Deprecate some non-PK compatibility functions

(Should have been deprecated in 1.3.0 already.)
2024-10-18 10:11:04 +00:00 · 2014-03-25 16:37:27 +01:00 · 2014-03-25 16:37:27 +01:00 · 7a2aba8d81
parent b2bf5a1bbb
commit 7a2aba8d81
2 changed files with 10 additions and 2 deletions
--- a/5
+++ b/5
@ -22,6 +22,7 @@ Changes
     that prevented bignum.c from compiling. (Reported by Rafael Baptista.)
   * Revamped the compat.sh interoperatibility script to include support for
     testing against GnuTLS
+   * Deprecated ssl_set_own_cert_rsa() and ssl_set_own_cert_rsa_alt()

 Security
   * Forbid change of server certificate during renegotiation to prevent
@ -29,12 +30,12 @@ Security
     attack was already impossible when authentication is required).
   * Check notBefore timestamp of certificates and CRLs from the future.
   * Forbid sequence number wrapping
-   * Fix possible buffer overflow with overlong PSK
+   * Fixed possible buffer overflow with overlong PSK

 Bugfix
   * ecp_gen_keypair() does more tries to prevent failure because of
     statistics
-   * Fix bug in RSA PKCS#1 v1.5 "reversed" operations
+   * Fixed bug in RSA PKCS#1 v1.5 "reversed" operations
   * Fixed testing with out-of-source builds using cmake
   * Fixed version-major intolerance in server
   * Fixed CMake symlinking on out-of-source builds
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@ -1059,6 +1059,9 @@ int ssl_set_own_cert( ssl_context *ssl, x509_crt *own_cert,
 *                 up your certificate chain. The top certificate (self-signed)
 *                 can be omitted.
 *
+ * \warning        This backwards-compatibility function is deprecated!
+ *                 Please use \c ssl_set_own_cert() instead.
+ *
 * \param ssl      SSL context
 * \param own_cert own public certificate chain
 * \param rsa_key  own private RSA key
@ -1081,6 +1084,10 @@ int ssl_set_own_cert_rsa( ssl_context *ssl, x509_crt *own_cert,
 *                 up your certificate chain. The top certificate (self-signed)
 *                 can be omitted.
 *
+ * \warning        This backwards-compatibility function is deprecated!
+ *                 Please use \c pk_init_ctx_rsa_alt()
+ *                 and \c ssl_set_own_cert() instead.
+ *
 * \param ssl      SSL context
 * \param own_cert own public certificate chain
 * \param rsa_key  alternate implementation private RSA key