* net/gnutls.el (gnutls-min-prime-bits): Default to 256.

Fixes: debbugs:11267

2 files changed, 9 insertions, 7 deletions

diff --git a/lisp/ChangeLog b/lisp/ChangeLog
index 93127c43783..d6c5b0e9886 100644
--- a/lisp/ChangeLog
+++ b/lisp/ChangeLog
@@ -1,3 +1,7 @@
+2012-05-15  Chong Yidong  <cyd@gnu.org>
+
+        * net/gnutls.el (gnutls-min-prime-bits): Default to 256 (Bug#11267).
+
 2012-05-06  Troels Nielsen  <bn.troels@gmail.com>  (tiny change)
 
         * progmodes/compile.el (compilation-internal-error-properties):
diff --git a/lisp/net/gnutls.el b/lisp/net/gnutls.el
index 1bc319c796e..92400730f56 100644
--- a/lisp/net/gnutls.el
+++ b/lisp/net/gnutls.el
@@ -66,14 +66,12 @@ The files may not exist, in which case they will be ignored."
                  (repeat (file :tag "Bundle filename"))))
 
 ;;;###autoload
-(defcustom gnutls-min-prime-bits nil
-  "The minimum number of bits to be used in Diffie-Hellman key exchange.
+(defcustom gnutls-min-prime-bits 256
+  "Minimum number of bits to be used in Diffie-Hellman key exchange.
+During a client-server handshake, if the server sends a prime
+with fewer than this number of bits, the handshake will fail.
 
-This sets the minimum accepted size of the key to be used in a
-client-server handshake.  If the server sends a prime with fewer than
-the specified number of bits the handshake will fail.
-
-A value of nil says to use the default gnutls value."
+A value of nil says to use the default GnuTLS value."
   :type '(choice (const :tag "Use default value" nil)
                  (integer :tag "Number of bits" 512))
   :group 'gnutls)