cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-11-04 04:32:24 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add change log and migration guide

Browse Source 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2021-04-30 16:42:35 +02:00
parent cee427002b
commit d5d04962ef
2 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog.d/remove-enable-weak-ciphersuites.txt Normal file
View File

@ -0,0 +1,2 @@
Removals
* Remove MBEDTLS_ENABLE_WEAK_CIPHERSUITES configuration option. Fixes #4416.

12
docs/3.0-migration-guide.d/remove-enable-weak-ciphersuites.md Normal file
View File

@ -0,0 +1,12 @@
Remove the configuration to enable weak ciphersuites in SSL / TLS
-----------------------------------------------------------------
This does not affect users who use the default `config.h`, as this option was
already off by default.
If you were using a weak cipher, please switch to any of the modern,
recommended ciphersuites (based on AES-GCM, AES-CCM or ChachaPoly for example)
and if your peer doesn't support any, encourage them to upgrade their software.
If you were using a ciphersuite without encryption, you just have to
enable MBEDTLS_CIPHER_NULL_CIPHER now.