On 14/11/17 09:40, marcus.schafheu...@gmx.de wrote:
> Hello,
>
> I am referring to the DoS via repeated SSL session renegotiations
> (http://kalilinuxtutorials.com/thc-ssl-dos/).
>
> Prior to OpenSSL 1.1.0 the approach to deactivate client renegotiation
> was to set the corresponding flag via
Hello,
I am referring to the DoS via repeated SSL session renegotiations (http://kalilinuxtutorials.com/thc-ssl-dos/).
Prior to OpenSSL 1.1.0 the approach to deactivate client renegotiation was to set the corresponding flag via a
callback function, e.g. :
---
SSL *connection;
...
connecti
