Hello,
I am referring to the DoS via repeated SSL session renegotiations (http://kalilinuxtutorials.com/thc-ssl-dos/).
Prior to OpenSSL 1.1.0 the approach to deactivate client renegotiation was to set the corresponding flag via a
callback function, e.g. :
---
SSL *connection;
...
connecti
Hello,
we encountered a strange behaviour of OpenSSL 1.1.0 when our test with "sslscan" provokes an unfinished
handshake.
Our asynchronous communication approach uses memory BIOs in order to read/write data from other
communication layers into the SSL object. After the read/write operation
Hello,
we encountered a strange behaviour of OpenSSL 1.1.0 when our test with "sslscan" provokes an unfinished
handshake. The problem exists since OpenSSL 1.1.0 - there were no problems with OpenSSL 1.0.2x.
Our asynchronous communication approach uses memory BIOs in order to read/write data fr