<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">
<html lang="en">
<head>
<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">
<title>
GitLab
</title>










<style>img {
max-width: 100%; height: auto;
}
</style>
</head>
<body>
<div class="content">

<table border="0" cellpadding="0" cellspacing="0" style="width: 100%; border-collapse: separate; border-spacing: 0; margin: 0 auto;">
<tbody>
<tr>
<td style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; overflow: hidden;" align="left" bgcolor="#ffffff">
<table border="0" cellpadding="0" cellspacing="0" style="width: 100%; border-collapse: separate; border-spacing: 0;">
<tbody>
<tr>
<td style="color: #333333; border-bottom-width: 1px; border-bottom-color: #ededed; border-bottom-style: solid; font-size: 15px; font-weight: bold; line-height: 1.4; padding: 20px 0;">
Merge request <a href="https://gitlab.com/gnutls/gnutls/-/merge_requests/1427">!1427</a> was reviewed by <a href="https://gitlab.com/asosedkin">Alexander Sosedkin</a>
</td>
</tr>
<tr>
<td style="overflow: hidden; font-size: 14px; line-height: 1.4; display: grid;">
<p style="color: #777777;">
<a href="https://gitlab.com/asosedkin">Alexander Sosedkin</a>
started a new
discussion on <a href="https://gitlab.com/gnutls/gnutls/-/merge_requests/1427#note_744259749">doc/cha-config.texi</a>:
</p>
<table>
<tr class="line_holder" id="">
<td class="old_line diff-line-num" data-linenumber="86" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
86
</td>
<td class="new_line diff-line-num" data-linenumber="87" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
87
</td>
<td class="line_content" style="padding-left: 0.5em; padding-right: 0.5em;">
<pre style="margin: 0;"> <span id="LC87" class="line" lang="plaintext"></span>
</pre>
</td>
</tr>
<tr class="line_holder" id="">
<td class="old_line diff-line-num" data-linenumber="87" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
87
</td>
<td class="new_line diff-line-num" data-linenumber="88" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
88
</td>
<td class="line_content" style="padding-left: 0.5em; padding-right: 0.5em;">
<pre style="margin: 0;"> <span id="LC88" class="line" lang="plaintext">The valid values for the options above can be found in the 'Protocols', 'Digests'</span>
</pre>
</td>
</tr>
<tr class="line_holder" id="">
<td class="old_line diff-line-num" data-linenumber="88" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
88
</td>
<td class="new_line diff-line-num" data-linenumber="89" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
89
</td>
<td class="line_content" style="padding-left: 0.5em; padding-right: 0.5em;">
<pre style="margin: 0;"> <span id="LC89" class="line" lang="plaintext">'PK-signatures', 'Protocols', 'Ciphrers', and 'MACs' fields of the output of @code{gnutls-cli --list}.</span>
</pre>
</td>
</tr>

</table>
<div style="border-bottom-width: 1px; border-bottom-color: #ededed; border-bottom-style: solid;">
<p dir="auto">unrelated typo (<code>Ciphrers</code>)</p>
</div>

<p style="color: #777777;">
<a href="https://gitlab.com/asosedkin">Alexander Sosedkin</a>
started a new
discussion on <a href="https://gitlab.com/gnutls/gnutls/-/merge_requests/1427#note_744259750">doc/cha-config.texi</a>:
</p>
<table>
<tr class="line_holder new" id="">
<td class="old_line diff-line-num new" data-linenumber="90" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="new_line diff-line-num new" data-linenumber="96" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
96
</td>
<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC96" class="line" lang="plaintext">insecure or disabled, and shall be explicitly turned on by the options</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="old_line diff-line-num new" data-linenumber="90" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="new_line diff-line-num new" data-linenumber="97" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
97
</td>
<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC97" class="line" lang="plaintext">in the @code{[overrides]} section. Those options are mutually</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="old_line diff-line-num new" data-linenumber="90" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="new_line diff-line-num new" data-linenumber="98" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
98
</td>
<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC98" class="line" lang="plaintext">exclusive to the above ones for the blocklisting mode (the default)</span>
</pre>
</td>
</tr>

</table>
<div style="border-bottom-width: 1px; border-bottom-color: #ededed; border-bottom-style: solid;">
<p dir="auto">That still sounds like one can mix, e.g., <code>secure</code>/<code>insecure</code> options as long as they refer to different classes of algorithms. Maybe better state the modes are mutually exclusive, not options.</p>
</div>

