From: Nikos Mavrogiannopoulos Date: Sun, 29 Dec 2013 08:22:02 +0000 (+0100) Subject: doc update X-Git-Tag: gnutls_3_3_0pre0~394 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=7c45ebbdd877cd994b6b938bd6faef19558a01e1;p=thirdparty%2Fgnutls.git doc update --- diff --git a/lib/ext/dumbfw.c b/lib/ext/dumbfw.c index b67577cca6..2d8c565d7a 100644 --- a/lib/ext/dumbfw.c +++ b/lib/ext/dumbfw.c @@ -24,6 +24,14 @@ #include "gnutls_num.h" #include +/* This extension adds additional padding data in the TLS client hello. + * There is an issue with some firewalls [0] rejecting TLS client hello + * data that are between 256 and 511 bytes, and this extension will + * make sure that client hello isn't in this range. + * + * [0]. http://www.ietf.org/mail-archive/web/tls/current/msg10423.html + */ + static int _gnutls_dumbfw_send_params(gnutls_session_t session, gnutls_buffer_st * extdata);