diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2012-02-09 15:42:10 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2012-02-09 15:42:10 +0000 |
commit | f4e1169341ad1217e670387db5b0c12d680f95f4 (patch) | |
tree | 331dbb3b9585c36a3f3c477bbfea9992c1bf5ea7 /CHANGES | |
parent | febec8ff238bf4e9fe9f18922b221c4c9a17e145 (diff) |
Modify client hello version when renegotiating to enhance interop with
some servers.
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 7 |
1 files changed, 7 insertions, 0 deletions
@@ -267,6 +267,13 @@ Changes between 1.0.0f and 1.0.1 [xx XXX xxxx] + *) Some servers which support TLS 1.0 can choke if we initially indicate + support for TLS 1.2 and later renegotiate using TLS 1.0 in the RSA + encrypted premaster secret. As a workaround use the maximum pemitted + client version in client hello, this should keep such servers happy + and still work with previous versions of OpenSSL. + [Steve Henson] + *) Add support for TLS/DTLS heartbeats. [Robin Seggelmann <seggelmann@fh-muenster.de>] |