Update PORTING.md for the new renego API.
SSL_set_renegotiate_mode to avoid my original double-negative confusion.
Change-Id: I23537aeac53c4969fd81307a676f33d6768da55f
Reviewed-on: https://boringssl-review.googlesource.com/6322
Reviewed-by: Adam Langley <alangley@gmail.com>
diff --git a/PORTING.md b/PORTING.md
index cf84115..b3e50d7 100644
--- a/PORTING.md
+++ b/PORTING.md
@@ -103,11 +103,12 @@
from the peer transparently. Renegotiation is an extremely problematic protocol
feature, so BoringSSL rejects peer renegotiations by default.
-To enable renegotiation, call `SSL_set_reject_peer_renegotiations` and set it to
-off. Renegotiation is only supported as a client in SSL3/TLS and the
-HelloRequest must be received at a quiet point in the application protocol. This
-is sufficient to support the common use of requesting a new client certificate
-between an HTTP request and response in (unpipelined) HTTP/1.1.
+To enable renegotiation, call `SSL_set_renegotiate_mode` and set it to
+`ssl_renegotiate_once` or `ssl_renegotiate_freely`. Renegotiation is only
+supported as a client in SSL3/TLS and the HelloRequest must be received at a
+quiet point in the application protocol. This is sufficient to support the
+common use of requesting a new client certificate between an HTTP request and
+response in (unpipelined) HTTP/1.1.
Things which do not work:
