From: Wouter Wijngaards <wouter@nlnetlabs.nl>
Date: Mon, 11 Feb 2019 09:59:47 +0000 (+0000)
Subject: - Fix #13: Remove left-over requirements on OpenSSL >= 1.1.0 for
X-Git-Tag: release-1.9.1rc1~18
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=49a36d98bbedf75a163e9cfed1439ba31e9ac049;p=thirdparty%2Funbound.git

- Fix #13: Remove left-over requirements on OpenSSL >= 1.1.0 for
  cert name matching, from man page.


git-svn-id: file:///svn/unbound/trunk@5112 be551aaa-1e26-0410-a405-d3ace91eadb9
---

diff --git a/doc/Changelog b/doc/Changelog
index 34a1c7919..2a3a6b80a 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -2,6 +2,8 @@
 	- Note default for module-config in man page.
 	- Fix recursion lame test for qname minimisation asked queries,
 	  that were not present in the set of prepared answers.
+	- Fix #13: Remove left-over requirements on OpenSSL >= 1.1.0 for
+	  cert name matching, from man page.
 
 7 February 2019: Wouter
 	- Fix #4206: OpenSSL 1.0.2 hostname verification for FreeBSD 11.2.
diff --git a/doc/unbound.conf.5.in b/doc/unbound.conf.5.in
index 9cbcda406..98650d207 100644
--- a/doc/unbound.conf.5.in
+++ b/doc/unbound.conf.5.in
@@ -1621,7 +1621,6 @@ the '@' and '#', the '@' comes first.
 At high verbosity it logs the TLS certificate, with TLS enabled.
 If you leave out the '#' and auth name from the forward\-addr, any
 name is accepted.  The cert must also match a CA from the tls\-cert\-bundle.
-The cert name match code needs OpenSSL 1.1.0 or later to be enabled.
 .TP
 .B forward\-first: \fI<yes or no>
 If a forwarded query is met with a SERVFAIL error, and this option is