<p style="color: #777777;">
<a href="https://gitlab.com/asosedkin">Alexander Sosedkin</a>
started a new
discussion on <a href="https://gitlab.com/gnutls/gnutls/-/merge_requests/1427#note_744259751">doc/cha-config.texi</a>:
</p>
<table>
<tr class="line_holder" id="">
<td class="old_line diff-line-num" data-linenumber="121" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
121
</td>
<td class="new_line diff-line-num" data-linenumber="149" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
149
</td>
<td class="line_content" style="padding-left: 0.5em; padding-right: 0.5em;">
<pre style="margin: 0;"> <span id="LC149" class="line" lang="plaintext">@end example</span>
</pre>
</td>
</tr>
<tr class="line_holder" id="">
<td class="old_line diff-line-num" data-linenumber="122" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
122
</td>
<td class="new_line diff-line-num" data-linenumber="150" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">
150
</td>
<td class="line_content" style="padding-left: 0.5em; padding-right: 0.5em;">
<pre style="margin: 0;"> <span id="LC150" class="line" lang="plaintext"></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="old_line diff-line-num new" data-linenumber="123" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="new_line diff-line-num new" data-linenumber="151" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
151
</td>
<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC151" class="line" lang="plaintext">The following example demonstrates the use of the allowlisting</span>
</pre>
</td>
</tr>

</table>
<div style="border-bottom-width: 1px; border-bottom-color: #ededed; border-bottom-style: solid;">
<p dir="auto">Would it be beneficial to provide a longer example that allows TLS with at least one ciphersuite?</p>
</div>

<p style="color: #777777;">
<a href="https://gitlab.com/asosedkin">Alexander Sosedkin</a>
started a new
discussion on <a href="https://gitlab.com/gnutls/gnutls/-/merge_requests/1427#note_744259752">doc/cha-config.texi</a>:
</p>
<table>
<tr class="line_holder new" id="">
<td class="old_line diff-line-num new" data-linenumber="90" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="new_line diff-line-num new" data-linenumber="112" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
112
</td>
<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC112" class="line" lang="plaintext">allowlist} in the @code{[global]} section.</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="old_line diff-line-num new" data-linenumber="90" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="new_line diff-line-num new" data-linenumber="113" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
113
</td>
<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC113" class="line" lang="plaintext"></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="old_line diff-line-num new" data-linenumber="90" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="new_line diff-line-num new" data-linenumber="114" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
114
</td>
<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC114" class="line" lang="plaintext">When the allowlisting mode is in effect, it is also possible for the applications to modify the setting through the API.</span>
</pre>
</td>
</tr>

</table>
<div style="border-bottom-width: 1px; border-bottom-color: #ededed; border-bottom-style: solid;">
<p dir="auto">Should we spell out that this is in addition to priority string appending + has to happen beforehand?</p>
</div>

<p style="color: #777777;">
<a href="https://gitlab.com/asosedkin">Alexander Sosedkin</a>
started a new
discussion on <a href="https://gitlab.com/gnutls/gnutls/-/merge_requests/1427#note_744259753">lib/algorithms/ecc.c</a>:
</p>
<table>
<tr class="line_holder new" id="">
<td class="old_line diff-line-num new" data-linenumber="363" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="new_line diff-line-num new" data-linenumber="388" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
388
</td>
<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC388" class="line" lang="c"><span class="cm" style="color: #998; font-style: italic;"> * enabled or disabled.  This only has effect when the curve is</span></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="old_line diff-line-num new" data-linenumber="363" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="new_line diff-line-num new" data-linenumber="389" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
389
</td>
<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC389" class="line" lang="c"><span class="cm" style="color: #998; font-style: italic;"> * enabled through the allowlisting mode in the configuration file, or</span></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="old_line diff-line-num new" data-linenumber="363" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="new_line diff-line-num new" data-linenumber="390" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
390
</td>
<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC390" class="line" lang="c"><span class="cm" style="color: #998; font-style: italic;"> * the setting is modified with a prior call to this function.</span></span>
</pre>
</td>
</tr>

</table>
<div style="border-bottom-width: 1px; border-bottom-color: #ededed; border-bottom-style: solid;">
<p dir="auto">Really minor: I'd write "or when" here and not just "or" to prevent reading "A when B or C" as "(A when B), otherwise C" instead of "A when (either B or C)".</p>
</div>

<p style="color: #777777;">
<a href="https://gitlab.com/asosedkin">Alexander Sosedkin</a>
started a new
discussion on <a href="https://gitlab.com/gnutls/gnutls/-/merge_requests/1427#note_744259755">doc/cha-config.texi</a>:
</p>
<table>
<tr class="line_holder new" id="">
<td class="old_line diff-line-num new" data-linenumber="90" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="new_line diff-line-num new" data-linenumber="112" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
112
</td>
<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC112" class="line" lang="plaintext">allowlist} in the @code{[global]} section.</span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="old_line diff-line-num new" data-linenumber="90" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="new_line diff-line-num new" data-linenumber="113" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
113
</td>
<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC113" class="line" lang="plaintext"></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="old_line diff-line-num new" data-linenumber="90" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="new_line diff-line-num new" data-linenumber="114" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
114
</td>
<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC114" class="line" lang="plaintext">When the allowlisting mode is in effect, it is also possible for the applications to modify the setting through the API.</span>
</pre>
</td>
</tr>

</table>
<div style="border-bottom-width: 1px; border-bottom-color: #ededed; border-bottom-style: solid;">
<p dir="auto">Should we put restrictions on the priority string used with allowlisting?</p>
</div>

<p style="color: #777777;">
<a href="https://gitlab.com/asosedkin">Alexander Sosedkin</a>
started a new
discussion on <a href="https://gitlab.com/gnutls/gnutls/-/merge_requests/1427#note_744259756">lib/priority.c</a>:
</p>
<table>
<tr class="line_holder new" id="">
<td class="old_line diff-line-num new" data-linenumber="1064" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="new_line diff-line-num new" data-linenumber="1227" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
1227
</td>
<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC1227" class="line" lang="c"><span class="p">}</span></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="old_line diff-line-num new" data-linenumber="1064" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="new_line diff-line-num new" data-linenumber="1228" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
1228
</td>
<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC1228" class="line" lang="c"></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="old_line diff-line-num new" data-linenumber="1064" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="new_line diff-line-num new" data-linenumber="1229" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
1229
</td>
<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC1229" class="line" lang="c"><span class="cm" style="color: #998; font-style: italic;">/* This function parse the global section of the configuration file.</span></span>
</pre>
</td>
</tr>

</table>
<div style="border-bottom-width: 1px; border-bottom-color: #ededed; border-bottom-style: solid;">
<p dir="auto">s/parse/parses/</p>
</div>

<p style="color: #777777;">
<a href="https://gitlab.com/asosedkin">Alexander Sosedkin</a>
started a new
discussion on <a href="https://gitlab.com/gnutls/gnutls/-/merge_requests/1427#note_744259758">lib/priority.c</a>:
</p>
<table>
<tr class="line_holder old" id="">
<td class="old_line diff-line-num old" data-linenumber="1499" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
1499
</td>
<td class="new_line diff-line-num old" data-linenumber="2069" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #fac5cd; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#f9d7dc">
 
</td>
<td class="line_content old" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#fbe9eb">
<pre style="margin: 0;">-<span id="LC1499" class="line" lang="c">           <span class="idiff left deletion">                       </span> <span class="n" style="color: #333;">ss</span><span class="p">,</span> <span class="n" style="color: #333;">ss_len</span><span class="p">)<span class="idiff right deletion">;</span></span></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="old_line diff-line-num new" data-linenumber="1500" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="new_line diff-line-num new" data-linenumber="2069" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
2069
</td>
<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC2069" class="line" lang="c">           <span class="k" style="font-weight: 600;">if</span> <span class="p">(</span><span class="n" style="color: #333;">system_wide_config</span><span class="p">.</span><span class="n" style="color: #333;">allowlisting</span> <span class="o" style="font-weight: 600;">&&</span></span>
</pre>
</td>
</tr>
<tr class="line_holder new" id="">
<td class="old_line diff-line-num new" data-linenumber="1500" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
 
