diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2020-01-13 22:42:17 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2020-01-13 22:42:17 +0000 |
commit | 0ddd79afb47149cd49690b3a89b9a8ca79acd29b (patch) | |
tree | 31d489b262728869db18fc9aa35d77c1d1caae24 /doc | |
parent | 6dbe291c8d264ee90d16331b80b1743c2de52a15 (diff) | |
parent | 454eb184f0c2255a9d33fbdd096906b8e18ef582 (diff) | |
download | gnutls-0ddd79afb47149cd49690b3a89b9a8ca79acd29b.tar.gz |
Merge branch 'override-default-priority' into 'master'
libgnutls: Add system-wide default-priority-string override.
See merge request gnutls/gnutls!1158
Diffstat (limited to 'doc')
-rw-r--r-- | doc/cha-config.texi | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/doc/cha-config.texi b/doc/cha-config.texi index 3cc568a607..f094407900 100644 --- a/doc/cha-config.texi +++ b/doc/cha-config.texi @@ -25,6 +25,7 @@ used can be queried using @funcref{gnutls_get_system_config_file}. * Disabling algorithms and protocols:: * Querying for disabled algorithms and protocols:: * Overriding the parameter verification profile:: +* Overriding the default priority string:: @end menu @node Application-specific priority strings @@ -156,3 +157,18 @@ using the following. min-verification-profile = legacy @end example + +@node Overriding the default priority string +@section Overriding the default priority string + +GnuTLS uses default priority string which is defined at compiled +time. Usually it is set to @code{NORMAL}. This override allows to set +the default priority string to something more appropriate for a given +deployment. + +Below example sets a more specific default priority string. +@example +[overrides] +default-priority-string = SECURE128:-VERS-TLS-ALL:+VERS-TLS1.3 + +@end example |