Google Git
Sign in
pigweed/third_party/github/ARMmbed/mbedtls/e117a8fc0dcdd9c2528856876748cfa8b06e4fd7^!/./ChangeLog
commit
e117a8fc0dcdd9c2528856876748cfa8b06e4fd7
[log]
author
Manuel Pégourié-Gonnard <mpg@elzevir.fr>
Fri Jan 09 12:39:35 2015 +0100
committer
Manuel Pégourié-Gonnard <mpg@elzevir.fr>
Fri Jan 09 12:52:20 2015 +0100
tree
01c4874b0edb46056886b882c511f256a0943d2b
parent
8e4b3374d744d83c7a881408a602e5abb85f6464 [diff] [blame]
Make truncated hmac a runtime option server-side

Reading the documentation of ssl_set_truncated_hmac() may give the impression
I changed the default for clients but I didn't, the old documentation was
wrong.

diff --git a/ChangeLog b/ChangeLog
index 89c87e0..5643688 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -9,6 +9,10 @@
    * Add support for Extended Master Secret (draft-ietf-tls-session-hash)
    * Add support for Encrypt-then-MAC (RFC 7366)
 
+Changes
+   * It is now possible to disable neogtiation of truncated HMAC server-side
+     at runtime with ssl_set_truncated_hmac().
+
 = PolarSSL 1.3.9 released 2014-10-20
 Security
    * Lowest common hash was selected from signature_algorithms extension in