Author chuq
Recipients christian.heimes, chuq
Date 2017-12-09.18:04:12
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1512842652.88.0.213398074469.issue32257@psf.upfronthosting.co.za>
In-reply-to
Content
Hi Christian,

Thank you for review! I have changed the code to directly setting this flag by using s3->flag. Code is copied from nginx repo: https://github.com/nginx/nginx/blob/ed0cc4d52308b75ab217724392994e6828af4fda/src/event/ngx_event_openssl.c.

I think this change is still needed. Although OpenSSL claimed it is fixed, THC-SSL-DOS showed it is vulnerable. If this is not the case, then nginx won't need to set the flag.

Thanks,
Qichao
History
Date User Action Args
2017-12-09 18:04:12chuqsetrecipients: + chuq, christian.heimes
2017-12-09 18:04:12chuqsetmessageid: <1512842652.88.0.213398074469.issue32257@psf.upfronthosting.co.za>
2017-12-09 18:04:12chuqlinkissue32257 messages
2017-12-09 18:04:12chuqcreate