</td>
<td class="new_line diff-line-num new" data-linenumber="2070" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">
2070
</td>
<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">
<pre style="margin: 0;">+<span id="LC2070" class="line" lang="c">           <span class="idiff left addition">    </span><span class="n" style="color: #333;"><span class="idiff addition">ss_len</span></span><span class="idiff addition"> </span><span class="o" style="font-weight: 600;"><span class="idiff addition">==</span></span><span class="idiff addition"> </span><span class="k" style="font-weight: 600;"><span class="idiff addition">sizeof</span></span><span class="p"><span class="idiff addition">(</span></span><span class="n" style="color: #333;"><span class="idiff addition">LEVEL_SYSTEM</span></span><span class="p"><span class="idiff addition">)</span></span><span class="idiff addition"> </span><span class="o" style="font-weight: 600;"><span class="idiff addition">-</span></span><span class="idiff addition"> </span><span class="mi" style="color: #099;"><span class="idiff addition">1</span></span><span class="idiff addition"> </span><span class="o" style="font-weight: 600;"><span class="idiff right addition">&&</span></span></span>
</pre>
</td>
</tr>

</table>
<div style="border-bottom-width: 1px; border-bottom-color: #ededed; border-bottom-style: solid;">
<p dir="auto">Possible off-by-one?</p>
</div>

<p style="color: #777777;">
<a href="https://gitlab.com/asosedkin">Alexander Sosedkin</a>
<a href="https://gitlab.com/gnutls/gnutls/-/merge_requests/1427#note_744259761">commented</a>:
</p>
<div style="border-bottom-width: 1px; border-bottom-color: #ededed; border-bottom-style: solid;">
<p dir="auto">It's hard to do that, because it's big, because I've spent too much time with it to be a proper critic of it and because I'm the requester =)</p>
<p dir="auto">Nevertheless, I've tried to make one more pass (not too productive) and summarize my thoughts about it:</p>
<ul dir="auto">
<li>small things, mostly in comments: inline</li>
<li>API: r+,
<ul>
<li>(most "eh" thing is that the sign 3-level situation got one notch more confusing with the enable/disable->set transition, but I'm not a fan of exposing a 3-level enum for it either, so, OK?)</li>
</ul>
</li>
<li>Compatibility: r+, it's not going to break existing users unless new format is opted into</li>
<li>Docs: I have reservations
<ul>
<li>I'd still insist on a warning that the mode and the API are new and, IDK, in preview until the next minor release?
<ul>
<li>Partly because it would be awesome to have someone actually use it in an app and report the findings...</li>
<li>... partly because we have some known issues, and I feel we should be upfront about that.</li>
</ul>
</li>
<li>Should we restrict what can be used as SYSTEM value?</li>
<li>new API / priority string interaction must be clarified further
<ul>
<li>calls must happen before setting custom priority strings</li>
<li>subsequent priority string appending overrides both config values and API calls modifications</li>
</ul>
</li>
</ul>
</li>
<li>Known issues I recall having:
<ul>
<li>Sigalgs need to be ordered carefully to avoid duplicates (rhbz1983646)</li>
<li>Something was iffy with enabling sigalgs with priority strings (rhbz1998084)</li>
<li><a href="https://gitlab.com/asosedkin/gnutls/-/commit/55665fd6e25a540e61ef39ee31254e10f22e8814" data-original="Protocol enabling through API was found to not always work as expected" data-link="true" data-link-reference="true" data-project="19721118" data-commit="55665fd6e25a540e61ef39ee31254e10f22e8814" data-reference-type="commit" data-container="body" data-placement="top" title="WIP: tests: add protocol-mark-allowlisting" class="gfm gfm-commit has-tooltip">Protocol enabling through API was found to not always work as expected</a></li>
<li>plus possibly more similarly contained issues of comparable impact, because</li>
</ul>
</li>
<li>Test coverage still needs more work</li>
</ul>
<p dir="auto">My main thesis is, issues "contained" behind a switch are not a blocker for mainlining, but the switch better be temporarily decorated with a warning. Whoever's brave enough to use it first deserves to know what they're heading into.</p>
</div>

</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>

</div>
<div class="footer" style="margin-top: 10px;">
<p style="font-size: small; color: #666;">

<br>
Reply to this email directly or <a href="https://gitlab.com/gnutls/gnutls/-/merge_requests/1427">view it on GitLab</a>.
<br>
You're receiving this email because of your account on gitlab.com.
If you'd like to receive fewer emails, you can
<a href="https://gitlab.com/-/sent_notifications/baa972a6efa0cc6eed8589a678e2158e/unsubscribe">unsubscribe</a>
from this thread or
adjust your notification settings.
<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Merge request","url":"https://gitlab.com/gnutls/gnutls/-/merge_requests/1427"}}</script>


</p>
</div>
</body>
</html>