Merge branch 'ossfuzz-9673-bookmark-date-overflow' into 'master'
gtimer: Add overflow checks to g_time_val_from_iso8601()
See merge request GNOME/glib!225
diff --git a/gio/gtlsclientconnection.c b/gio/gtlsclientconnection.c
index f80c625..b38fad6 100644
--- a/gio/gtlsclientconnection.c
+++ b/gio/gtlsclientconnection.c
@@ -105,14 +105,7 @@
*
* If %TRUE, forces the connection to use a fallback version of TLS
* or SSL, rather than trying to negotiate the best version of TLS
- * to use. This can be used when talking to servers that don't
- * implement version negotiation correctly and therefore refuse to
- * handshake at all with a modern TLS handshake.
- *
- * Despite the property name, the fallback version is usually not
- * SSL 3.0, because SSL 3.0 is generally disabled by the #GTlsBackend.
- * #GTlsClientConnection will use the next-highest available version
- * as the fallback version.
+ * to use. See g_tls_client_connection_set_use_ssl3().
*
* Since: 2.28
*
@@ -304,14 +297,19 @@
* @conn: the #GTlsClientConnection
* @use_ssl3: whether to use the lowest-supported protocol version
*
- * If @use_ssl3 is %TRUE, this forces @conn to use the lowest-supported
- * TLS protocol version rather than trying to properly negotiate the
- * highest mutually-supported protocol version with the peer. This can
- * be used when talking to broken TLS servers that exhibit protocol
- * version intolerance.
+ * Since 2.42.1, if @use_ssl3 is %TRUE, this forces @conn to use the
+ * lowest-supported TLS protocol version rather than trying to properly
+ * negotiate the highest mutually-supported protocol version with the
+ * peer. Be aware that SSL 3.0 is generally disabled by the
+ * #GTlsBackend, so the lowest-supported protocol version is probably
+ * not SSL 3.0.
*
- * Be aware that SSL 3.0 is generally disabled by the #GTlsBackend, so
- * the lowest-supported protocol version is probably not SSL 3.0.
+ * Since 2.58, this may additionally cause an RFC 7507 fallback SCSV to
+ * be sent to the server, causing modern TLS servers to immediately
+ * terminate the connection. You should generally only use this function
+ * if you need to connect to broken servers that exhibit TLS protocol
+ * version intolerance, and when an initial attempt to connect to a
+ * server normally has already failed.
*
* Since: 2.28
*
diff --git a/gio/gtlsconnection.c b/gio/gtlsconnection.c
index e13d986..b0353af 100644
--- a/gio/gtlsconnection.c
+++ b/gio/gtlsconnection.c
@@ -674,7 +674,8 @@
* @conn: a #GTlsConnection
* @mode: the rehandshaking mode
*
- * Sets how @conn behaves with respect to rehandshaking requests.
+ * Sets how @conn behaves with respect to rehandshaking requests, when
+ * TLS 1.2 or older is in use.
*
* %G_TLS_REHANDSHAKE_NEVER means that it will never agree to
* rehandshake after the initial handshake is complete. (For a client,
@@ -756,7 +757,8 @@
* the beginning of the communication, you do not need to call this
* function explicitly unless you want clearer error reporting.
* However, you may call g_tls_connection_handshake() later on to
- * renegotiate parameters (encryption methods, etc) with the client.
+ * rehandshake, if TLS 1.2 or older is in use. With TLS 1.3, this will
+ * instead perform a rekey.
*
* #GTlsConnection::accept_certificate may be emitted during the
* handshake.
diff --git a/glib/gbytes.c b/glib/gbytes.c
index 74f8148..7b72886 100644
--- a/glib/gbytes.c
+++ b/glib/gbytes.c
@@ -403,10 +403,18 @@
*
* Compares the two #GBytes values.
*
- * This function can be used to sort GBytes instances in lexographical order.
+ * This function can be used to sort GBytes instances in lexicographical order.
*
- * Returns: a negative value if bytes2 is lesser, a positive value if bytes2 is
- * greater, and zero if bytes2 is equal to bytes1
+ * If @bytes1 and @bytes2 have different length but the shorter one is a
+ * prefix of the longer one then the shorter one is considered to be less than
+ * the longer one. Otherwise the first byte where both differ is used for
+ * comparison. If @bytes1 has a smaller value at that position it is
+ * considered less, otherwise greater than @bytes2.
+ *
+ * Returns: a negative value if @bytes1 is less than @bytes2, a positive value
+ * if @bytes1 is greater than @bytes2, and zero if @bytes1 is equal to
+ * @bytes2
+ *
*
* Since: 2.32
*/
