diff options
author | Daiki Ueno <ueno@gnu.org> | 2021-04-29 08:26:46 +0200 |
---|---|---|
committer | Daiki Ueno <ueno@gnu.org> | 2021-05-13 11:19:17 +0200 |
commit | 2d73f89a41d145321e2431c78d7d05956a819db1 (patch) | |
tree | 58976a4f9acb762a3afe488401cc6b3c22cc2736 /lib/includes | |
parent | 6eb9546c5e7e53924f2db6cb3a446bfec6c006e4 (diff) | |
download | gnutls-2d73f89a41d145321e2431c78d7d05956a819db1.tar.gz |
gnutls_init: redefine GNUTLS_ENABLE_EARLY_DATA flag for client
The flag was only for the server, but it turned out to be useful for
client to explicitly indicate early data, when 0-RTT is handled
out-of-band as in QUIC.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Diffstat (limited to 'lib/includes')
-rw-r--r-- | lib/includes/gnutls/gnutls.h.in | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index 4bf949371b..ef33a921c2 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -445,7 +445,9 @@ typedef enum { * finish; similarly to false start the handshake will be completed once data are received by the * client, while the server is able to transmit sooner. This is not enabled by default as it could * break certain existing server assumptions and use-cases. Since 3.6.4. - * @GNUTLS_ENABLE_EARLY_DATA: Under TLS1.3 allow the server to receive early data sent as part of the initial ClientHello (0-RTT). This is not enabled by default as early data has weaker security properties than other data. Since 3.6.5. + * @GNUTLS_ENABLE_EARLY_DATA: Under TLS1.3 allow the server to receive early data sent as part of the initial ClientHello (0-RTT). + * This can also be used to explicitly indicate that the client will send early data. + * This is not enabled by default as early data has weaker security properties than other data. Since 3.6.5. * @GNUTLS_FORCE_CLIENT_CERT: When in client side and only a single cert is specified, send that certificate irrespective of the issuers expected by the server. Since 3.5.0. * @GNUTLS_NO_TICKETS: Flag to indicate that the session should not use resumption with session tickets. * @GNUTLS_KEY_SHARE_TOP3: Generate key shares for the top-3 different groups which are enabled. @@ -475,8 +477,6 @@ typedef enum { * since gnutls_record_recv() could be interrupted when sending when this flag is enabled. * Note this flag may not be used if you are using the same session for sending and receiving * in different threads. - * @GNUTLS_ENABLE_EARLY_DATA: Under TLS1.3 allow the server to receive early data sent as part of the initial ClientHello (0-RTT). - * This is not enabled by default as early data has weaker security properties than other data. Since 3.6.5. * @GNUTLS_ENABLE_RAWPK: Allows raw public-keys to be negotiated during the handshake. Since 3.6.6. * @GNUTLS_NO_AUTO_SEND_TICKET: Under TLS1.3 disable auto-sending of * session tickets during the handshake. |