[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, gnutls_2_10_x, updated. gnutls_2_9_10-73-gc85bf
From: |
Simon Josefsson |
Subject: |
[SCM] GNU gnutls branch, gnutls_2_10_x, updated. gnutls_2_9_10-73-gc85bff2 |
Date: |
Mon, 07 Jun 2010 13:48:04 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=c85bff2e336eeda70a4312d1296dd12568cda0c9
The branch, gnutls_2_10_x has been updated
via c85bff2e336eeda70a4312d1296dd12568cda0c9 (commit)
from 8a39da8c8eba5432ebeca0d3d518c99744978f5c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit c85bff2e336eeda70a4312d1296dd12568cda0c9
Author: Simon Josefsson <address@hidden>
Date: Mon Jun 7 15:48:00 2010 +0200
Doc fix.
-----------------------------------------------------------------------
Summary of changes:
lib/gnutls_priority.c | 54 ++++++++++++++++++++++++++----------------------
1 files changed, 29 insertions(+), 25 deletions(-)
diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c
index 8004fe3..7e71468 100644
--- a/lib/gnutls_priority.c
+++ b/lib/gnutls_priority.c
@@ -468,12 +468,12 @@ gnutls_priority_set (gnutls_session_t session,
gnutls_priority_t priority)
* @priorities: is a string describing priorities
* @err_pos: In case of an error this will have the position in the string the
error occured
*
- * Sets priorities for the ciphers, key exchange methods, macs and
- * compression methods. This is to avoid using the
- * gnutls_*_priority() functions.
+ * Sets priorities for the ciphers, key exchange methods, MACs and
+ * compression methods. This provides a more flexible interface
+ * compared to the gnutls_*_priority functions.
*
- * The #priorities option allows you to specify a colon
- * separated list of the cipher priorities to enable.
+ * The @priorities parameter allows you to specify a colon separated
+ * list of the cipher priorities to enable.
*
* Unless the first keyword is "NONE" the defaults (in preference
* order) are for TLS protocols TLS1.1, TLS1.0, SSL3.0; for
@@ -485,9 +485,9 @@ gnutls_priority_set (gnutls_session_t session,
gnutls_priority_t priority)
* are enabled (except for the RSA-EXPORT which is only enabled in
* EXPORT level).
*
- * Note that although one can select very long key sizes (such as 256 bits)
- * for symmetric algorithms, to actually increase security the public key
- * algorithms have to use longer key sizes as well.
+ * Note that although one can select very long key sizes (such as 256
+ * bits) for symmetric algorithms, to actually increase security the
+ * public key algorithms have to use longer key sizes as well.
*
* For all the current available algorithms and protocols use
* "gnutls-cli -l" to get a listing.
@@ -499,7 +499,7 @@ gnutls_priority_set (gnutls_session_t session,
gnutls_priority_t priority)
* limited to 128 bit ciphers and sorted by terms of speed
* performance.
*
- * "NORMAL" means all "secure" ciphersuites. The 256-bit ciphers are
+ * "NORMAL" means all "secure" ciphersuites. The 256-bit ciphers are
* included as a fallback only. The ciphers are sorted by security
* margin.
*
@@ -522,33 +522,37 @@ gnutls_priority_set (gnutls_session_t session,
gnutls_priority_t priority)
*
* "%COMPAT" will enable compatibility features for a server.
*
- * "%DISABLE_SAFE_RENEGOTIATION" will disable safe renegotiation completely.
Do not use
- * unless you know what you are doing. Testing purposes only.
+ * "%DISABLE_SAFE_RENEGOTIATION" will disable safe renegotiation
+ * completely. Do not use unless you know what you are doing. Testing
+ * purposes only.
*
- * "%UNSAFE_RENEGOTIATION" will allow unsafe renegotiation (this is now
- * the default for clients, but will change once more servers support the safe
renegotiation
- * TLS fix).
+ * "%UNSAFE_RENEGOTIATION" will allow unsafe renegotiation (this is
+ * now the default for clients, but will change once more servers
+ * support the safe renegotiation TLS fix).
*
- * "%PARTIAL_SAFE_RENEGOTIATION" In server side it will enable safe
renegotiation
- * and will protect all clients from known attacks, but will not prevent
insecure clients
- * from connecting. In client side it will disallow from renegotiating with an
insecure server
- * but will not prevent connecting to one (this leaves the client vulnerable
to attacks).
+ * "%PARTIAL_SAFE_RENEGOTIATION" In server side it will enable safe
+ * renegotiation and will protect all clients from known attacks, but
+ * will not prevent insecure clients from connecting. In client side
+ * it will disallow from renegotiating with an insecure server but
+ * will not prevent connecting to one (this leaves the client
+ * vulnerable to attacks).
*
- * "%SAFE_RENEGOTIATION" will enforce safe renegotiation. Clients and Servers
will refuse
- * to talk to an insecure peer.
+ * "%SAFE_RENEGOTIATION" will enforce safe renegotiation. Clients and
+ * Servers will refuse to talk to an insecure peer.
*
- * "%SSL3_RECORD_VERSION" will use SSL3.0 record version in client hello.
+ * "%SSL3_RECORD_VERSION" will use SSL3.0 record version in client
+ * hello.
*
* "%VERIFY_ALLOW_SIGN_RSA_MD5" will allow RSA-MD5 signatures in
* certificate chains.
*
* "%VERIFY_ALLOW_X509_V1_CA_CRT" will allow V1 CAs in chains.
*
- * Namespace concern:
+ * Namespace:
* To avoid collisions in order to specify a compression algorithm in
* this string you have to prefix it with "COMP-", protocol versions
- * with "VERS-", signature algorithms with "SIGN-" and certificate types with
"CTYPE-". All other
- * algorithms don't need a prefix.
+ * with "VERS-", signature algorithms with "SIGN-" and certificate
+ * types with "CTYPE-". Other algorithms don't need a prefix.
*
* Examples:
* "NORMAL:!AES-128-CBC" means normal ciphers except for AES-128.
@@ -560,7 +564,7 @@ gnutls_priority_set (gnutls_session_t session,
gnutls_priority_t priority)
* "%COMPAT".
*
* Returns: On syntax error %GNUTLS_E_INVALID_REQUEST is returned,
- * %GNUTLS_E_SUCCESS on success, or an error code.
+ * %GNUTLS_E_SUCCESS on success, or an error code.
**/
int
gnutls_priority_init (gnutls_priority_t * priority_cache,
hooks/post-receive
--
GNU gnutls
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, gnutls_2_10_x, updated. gnutls_2_9_10-73-gc85bff2,
Simon Josefsson <=