[openssl] OpenSSL_1_1_1-stable update

Matt Caswell matt at openssl.org
Thu Apr 4 15:58:21 UTC 2019

The branch OpenSSL_1_1_1-stable has been updated
       via  0cbfcc39042bb1ff16d4500979d34fcdae3ec602 (commit)
      from  2423b5f07f01a7318fb48a277c1c4f372958d664 (commit)

- Log -----------------------------------------------------------------
commit 0cbfcc39042bb1ff16d4500979d34fcdae3ec602
Author: Matt Caswell <matt at openssl.org>
Date:   Wed Apr 3 23:13:59 2019 +0100

    Correct the documentation about SSL_CIPHER_description()
    There are some ciphersuites that were introduced in TLSv1.0/TLSv1.1 but
    are backwards compatible with SSLv3.
    Fixes #8655
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/8658)
    (cherry picked from commit 69539990a8152e90dbe1df1124263db126b1e6f3)


Summary of changes:
 doc/man3/SSL_CIPHER_get_name.pod | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/doc/man3/SSL_CIPHER_get_name.pod b/doc/man3/SSL_CIPHER_get_name.pod
index 4c12c5e..8800bbd 100644
--- a/doc/man3/SSL_CIPHER_get_name.pod
+++ b/doc/man3/SSL_CIPHER_get_name.pod
@@ -124,7 +124,10 @@ Textual representation of the cipher name.
 =item <protocol version>
-Protocol version, such as B<TLSv1.2>, when the cipher was first defined.
+The minimum protocol version that the ciphersuite supports, such as B<TLSv1.2>.
+Note that this is not always the same as the protocol version in which the
+ciphersuite was first defined because some ciphersuites are backwards compatible
+with earlier protocol versions.
 =item Kx=<key exchange>

More information about the openssl-commits mailing list