - <section><title>SSL 8.2.6</title> <section><title>Fixed Bugs and Malfunctions</title> diff --git a/lib/ssl/vsn.mk b/lib/ssl/vsn.mk index 10be907b4f..eb85a55717 100644 --- a/lib/ssl/vsn.mk +++ b/lib/ssl/vsn.mk @@ -1 +1 @@ -SSL_VSN = 9.0 +SSL_VSN = 8.2.6 |