Hi, I need this library to test some client puzzles to protect HTTPS Servers from DoS. I have taken a second look to the 4680 RFC and the TLS RFC and I can send the puzzles after the SERVER_DONE state.
Thank you for your answer, I will look now for the newest version of your code. Marius Emanuele Cesena wrote: > > Hi, > > On Tue, 2009-04-14 at 02:16 -0700, nhack wrote: >> I want to know if there is any library that provides support for the RFC >> 4680, I have found this http://tlsext-general.blogspot.com/ but my >> problem >> with this library is that the client can send the supplemental data only >> after the server done state, and i need that data after the server hello >> done state. >> > nice to see someone is interested in our work ;-) > BTW, we have a newer version of the code, with a slightly better > interface, if you need. > > Unfortunately what you ask is not RFC-4680 compliant: the client > SupplementalData message MUST be send after the ServerDone. > > You could take from our library and modify your own libssl to add a > client message after the ServerHello, but personally I think this is > more tricky (in fact in TLS there are no client's messages between > ServerHello and ServerDone)... > > Could you explain in more details why do you really need a message > between the ServerHello and ServerDone? > > Best regards, > -- > Emanuele Cesena <emanuele.ces...@gmail.com> > http://ecesena.dyndns.org > > Il corpo non ha ideali > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > > -- View this message in context: http://www.nabble.com/RFC-4680-implementation-tp23035956p23054329.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
