ShadowySpirits opened a new pull request #1820: [ISSUE #1233] Fix CVE-2011-1473 URL: https://github.com/apache/rocketmq/pull/1820 fix #1233 Tested with OpenSSL 1.1.1 before fixing: openssl s_client -connect 172.16.41.1:9876 ... R RENEGOTIATING depth=0 CN = example.com verify error:num=18:self signed certificate verify return:1 depth=0 CN = example.com verify return:1 after fixing: openssl s_client -connect 172.16.41.1:9876 ... R RENEGOTIATING 140672690749888:error:1409444C:SSL routines:ssl3_read_bytes:tlsv1 alert no renegotiation:../ssl/record/rec_layer_s3.c:1528:SSL alert number 100
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
