Le 8 mars 2017 3:10:14 PM Willy Tarreau <[email protected]> a écrit :
On Wed, Mar 08, 2017 at 12:42:38PM +0100, Emmanuel Hocdet wrote:
> However as I said to Thierry, please don't add "if (ptr)" before
> a pool_free2(), we have the same semantics as free() which is a
> NOP on NULL on all supported operating systems. If you want I can
> change it myself and merge.
>
Ok, you can do the change.
OK both patches merged, thanks!
Hi. I just read the thread. Thanks for the improvements.
I agree with you for the fingerprint of more data in the ssl request. I
limit the dev to the cipher list because other things requires some brainstorm.
When i wrote the client hello parser i sew one other candidate which is the
tls options. But i m not sure that it is interesting to hash all options.
Maybe some options are relative to the connection and not to the browser.
Unlikely i'm not ssl/tls expert and i cant answer to this question quickly.
So i prefer to do this later. I hink that ssl is a good way to catch fake
browsers.
Manu, it seems that you have some ideas qbout this. Do not hesitate to
share it.
Thierry
Willy
