]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
Restored 3.1.6 defaults and documented fix.
authorNikos Mavrogiannopoulos <nmav@gnutls.org>
Sat, 9 Feb 2013 18:22:25 +0000 (19:22 +0100)
committerNikos Mavrogiannopoulos <nmav@gnutls.org>
Sat, 9 Feb 2013 18:22:25 +0000 (19:22 +0100)
NEWS
lib/algorithms/secparams.c

diff --git a/NEWS b/NEWS
index 8f5367187fac973c1b7c2a85d6a1fddb6b5e7314..50b1dc942af37afc31c44dc9e7a97b05952001c7 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,9 @@ See the end for copying conditions.
 ** Fixed issue in gnutls_x509_privkey_import2() which didn't return
 GNUTLS_E_DECRYPTION_FAILED in all cases.
 
+** libgnutls: The minimum DH bits accepted by priorities NORMAL and
+PERFORMANCE was set to previous defaults 727 bits.
+
 ** API and ABI modifications:
 No changes since last version.
 
index 6bc28d12a6f5b31603c93f03a2bd120e54fc027d..69acb96163e4c25a54b3664b5d57c8630b0b4af7 100644 (file)
@@ -41,7 +41,7 @@ typedef struct
 static const gnutls_sec_params_entry sec_params[] = {
   {"Insecure", GNUTLS_SEC_PARAM_INSECURE, 0, 0, 0, 0, 0},
   {"Export", GNUTLS_SEC_PARAM_EXPORT, 42, 512, 0, 0, 0},
-  {"Very weak", GNUTLS_SEC_PARAM_VERY_WEAK, 64, 768, 0, 0, 0},
+  {"Very weak", GNUTLS_SEC_PARAM_VERY_WEAK, 64, 727, 0, 0, 0},
   {"Weak", GNUTLS_SEC_PARAM_WEAK, 72, 1008, 1024, 160, 160},
   {"Low", GNUTLS_SEC_PARAM_LOW, 80, 1248, 2048, 160, 160}, 
   {"Legacy", GNUTLS_SEC_PARAM_LEGACY, 96, 1776, 2048, 192, 192},