From 3143efd86aac81a77f0e636fe27b2ca29d4b6dcb Mon Sep 17 00:00:00 2001 From: Daniel McCarney Date: Mon, 24 Mar 2025 12:32:50 -0400 Subject: [PATCH] docs: include rustls-ffi in ECH docs --- docs/ECH.md | 4 ++-- docs/libcurl/opts/CURLOPT_ECH.md | 3 ++- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/docs/ECH.md b/docs/ECH.md index 9841f6e823..e82fadd4a1 100644 --- a/docs/ECH.md +++ b/docs/ECH.md @@ -8,8 +8,8 @@ SPDX-License-Identifier: curl We have added support for ECH to curl. It can use HTTPS RRs published in the DNS if curl uses DoH, or else can accept the relevant ECHConfigList values -from the command line. This works with OpenSSL, wolfSSL, BoringSSL or AWS-LC as -the TLS provider. +from the command line. This works with OpenSSL, wolfSSL, BoringSSL, AWS-LC +or rustls-ffi as the TLS provider. This feature is EXPERIMENTAL. DO NOT USE IN PRODUCTION. diff --git a/docs/libcurl/opts/CURLOPT_ECH.md b/docs/libcurl/opts/CURLOPT_ECH.md index c35938345e..9ac65a73a0 100644 --- a/docs/libcurl/opts/CURLOPT_ECH.md +++ b/docs/libcurl/opts/CURLOPT_ECH.md @@ -11,6 +11,7 @@ Protocol: TLS-backend: - OpenSSL - wolfSSL + - rustls Added-in: 8.8.0 --- @@ -32,7 +33,7 @@ ECH is only compatible with TLSv1.3. This experimental feature requires a special build of OpenSSL, as ECH is not yet supported in OpenSSL releases. In contrast ECH is supported by the latest -BoringSSL and wolfSSL releases. +BoringSSL, wolfSSL and rustls-ffi releases. There is also a known issue with using wolfSSL which does not support ECH when the HelloRetryRequest mechanism is used.