diff --git a/ChangeLog b/ChangeLog index 5beeb35321..8fb91cdf96 100644 --- a/ChangeLog +++ b/ChangeLog @@ -22,6 +22,7 @@ Changes that prevented bignum.c from compiling. (Reported by Rafael Baptista.) * Revamped the compat.sh interoperatibility script to include support for testing against GnuTLS + * Deprecated ssl_set_own_cert_rsa() and ssl_set_own_cert_rsa_alt() Security * Forbid change of server certificate during renegotiation to prevent @@ -29,12 +30,12 @@ Security attack was already impossible when authentication is required). * Check notBefore timestamp of certificates and CRLs from the future. * Forbid sequence number wrapping - * Fix possible buffer overflow with overlong PSK + * Fixed possible buffer overflow with overlong PSK Bugfix * ecp_gen_keypair() does more tries to prevent failure because of statistics - * Fix bug in RSA PKCS#1 v1.5 "reversed" operations + * Fixed bug in RSA PKCS#1 v1.5 "reversed" operations * Fixed testing with out-of-source builds using cmake * Fixed version-major intolerance in server * Fixed CMake symlinking on out-of-source builds diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h index 2e33ffd5a4..c1aff67b59 100644 --- a/include/polarssl/ssl.h +++ b/include/polarssl/ssl.h @@ -1059,6 +1059,9 @@ int ssl_set_own_cert( ssl_context *ssl, x509_crt *own_cert, * up your certificate chain. The top certificate (self-signed) * can be omitted. * + * \warning This backwards-compatibility function is deprecated! + * Please use \c ssl_set_own_cert() instead. + * * \param ssl SSL context * \param own_cert own public certificate chain * \param rsa_key own private RSA key @@ -1081,6 +1084,10 @@ int ssl_set_own_cert_rsa( ssl_context *ssl, x509_crt *own_cert, * up your certificate chain. The top certificate (self-signed) * can be omitted. * + * \warning This backwards-compatibility function is deprecated! + * Please use \c pk_init_ctx_rsa_alt() + * and \c ssl_set_own_cert() instead. + * * \param ssl SSL context * \param own_cert own public certificate chain * \param rsa_key alternate implementation private RSA key