gh-109945 update docs to clarify change is OpenSSL 3 and above

planetf1 · planetf1 · commit 0a9c417e5ca1 · 2024-06-04T10:02:30.000+01:00
Signed-off-by: Nigel Jones &lt;jonesn@uk.ibm.com&gt;
diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst
@@ -1750,11 +1750,14 @@ to speed up repeated connections from the same clients.
 
 .. method:: SSLContext.set_ecdh_curve(curve_name)
 
-   Set the curve names for Elliptic Curve-based Diffie-Hellman (ECDH) key
+   Set the curve name for Elliptic Curve-based Diffie-Hellman (ECDH) key
    exchange.  ECDH is significantly faster than regular DH while arguably
-   as secure.  The *curve_name* parameter should be a colon separated string describing
-   one or more well-known elliptic curves, for example ``prime256v1`` for a widely
-   supported curve, or ``prime256v1:brainpoolP384r1`` to specify two curves that will be
+   as secure.  The *curve_name* parameter should be a string describing
+   a well-known elliptic curve, for example ``prime256v1`` for a widely
+   supported curve.
+
+   For OpenSSL 3.0 and above *curve_name* parameter can be a colon separated 
+   list of curves, for example ``prime256v1:brainpoolP384r1`` specifies two curves that will be
    used on a client hello.
 
    This setting doesn't apply to client sockets.  You can also use the
diff --git a/Misc/NEWS.d/next/Library/2024-06-04-07-28-18.gh-issue-109945.02TejW.rst b/Misc/NEWS.d/next/Library/2024-06-04-07-28-18.gh-issue-109945.02TejW.rst
@@ -1 +1 @@
-Adds support for multiple curves to be specified in SSLContext.set_ecdh_curve(curve_name) by setting curve_name to a colon separated list of curves. This allows multiple curves to be passed on a client hello.
+Adds support for multiple curves to be specified in SSLContext.set_ecdh_curve(curve_name) for OpenSSL 3.0 and above by setting curve_name to a colon separated list of curves. This allows multiple curves to be passed on a client hello.

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-Adds support for multiple curves to be specified in SSLContext.set_ecdh_curve(curve_name) by setting curve_name to a colon separated list of curves. This allows multiple curves to be passed on a client hello.`
	`1`	`+Adds support for multiple curves to be specified in SSLContext.set_ecdh_curve(curve_name) for OpenSSL 3.0 and above by setting curve_name to a colon separated list of curves. This allows multiple curves to be passed on a client hello.`