Modifier GNUTLS_NO_EXTENSIONS renamed to GNUTLS_NO_DEFAULT_EXTENSIONS

Signed-off-by: peonix <ajeetsinghchahar2@gmail.com>

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 300f98ee2be4f09e32d7137dc88b654d87a59919..ff7a747fc21600e135c55094509bee8a03778ff4 100644 (file)
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -219,7 +219,7 @@ as in the example below. The detailed form is documented on `doc/scripts/gdoc`.
  *
  * Note that since version 3.1.2 this function enables some common
  * TLS extensions such as session tickets and OCSP certificate status
- * request in client side by default. To prevent that use the %GNUTLS_NO_EXTENSIONS
+ * request in client side by default. To prevent that use the %GNUTLS_NO_DEFAULT_EXTENSIONS
  * flag.
  *
  * Returns: %GNUTLS_E_SUCCESS on success, or a negative error code.

diff --git a/NEWS b/NEWS
index 2c6f448984c2482a00d57115a845a44f0447dcb8..331c8074c8028539022eb29161e0f1a3039a309d 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -2997,7 +2997,7 @@ response corresponds to the given certificate.
 
 ** libgnutls: In client side gnutls_init() enables the session ticket and
 OCSP certificate status request extensions by default. The flag
-GNUTLS_NO_EXTENSIONS can be used to prevent that.
+GNUTLS_NO_DEFAULT_EXTENSIONS can be used to prevent that.
 
 ** libgnutls: Several updates in the OpenPGP code. The generating code
 is fully RFC6091 compliant and RFC5081 support is only supported in client

diff --git a/lib/ext/ext_master_secret.c b/lib/ext/ext_master_secret.c
index a438cd7b180187b01be5ac5432893ab5befc0160..95e64bd0d7fc9019a57fef3555e2bc4a541c1fab 100644 (file)
--- a/lib/ext/ext_master_secret.c
+++ b/lib/ext/ext_master_secret.c
@@ -74,7 +74,7 @@ _gnutls_ext_master_secret_recv_params(gnutls_session_t session,
 {
        ssize_t data_size = _data_size;
 
-       if ((session->internals.flags & GNUTLS_NO_EXTENSIONS) ||
+       if ((session->internals.flags & GNUTLS_NO_DEFAULT_EXTENSIONS) ||
            session->internals.priorities->no_extensions ||
            session->internals.no_ext_master_secret != 0) {
                return 0;
@@ -106,7 +106,7 @@ static int
 _gnutls_ext_master_secret_send_params(gnutls_session_t session,
                                      gnutls_buffer_st * extdata)
 {
-       if ((session->internals.flags & GNUTLS_NO_EXTENSIONS) ||
+       if ((session->internals.flags & GNUTLS_NO_DEFAULT_EXTENSIONS) ||
            session->internals.priorities->no_extensions != 0 ||
            session->internals.no_ext_master_secret != 0) {
                session->security_parameters.ext_master_secret = 0;

diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index c3ff442cb7313bd05b3fcc01c8cb09e8c81cf87e..64098c5b36956d9c175ab22ba8e1b5b2d025da82 100644 (file)
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -438,7 +438,7 @@ typedef enum {
  * @GNUTLS_DATAGRAM: Connection is datagram oriented (DTLS). Since 3.0.0.
  * @GNUTLS_NONBLOCK: Connection should not block. Since 3.0.0.
  * @GNUTLS_NO_SIGNAL: In systems where SIGPIPE is delivered on send, it will be disabled. That flag has effect in systems which support the MSG_NOSIGNAL sockets flag (since 3.4.2).
- * @GNUTLS_NO_EXTENSIONS: Do not enable any TLS extensions by default (since 3.1.2). As TLS 1.2 and later require extensions this option is considered obsolete and should not be used.
+ * @GNUTLS_NO_DEFAULT_EXTENSIONS: Do not enable any TLS extensions by default (since 3.1.2). As TLS 1.2 and later require extensions this option is considered obsolete and should not be used.
  * @GNUTLS_NO_REPLAY_PROTECTION: Disable any replay protection in DTLS. This must only be used if  replay protection is achieved using other means. Since 3.2.2.
  * @GNUTLS_ALLOW_ID_CHANGE: Allow the peer to replace its certificate, or change its ID during a rehandshake. This change is often used in attacks and thus prohibited by default. Since 3.5.0.
  * @GNUTLS_ENABLE_FALSE_START: Enable the TLS false start on client side if the negotiated ciphersuites allow it. This will enable sending data prior to the handshake being complete, and may introduce a risk of crypto failure when combined with certain key exchanged; for that GnuTLS may not enable that option in ciphersuites that are known to be not safe for false start. Since 3.5.0.
@@ -499,7 +499,7 @@ typedef enum {
        GNUTLS_CLIENT = (1 << 1),
        GNUTLS_DATAGRAM = (1 << 2),
        GNUTLS_NONBLOCK = (1 << 3),
-       GNUTLS_NO_EXTENSIONS = (1 << 4),
+       GNUTLS_NO_DEFAULT_EXTENSIONS = (1 << 4),
        GNUTLS_NO_REPLAY_PROTECTION = (1 << 5),
        GNUTLS_NO_SIGNAL = (1 << 6),
        GNUTLS_ALLOW_ID_CHANGE = (1 << 7),
@@ -528,7 +528,7 @@ typedef enum {
 # define GNUTLS_CLIENT (1<<1)
 # define GNUTLS_DATAGRAM (1<<2)
 # define GNUTLS_NONBLOCK (1<<3)
-# define GNUTLS_NO_EXTENSIONS (1<<4)
+# define GNUTLS_NO_DEFAULT_EXTENSIONS (1<<4)
 # define GNUTLS_NO_REPLAY_PROTECTION (1<<5)
 # define GNUTLS_NO_SIGNAL (1<<6)
 # define GNUTLS_ALLOW_ID_CHANGE (1<<7)

