[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_2_9_10-54-ge41e31f
From: |
Nikos Mavrogiannopoulos |
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_2_9_10-54-ge41e31f |
Date: |
Fri, 28 May 2010 07:41:56 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=e41e31fca838c6c62d0f56a506e7d4b6ba90b3a3
The branch, master has been updated
via e41e31fca838c6c62d0f56a506e7d4b6ba90b3a3 (commit)
from 1d088b700f21f8804d921ae1336f0166cfd628d2 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit e41e31fca838c6c62d0f56a506e7d4b6ba90b3a3
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Fri May 28 09:41:52 2010 +0200
Added INITIAL_SAFE_RENEGOTIATION and other small updates.
-----------------------------------------------------------------------
Summary of changes:
doc/gnutls.texi | 11 ++++++++++-
1 files changed, 10 insertions(+), 1 deletions(-)
diff --git a/doc/gnutls.texi b/doc/gnutls.texi
index 312bc23..321271b 100644
--- a/doc/gnutls.texi
+++ b/doc/gnutls.texi
@@ -1280,6 +1280,7 @@ Note that it is easy to configure clients to always
require the safe
renegotiation extension from servers (see below on the
%SAFE_RENEGOTIATION priority string).
+
To modify the default behaviour, we have introduced some new priority
strings. The priority strings can be used by applications
(@pxref{gnutls_priority_set}) and end users (e.g., @code{--priority}
@@ -1288,7 +1289,15 @@ parameter to @code{gnutls-cli} and @code{gnutls-serv}).
The @code{%UNSAFE_RENEGOTIATION} priority string permits
(re-)handshakes even when the safe renegotiation extension was not
negotiated. The @code{%SAFE_RENEGOTIATION} priority string makes
-client and servers require the extension for every handshake.
+client require the extension for every handshake and servers will refuse
+renegotiation without it.
+
+To enforce your clients to upgrade to a version that supports safe
+renegotiation the %INITIAL_SAFE_RENEGOTIATION priority string should be used
+at server side. This will deny any connections unless the client supports
+the extension. This however will prevent all clients that do not support
+the extension from connecting to server, even if they do not use
+renegotiation.
It is possible to disable use of the extension completely, in both
clients and servers, by using the @code{%DISABLE_SAFE_RENEGOTIATION}
hooks/post-receive
--
GNU gnutls
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_2_9_10-54-ge41e31f,
Nikos Mavrogiannopoulos <=