Deprecate some non-PK compatibility functions
(Should have been deprecated in 1.3.0 already.)
This commit is contained in:
parent
b2bf5a1bbb
commit
7a2aba8d81
2 changed files with 10 additions and 2 deletions
|
@ -22,6 +22,7 @@ Changes
|
||||||
that prevented bignum.c from compiling. (Reported by Rafael Baptista.)
|
that prevented bignum.c from compiling. (Reported by Rafael Baptista.)
|
||||||
* Revamped the compat.sh interoperatibility script to include support for
|
* Revamped the compat.sh interoperatibility script to include support for
|
||||||
testing against GnuTLS
|
testing against GnuTLS
|
||||||
|
* Deprecated ssl_set_own_cert_rsa() and ssl_set_own_cert_rsa_alt()
|
||||||
|
|
||||||
Security
|
Security
|
||||||
* Forbid change of server certificate during renegotiation to prevent
|
* Forbid change of server certificate during renegotiation to prevent
|
||||||
|
@ -29,12 +30,12 @@ Security
|
||||||
attack was already impossible when authentication is required).
|
attack was already impossible when authentication is required).
|
||||||
* Check notBefore timestamp of certificates and CRLs from the future.
|
* Check notBefore timestamp of certificates and CRLs from the future.
|
||||||
* Forbid sequence number wrapping
|
* Forbid sequence number wrapping
|
||||||
* Fix possible buffer overflow with overlong PSK
|
* Fixed possible buffer overflow with overlong PSK
|
||||||
|
|
||||||
Bugfix
|
Bugfix
|
||||||
* ecp_gen_keypair() does more tries to prevent failure because of
|
* ecp_gen_keypair() does more tries to prevent failure because of
|
||||||
statistics
|
statistics
|
||||||
* Fix bug in RSA PKCS#1 v1.5 "reversed" operations
|
* Fixed bug in RSA PKCS#1 v1.5 "reversed" operations
|
||||||
* Fixed testing with out-of-source builds using cmake
|
* Fixed testing with out-of-source builds using cmake
|
||||||
* Fixed version-major intolerance in server
|
* Fixed version-major intolerance in server
|
||||||
* Fixed CMake symlinking on out-of-source builds
|
* Fixed CMake symlinking on out-of-source builds
|
||||||
|
|
|
@ -1059,6 +1059,9 @@ int ssl_set_own_cert( ssl_context *ssl, x509_crt *own_cert,
|
||||||
* up your certificate chain. The top certificate (self-signed)
|
* up your certificate chain. The top certificate (self-signed)
|
||||||
* can be omitted.
|
* can be omitted.
|
||||||
*
|
*
|
||||||
|
* \warning This backwards-compatibility function is deprecated!
|
||||||
|
* Please use \c ssl_set_own_cert() instead.
|
||||||
|
*
|
||||||
* \param ssl SSL context
|
* \param ssl SSL context
|
||||||
* \param own_cert own public certificate chain
|
* \param own_cert own public certificate chain
|
||||||
* \param rsa_key own private RSA key
|
* \param rsa_key own private RSA key
|
||||||
|
@ -1081,6 +1084,10 @@ int ssl_set_own_cert_rsa( ssl_context *ssl, x509_crt *own_cert,
|
||||||
* up your certificate chain. The top certificate (self-signed)
|
* up your certificate chain. The top certificate (self-signed)
|
||||||
* can be omitted.
|
* can be omitted.
|
||||||
*
|
*
|
||||||
|
* \warning This backwards-compatibility function is deprecated!
|
||||||
|
* Please use \c pk_init_ctx_rsa_alt()
|
||||||
|
* and \c ssl_set_own_cert() instead.
|
||||||
|
*
|
||||||
* \param ssl SSL context
|
* \param ssl SSL context
|
||||||
* \param own_cert own public certificate chain
|
* \param own_cert own public certificate chain
|
||||||
* \param rsa_key alternate implementation private RSA key
|
* \param rsa_key alternate implementation private RSA key
|
||||||
|
|
Loading…
Reference in a new issue