[openssl] OpenSSL_1_1_1-stable update

Matt Caswell matt at openssl.org
Thu Feb 21 09:27:02 UTC 2019

The branch OpenSSL_1_1_1-stable has been updated
       via  143ee7b673b4544e3e749218548c8671c4414270 (commit)
      from  e2e69dce151462e05acd00bd0e56fea56144d485 (commit)

- Log -----------------------------------------------------------------
commit 143ee7b673b4544e3e749218548c8671c4414270
Author: Hubert Kario <hkario at redhat.com>
Date:   Wed Feb 20 16:21:18 2019 +0100

    SSL_CONF_cmd: fix doc for NoRenegotiation
    The option is a flag for Options, not a standalone setting.
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/8292)
    (cherry picked from commit 4ac5e43da6d9ee828240e6d347c48c8fae6573a2)


Summary of changes:
 doc/man3/SSL_CONF_cmd.pod | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/doc/man3/SSL_CONF_cmd.pod b/doc/man3/SSL_CONF_cmd.pod
index a263c61..2d86ce4 100644
--- a/doc/man3/SSL_CONF_cmd.pod
+++ b/doc/man3/SSL_CONF_cmd.pod
@@ -308,11 +308,6 @@ Attempts to pad TLSv1.3 records so that they are a multiple of B<value> in
 length on send. A B<value> of 0 or 1 turns off padding. Otherwise, the
 B<value> must be >1 or <=16384.
-=item B<NoRenegotiation>
-Disables all attempts at renegotiation in TLSv1.2 and earlier, same as setting
 =item B<SignatureAlgorithms>
 This sets the supported signature algorithms for TLSv1.2 and TLSv1.3.
@@ -456,6 +451,9 @@ Only used by servers.
 B<NoResumptionOnRenegotiation>: set
+B<NoRenegotiation>: disables all attempts at renegotiation in TLSv1.2 and
+earlier, same as setting B<SSL_OP_NO_RENEGOTIATION>.
 B<UnsafeLegacyRenegotiation>: permits the use of unsafe legacy renegotiation.

More information about the openssl-commits mailing list