Deprecate some non-PK compatibility functions
(Should have been deprecated in 1.3.0 already.)
diff --git a/ChangeLog b/ChangeLog
index 5beeb35..8fb91cd 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -22,6 +22,7 @@
that prevented bignum.c from compiling. (Reported by Rafael Baptista.)
* Revamped the compat.sh interoperatibility script to include support for
testing against GnuTLS
+ * Deprecated ssl_set_own_cert_rsa() and ssl_set_own_cert_rsa_alt()
Security
* Forbid change of server certificate during renegotiation to prevent
@@ -29,12 +30,12 @@
attack was already impossible when authentication is required).
* Check notBefore timestamp of certificates and CRLs from the future.
* Forbid sequence number wrapping
- * Fix possible buffer overflow with overlong PSK
+ * Fixed possible buffer overflow with overlong PSK
Bugfix
* ecp_gen_keypair() does more tries to prevent failure because of
statistics
- * Fix bug in RSA PKCS#1 v1.5 "reversed" operations
+ * Fixed bug in RSA PKCS#1 v1.5 "reversed" operations
* Fixed testing with out-of-source builds using cmake
* Fixed version-major intolerance in server
* Fixed CMake symlinking on out-of-source builds
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index 2e33ffd..c1aff67 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -1059,6 +1059,9 @@
* up your certificate chain. The top certificate (self-signed)
* can be omitted.
*
+ * \warning This backwards-compatibility function is deprecated!
+ * Please use \c ssl_set_own_cert() instead.
+ *
* \param ssl SSL context
* \param own_cert own public certificate chain
* \param rsa_key own private RSA key
@@ -1081,6 +1084,10 @@
* up your certificate chain. The top certificate (self-signed)
* can be omitted.
*
+ * \warning This backwards-compatibility function is deprecated!
+ * Please use \c pk_init_ctx_rsa_alt()
+ * and \c ssl_set_own_cert() instead.
+ *
* \param ssl SSL context
* \param own_cert own public certificate chain
* \param rsa_key alternate implementation private RSA key
