[SCM] GNU gnutls branch, master, updated. gnutls_2_9

gnutls-commit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SCM] GNU gnutls branch, master, updated. gnutls_2_9_10-54-ge41e31f

From:	Nikos Mavrogiannopoulos
Subject:	[SCM] GNU gnutls branch, master, updated. gnutls_2_9_10-54-ge41e31f
Date:	Fri, 28 May 2010 07:41:56 +0000

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".

http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=e41e31fca838c6c62d0f56a506e7d4b6ba90b3a3

The branch, master has been updated
       via  e41e31fca838c6c62d0f56a506e7d4b6ba90b3a3 (commit)
      from  1d088b700f21f8804d921ae1336f0166cfd628d2 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit e41e31fca838c6c62d0f56a506e7d4b6ba90b3a3
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Fri May 28 09:41:52 2010 +0200

    Added INITIAL_SAFE_RENEGOTIATION and other small updates.

-----------------------------------------------------------------------

Summary of changes:
 doc/gnutls.texi |   11 ++++++++++-
 1 files changed, 10 insertions(+), 1 deletions(-)

diff --git a/doc/gnutls.texi b/doc/gnutls.texi
index 312bc23..321271b 100644
--- a/doc/gnutls.texi
+++ b/doc/gnutls.texi
@@ -1280,6 +1280,7 @@ Note that it is easy to configure clients to always 
require the safe
 renegotiation extension from servers (see below on the
 %SAFE_RENEGOTIATION priority string).
 
+
 To modify the default behaviour, we have introduced some new priority
 strings.  The priority strings can be used by applications
 (@pxref{gnutls_priority_set}) and end users (e.g., @code{--priority}
@@ -1288,7 +1289,15 @@ parameter to @code{gnutls-cli} and @code{gnutls-serv}).
 The @code{%UNSAFE_RENEGOTIATION} priority string permits
 (re-)handshakes even when the safe renegotiation extension was not
 negotiated.  The @code{%SAFE_RENEGOTIATION} priority string makes
-client and servers require the extension for every handshake.
+client require the extension for every handshake and servers will refuse
+renegotiation without it.
+
+To enforce your clients to upgrade to a version that supports safe
+renegotiation the %INITIAL_SAFE_RENEGOTIATION priority string should be used
+at server side. This will deny any connections unless the client supports
+the extension. This however will prevent all clients that do not support
+the extension from connecting to server, even if they do not use
+renegotiation.
 
 It is possible to disable use of the extension completely, in both
 clients and servers, by using the @code{%DISABLE_SAFE_RENEGOTIATION}


hooks/post-receive
-- 
GNU gnutls

[Prev in Thread]

Current Thread

[Next in Thread]

[SCM] GNU gnutls branch, master, updated. gnutls_2_9_10-54-ge41e31f, Nikos Mavrogiannopoulos <=

Prev by Date: [SCM] GNU gnutls branch, master, updated. gnutls_2_9_10-53-g1d088b7
Next by Date: [SCM] GNU gnutls branch, new, updated. gnutls_2_9_10-141-g0284011
Previous by thread: [SCM] GNU gnutls branch, master, updated. gnutls_2_9_10-53-g1d088b7
Next by thread: [SCM] GNU gnutls branch, new, updated. gnutls_2_9_10-141-g0284011
Index(es):
- Date
- Thread