diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2019-01-10 07:56:17 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2019-01-10 07:58:12 +0100 |
commit | 8409f849969b460b49fc6904b0340d84a2689aeb (patch) | |
tree | d64dcbe8ad37b1921bd751d462e734f8d725ec3b /doc | |
parent | d894fed388b8d267df47a472e5d3055f8c35bbd6 (diff) | |
download | gnutls-8409f849969b460b49fc6904b0340d84a2689aeb.tar.gz |
The flag %NO_EXTENSIONS is disabling extension support while being functionaltmp-fix-no-extensions
That is, the %NO_EXTENSIONS option is the only documented way to disable
extensions completely from a session. Clarify that message, mention that
its behavior is undefined when combine with TLS1.3, and make sure that it
is functional. The latter makes sure that safe renegotiation and extended
master secret extensions remain disabled when this flag is given.
That simplifies testing certain scenarios under TLS1.0 or TLS1.1 when
no extensions must be used.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Diffstat (limited to 'doc')
-rw-r--r-- | doc/cha-gtls-app.texi | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi index 393283e0c9..8d5d9b7cfa 100644 --- a/doc/cha-gtls-app.texi +++ b/doc/cha-gtls-app.texi @@ -1507,7 +1507,8 @@ with %COMPAT. @item %NO_EXTENSIONS @tab will prevent the sending of any TLS extensions in client side. Note that TLS 1.2 requires extensions to be used, as well as safe -renegotiation thus this option must be used with care. +renegotiation thus this option must be used with care. When this option +is set with TLS1.3 enabled the session behavior is undefined. @item %NO_TICKETS @tab will prevent the advertizing of the TLS session ticket extension. |