Author christian.heimes
Recipients christian.heimes, chuq, njs
Date 2017-12-10.10:37:36
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1512902256.46.0.213398074469.issue32257@psf.upfronthosting.co.za>
In-reply-to
Content
Sounds about right, but I cannot find a good way to disable renegotiation.

* SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS doesn't look right. For one it's an internal, undocumented flag. But more important it is no longer supported in OpenSSL 1.1.0.

* The info_callback trick does not work. The info callback cannot return an error indicator. In OpenSSL 1.1.0 the function signature is ``void (*cb) (const SSL *ssl, int type, int val)``, which means it cannot modify the SSL object in order to abort the connection forcefully.
History
Date User Action Args
2017-12-10 10:37:36christian.heimessetrecipients: + christian.heimes, njs, chuq
2017-12-10 10:37:36christian.heimessetmessageid: <1512902256.46.0.213398074469.issue32257@psf.upfronthosting.co.za>
2017-12-10 10:37:36christian.heimeslinkissue32257 messages
2017-12-10 10:37:36christian.heimescreate