dh params: document DH param setting functions as deprecated

They are no longer useful after the RFC7919 DH parameter negotiation. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-08-22 08:48:03 +0200
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-08-22 08:55:37 +0200
commit: 356674a7ceaa4c4ecb3f478d0d3b3cc682a1540c (patch)
tree: adec29efbc92e162b19e8725ea69b7011ec3692f
parent: 8152376033d28c65c43006d3536e124a88441464 (diff)
download: gnutls-356674a7ceaa4c4ecb3f478d0d3b3cc682a1540c.tar.gz
4 files changed, 50 insertions, 0 deletions
diff --git a/lib/anon_cred.c b/lib/anon_cred.c
index fbf64fb3c3..8eae54d0e3 100644
--- a/lib/anon_cred.c
+++ b/lib/anon_cred.c
@@ -108,6 +108,10 @@ gnutls_anon_allocate_client_credentials(gnutls_anon_client_credentials_t *
  * This function will set the Diffie-Hellman parameters for an
  * anonymous server to use.  These parameters will be used in
  * Anonymous Diffie-Hellman cipher suites.
+ *
+ * Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
+ * or later. Since 3.6.0, DH parameters are negotiated
+ * following RFC7919.
  **/
 void
 gnutls_anon_set_server_dh_params(gnutls_anon_server_credentials_t res,
@@ -133,6 +137,10 @@ gnutls_anon_set_server_dh_params(gnutls_anon_server_credentials_t res,
  * Anonymous Diffie-Hellman cipher suites and will be selected from
  * the FFDHE set of RFC7919 according to the security level provided.
  *
+ * Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
+ * or later. Since 3.6.0, DH parameters are negotiated
+ * following RFC7919.
+ *
  * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
  *   negative error value.
  *
@@ -155,6 +163,11 @@ gnutls_anon_set_server_known_dh_params(gnutls_anon_server_credentials_t res,
  * This function will set a callback in order for the server to get
  * the Diffie-Hellman parameters for anonymous authentication.  The
  * callback should return %GNUTLS_E_SUCCESS (0) on success.
+ *
+ * Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
+ * or later. Since 3.6.0, DH parameters are negotiated
+ * following RFC7919.
+ *
  **/
 void
 gnutls_anon_set_server_params_function(gnutls_anon_server_credentials_t
@@ -171,6 +184,11 @@ gnutls_anon_set_server_params_function(gnutls_anon_server_credentials_t
  * This function will set a callback in order for the server to get
  * the Diffie-Hellman or RSA parameters for anonymous authentication.
  * The callback should return %GNUTLS_E_SUCCESS (0) on success.
+ *
+ * Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
+ * or later. Since 3.6.0, DH parameters are negotiated
+ * following RFC7919.
+ *
  **/
 void
 gnutls_anon_set_params_function(gnutls_anon_server_credentials_t res,
diff --git a/lib/cert-session.c b/lib/cert-session.c
index 51b249f78f..1ba55fa448 100644
--- a/lib/cert-session.c
+++ b/lib/cert-session.c
@@ -130,6 +130,11 @@ int gnutls_certificate_client_get_request_status(gnutls_session_t session)
  * This function will set a callback in order for the server to get
  * the Diffie-Hellman or RSA parameters for certificate
  * authentication.  The callback should return %GNUTLS_E_SUCCESS (0) on success.
+ *
+ * Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
+ * or later. Since 3.6.0, DH parameters are negotiated
+ * following RFC7919.
+ *
  **/
 void
 gnutls_certificate_set_params_function(gnutls_certificate_credentials_t
diff --git a/lib/cert.c b/lib/cert.c
index b966dc212b..fa451da5d5 100644
--- a/lib/cert.c
+++ b/lib/cert.c
@@ -859,6 +859,10 @@ gnutls_certificate_verification_status_print(unsigned int status,
  * to the parameters are stored in the certificate handle, so you
  * must not deallocate the parameters before the certificate is deallocated.
  *
+ * Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
+ * or later. Since 3.6.0, DH parameters are negotiated
+ * following RFC7919.
+ *
  **/
 void
 gnutls_certificate_set_dh_params(gnutls_certificate_credentials_t res,
@@ -885,6 +889,10 @@ gnutls_certificate_set_dh_params(gnutls_certificate_credentials_t res,
  * Ephemeral Diffie-Hellman cipher suites and will be selected from
  * the FFDHE set of RFC7919 according to the security level provided.
  *
+ * Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
+ * or later. Since 3.6.0, DH parameters are negotiated
+ * following RFC7919.
+ *
  * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
  *   negative error value.
  *
diff --git a/lib/psk.c b/lib/psk.c
index b8c27ee3e0..34083c8de7 100644
--- a/lib/psk.c
+++ b/lib/psk.c
@@ -371,6 +371,11 @@ const char *gnutls_psk_client_get_hint(gnutls_session_t session)
  * This function will set the Diffie-Hellman parameters for an
  * anonymous server to use. These parameters will be used in
  * Diffie-Hellman exchange with PSK cipher suites.
+ *
+ * Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
+ * or later. Since 3.6.0, DH parameters are negotiated
+ * following RFC7919.
+ *
  **/
 void
 gnutls_psk_set_server_dh_params(gnutls_psk_server_credentials_t res,
@@ -396,6 +401,10 @@ gnutls_psk_set_server_dh_params(gnutls_psk_server_credentials_t res,
  * Ephemeral Diffie-Hellman cipher suites and will be selected from
  * the FFDHE set of RFC7919 according to the security level provided.
  *
+ * Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
+ * or later. Since 3.6.0, DH parameters are negotiated
+ * following RFC7919.
+ *
  * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
  *   negative error value.
  *
@@ -418,6 +427,11 @@ gnutls_psk_set_server_known_dh_params(gnutls_psk_server_credentials_t res,
  * This function will set a callback in order for the server to get
  * the Diffie-Hellman parameters for PSK authentication.  The callback
  * should return %GNUTLS_E_SUCCESS (0) on success.
+ *
+ * Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
+ * or later. Since 3.6.0, DH parameters are negotiated
+ * following RFC7919.
+ *
  **/
 void
 gnutls_psk_set_server_params_function(gnutls_psk_server_credentials_t res,
@@ -434,6 +448,11 @@ gnutls_psk_set_server_params_function(gnutls_psk_server_credentials_t res,
  * This function will set a callback in order for the server to get
  * the Diffie-Hellman or RSA parameters for PSK authentication.  The
  * callback should return %GNUTLS_E_SUCCESS (0) on success.
+ *
+ * Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
+ * or later. Since 3.6.0, DH parameters are negotiated
+ * following RFC7919.
+ *
  **/
 void
 gnutls_psk_set_params_function(gnutls_psk_server_credentials_t res,
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-08-22 08:48:03 +0200
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-08-22 08:55:37 +0200
commit	356674a7ceaa4c4ecb3f478d0d3b3cc682a1540c (patch)
tree	adec29efbc92e162b19e8725ea69b7011ec3692f
parent	8152376033d28c65c43006d3536e124a88441464 (diff)
download	gnutls-356674a7ceaa4c4ecb3f478d0d3b3cc682a1540c.tar.gz