diff --git a/lib/state.c b/lib/state.c
index 631299846b2e735225e523f3d8be32deb0072ddf..5d732b0f17521fab1c83a0390d82971859ad0fa9 100644 (file)
--- a/lib/state.c
+++ b/lib/state.c
@@ -556,7 +556,7 @@ void _gnutls_handshake_internal_state_clear(gnutls_session_t session)
  *
  * Note that since version 3.1.2 this function enables some common
  * TLS extensions such as session tickets and OCSP certificate status
- * request in client side by default. To prevent that use the %GNUTLS_NO_EXTENSIONS
+ * request in client side by default. To prevent that use the %GNUTLS_NO_DEFAULT_EXTENSIONS
  * flag.
  *
  * Note that it is never mandatory to use gnutls_deinit() after this
@@ -718,7 +718,7 @@ int gnutls_init(gnutls_session_t * session, unsigned int flags)
        }
 
        /* Enable useful extensions */
-       if ((flags & GNUTLS_CLIENT) && !(flags & GNUTLS_NO_EXTENSIONS)) {
+       if ((flags & GNUTLS_CLIENT) && !(flags & GNUTLS_NO_DEFAULT_EXTENSIONS)) {
 #ifdef ENABLE_OCSP
                if (!(flags & GNUTLS_NO_STATUS_REQUEST))
                        gnutls_ocsp_status_request_enable_client(*session, NULL,

diff --git a/src/cli.c b/src/cli.c
index 3579e1a73a90704e7749b765f47562a5179061f6..f1eda4680f8e1a5339789afa1f8725491bb0edd3 100644 (file)
--- a/src/cli.c
+++ b/src/cli.c
@@ -1705,7 +1705,7 @@ static void cmd_parser(int argc, char **argv)
        disable_sni = HAVE_OPT(DISABLE_SNI);
        disable_extensions = HAVE_OPT(DISABLE_EXTENSIONS);
        if (disable_extensions)
-               init_flags |= GNUTLS_NO_EXTENSIONS;
+               init_flags |= GNUTLS_NO_DEFAULT_EXTENSIONS;
 
        if (HAVE_OPT(SINGLE_KEY_SHARE))
                init_flags |= GNUTLS_KEY_SHARE_TOP;

diff --git a/tests/status-request-revoked.c b/tests/status-request-revoked.c
index cf4c8fcb2a9ebe90114b9ad6870dc5e2413d603d..657dd9faf317b61e98954036b490c2e52a202bcb 100644 (file)
--- a/tests/status-request-revoked.c
+++ b/tests/status-request-revoked.c
@@ -51,7 +51,7 @@ int main(void)
 # include "utils.h"
 
 /* This program tests that the client does not send the
- * status request extension if GNUTLS_NO_EXTENSIONS is set.
+ * status request extension if GNUTLS_NO_DEFAULT_EXTENSIONS is set.
  */
 
 static void server_log_func(int level, const char *str)

diff --git a/tests/status-request.c b/tests/status-request.c
index 5c165ae5f0672c24aab5df6cb72869325be2c25a..5caeef22473c2b9467c099575b52cf800936cdfe 100644 (file)
--- a/tests/status-request.c
+++ b/tests/status-request.c
@@ -51,7 +51,7 @@ int main(void)
 # include "utils.h"
 
 /* This program tests that the client does not send the
- * status request extension if GNUTLS_NO_EXTENSIONS is set.
+ * status request extension if GNUTLS_NO_DEFAULT_EXTENSIONS is set.
  */
 
 static void server_log_func(int level, const char *str)
@@ -107,7 +107,7 @@ static void client(int fd, const char *prio)
 
        /* Initialize TLS session
         */
-       assert(gnutls_init(&session, GNUTLS_CLIENT | GNUTLS_NO_EXTENSIONS) >=
+       assert(gnutls_init(&session, GNUTLS_CLIENT | GNUTLS_NO_DEFAULT_EXTENSIONS) >=
               0);
 
        assert(gnutls_priority_set_direct(session, prio, NULL) >= 0);