From 68b804f34d4ec420d86953e3f519179a40fbee8f Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Tue, 29 Jan 2013 11:38:41 +0100 Subject: Prepare release --- lib/ssl/doc/src/notes.xml | 112 +++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 111 insertions(+), 1 deletion(-) (limited to 'lib/ssl/doc') diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 73cda03b2f..299850333d 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -26,7 +26,117 @@

This document describes the changes made to the SSL application.

-
SSL 5.1.2 +
SSL 5.2 + +
Fixed Bugs and Malfunctions + + +

+ SSL: TLS 1.2, advertise sha224 support, thanks to Andreas + Schultz.

+

+ Own Id: OTP-10586

+
+ +

+ If an ssl server is restarted with new options and a + client tries to reuse a session the server must make sure + that it complies to the new options before agreeing to + reuse it.

+

+ Own Id: OTP-10595

+
+ +

+ Now handles cleaning of CA-certificate database correctly + so that there will be no memory leek, bug was introduced + in ssl- 5.1 when changing implementation to increase + parallel execution.

+

+ Impact: Improved memory usage, especially if you have + many different certificates and upgrade tcp-connections + to TLS-connections.

+

+ Own Id: OTP-10710

+
+
+
+ + +
Improvements and New Features + + +

+ Support Next Protocol Negotiation in TLS, thanks to Ben + Murphy for the contribution.

+

+ Impact: Could give performance benefit if used as it + saves a round trip.

+

+ Own Id: OTP-10361 Aux Id: kunagi-214 [125]

+
+ +

+ TLS 1.2 will now be the default TLS version if sufficient + crypto support is available otherwise TLS 1.1 will be + default.

+

+ Impact: A default TLS connection will have higher + security and hence it may be perceived as slower then + before.

+

+ Own Id: OTP-10425 Aux Id: kunagi-275 [186]

+
+ +

+ It is now possible to call controlling_process on a + listen socket, same as in gen_tcp.

+

+ Own Id: OTP-10447

+
+ +

+ Remove filter mechanisms that made error messages + backwards compatible with old ssl but hid information + about what actually happened.

+

+ This does not break the documented API however other + reason terms may be returned, so code that matches on the + reason part of {error, Reason} may fail.

+

+ *** POTENTIAL INCOMPATIBILITY ***

+

+ Own Id: OTP-10451 Aux Id: kunagi-270 [181]

+
+ +

+ Added missing dependencies to Makefile

+

+ Own Id: OTP-10594

+
+ +

+ Removed deprecated function ssl:pid/0, it has been + pointless since R14 but has been keep for backwards + compatibility.

+

+ *** POTENTIAL INCOMPATIBILITY ***

+

+ Own Id: OTP-10613 Aux Id: kunagi-331 [242]

+
+ +

+ Refactor to simplify addition of key exchange methods, + thanks to Andreas Schultz.

+

+ Own Id: OTP-10709

+
+
+
+ +
+ +
SSL 5.1.2
Fixed Bugs and Malfunctions -- cgit v1.2.3