Sets how @conn behaves with respect to rehandshaking requests, when
TLS 1.2 or older is in use.
%G_TLS_REHANDSHAKE_NEVER means that it will never agree to
rehandshake after the initial handshake is complete. (For a client,
this means it will refuse rehandshake requests from the server, and
for a server, this means it will close the connection with an error
if the client attempts to rehandshake.)
%G_TLS_REHANDSHAKE_SAFELY means that the connection will allow a
rehandshake only if the other end of the connection supports the
TLS renegotiation_info extension. This is the default behavior,
but means that rehandshaking will not work against older
implementations that do not support that extension.
%G_TLS_REHANDSHAKE_UNSAFELY means that the connection will allow
rehandshaking even without the renegotiation_info extension. On
the server side in particular, this is not recommended, since it
leaves the server open to certain attacks. However, this mode is
necessary if you need to allow renegotiation with older client
software.
Deprecated: Changing the rehandshake mode is no longer
required for compatibility. Also, rehandshaking has been removed
from the TLS protocol in TLS 1.3.
Sets how @conn behaves with respect to rehandshaking requests, when TLS 1.2 or older is in use.
%G_TLS_REHANDSHAKE_NEVER means that it will never agree to rehandshake after the initial handshake is complete. (For a client, this means it will refuse rehandshake requests from the server, and for a server, this means it will close the connection with an error if the client attempts to rehandshake.)
%G_TLS_REHANDSHAKE_SAFELY means that the connection will allow a rehandshake only if the other end of the connection supports the TLS renegotiation_info extension. This is the default behavior, but means that rehandshaking will not work against older implementations that do not support that extension.
%G_TLS_REHANDSHAKE_UNSAFELY means that the connection will allow rehandshaking even without the renegotiation_info extension. On the server side in particular, this is not recommended, since it leaves the server open to certain attacks. However, this mode is necessary if you need to allow renegotiation with older client software.