On Sat Apr 30 21:23:30 2016, hen...@newdawn.dk wrote:
> Since this is a MS IIS 7.0 server I would argue that it'd be in the
> interest of openssl to handle the situation rather than accept this
> scenario - since IIS is likely powering more than a few hosts? It is
> possible to have the host
> On Apr 30, 2016, at 5:26 PM, Salz, Rich wrote:
>
>> Since this is a MS IIS 7.0 server I would argue that it'd be in the interest
>> of
>> openssl to handle the situation rather than accept this scenario - since IIS
>> is
>> likely powering more than a few hosts?
>
> It's
> Since this is a MS IIS 7.0 server I would argue that it'd be in the interest
> of
> openssl to handle the situation rather than accept this scenario - since IIS
> is
> likely powering more than a few hosts?
It's a known bug, and openssl can work-around the bug by configuring as
described.
> Since this is a MS IIS 7.0 server I would argue that it'd be in the interest
> of
> openssl to handle the situation rather than accept this scenario - since IIS
> is
> likely powering more than a few hosts?
It's a known bug, and openssl can work-around the bug by configuring as
described.
Since this is a MS IIS 7.0 server I would argue that it'd be in the interest of
openssl to handle the situation rather than accept this scenario - since IIS is
likely powering more than a few hosts? It is possible to have the host
correctly list its supported protocols using nmap - i'd assume
On Sat, Apr 30, 2016 at 08:59:46PM +, Matt Caswell via RT wrote:
>
> This is not a bug in OpenSSL. The problem here is that the server is behaving
> incorrectly when receiving large ClientHello messages. The ClientHello is the
> first message that is sent from the client to the server. If a
On Sat Apr 30 19:51:51 2016, hen...@newdawn.dk wrote:
> Hi there
>
> I've recently come across what looks to be an internal bug in openssl:
>
> Original symptoms was that neither "curl" or "wget" could access the
> following site:
>
> https://coverage.tre.se - this site is using TLS 1.0 (only) and
Hi there
I've recently come across what looks to be an internal bug in openssl:
Original symptoms was that neither "curl" or "wget" could access the following
site:
https://coverage.tre.se - this site is using TLS 1.0 (only) and does have some
pretty crazy certificate issues - but does show