diff options
author | Daiki Ueno <ueno@gnu.org> | 2023-04-02 08:21:41 +0900 |
---|---|---|
committer | Daiki Ueno <ueno@gnu.org> | 2023-04-20 23:01:02 +0900 |
commit | 1fbe52e042e181d1e477a2c3993ff49267d0a5da (patch) | |
tree | 2aabac9a196d1db9e1b454356fd39c9cc2efa8c9 | |
parent | 4c5e937db05c502ed205fbbe0d327472135680f1 (diff) | |
download | gnutls-1fbe52e042e181d1e477a2c3993ff49267d0a5da.tar.gz |
doc: mention ClientHello extensions shuffling
Signed-off-by: Daiki Ueno <ueno@gnu.org>
-rw-r--r-- | NEWS | 9 | ||||
-rw-r--r-- | doc/cha-gtls-app.texi | 4 |
2 files changed, 13 insertions, 0 deletions
@@ -5,6 +5,15 @@ Copyright (C) 2000-2016 Free Software Foundation, Inc. Copyright (C) 2013-2019 Nikos Mavrogiannopoulos See the end for copying conditions. +* Version 3.8.1 (unreleased) + +** libgnutls: ClientHello extensions are randomized by default + To make fingerprinting harder, TLS extensions in ClientHello + messages are shuffled. As this behavior may cause compatibility + issue with legacy applications that do not accept the last + extension without payload, the behavior can be reverted with the + %NO_SHUFFLE_EXTENSIONS priority keyword. + * Version 3.8.0 (released 2023-02-09) ** libgnutls: Fix a Bleichenbacher oracle in the TLS RSA key exchange. diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi index 77727a44ec..692cf7cde0 100644 --- a/doc/cha-gtls-app.texi +++ b/doc/cha-gtls-app.texi @@ -1552,6 +1552,10 @@ that TLS 1.2 requires extensions to be used, as well as safe renegotiation thus this option must be used with care. When this option is set no versions later than TLS1.2 can be negotiated. +@item %NO_SHUFFLE_EXTENSIONS @tab +will prevent randomizing the order of ClientHello extensions. By +default, those extensions are randomized to make fingerprinting harder. + @item %NO_STATUS_REQUEST @tab will prevent sending of the TLS status_request extension in client side. |