[jira] [Commented] (TS-1467) Do something about client initiated renegotiation (SSL) DDoS

Bryan Call (JIRA) Thu, 16 Jan 2014 20:02:46 -0800

    [ 
https://issues.apache.org/jira/browse/TS-1467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13874405#comment-13874405
 ]


Bryan Call commented on TS-1467:
--------------------------------

ssl_callback_info has a const SSL* and I would have to remove the const to call 
SSL_shutdown(), my thought is that it probability wont work out well calling 
SSL_shutdown() from within ssl_callback_info.

I made the other changes.

> Do something about client initiated renegotiation (SSL) DDoS
> ------------------------------------------------------------
>
>                 Key: TS-1467
>                 URL: https://issues.apache.org/jira/browse/TS-1467
>             Project: Traffic Server
>          Issue Type: Bug
>          Components: SSL
>            Reporter: Leif Hedstrom
>            Assignee: Bryan Call
>             Fix For: 4.2.0
>
>         Attachments: ts1467.diff
>
>
> https://community.qualys.com/blogs/securitylabs/2011/10/31/tls-renegotiation-and-denial-of-service-attacks



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

[jira] [Commented] (TS-1467) Do something about client initiated renegotiation (SSL) DDoS

Reply via email to