Loading ssl/ssl3.h +11 −0 Original line number Diff line number Diff line Loading @@ -380,6 +380,17 @@ typedef struct ssl3_buffer_st #define TLS1_FLAGS_TLS_PADDING_BUG 0x0008 #define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010 /* SSL3_FLAGS_SGC_RESTART_DONE is set when we * restart a handshake because of MS SGC and so prevents us * from restarting the handshake in a loop. It's reset on a * renegotiation, so effectively limits the client to one restart * per negotiation. This limits the possibility of a DDoS * attack where the client handshakes in a loop using SGC to * restart. Servers which permit renegotiation can still be * effected, but we can't prevent that. */ #define SSL3_FLAGS_SGC_RESTART_DONE 0x0040 typedef struct ssl3_state_st { long flags; Loading Loading
ssl/ssl3.h +11 −0 Original line number Diff line number Diff line Loading @@ -380,6 +380,17 @@ typedef struct ssl3_buffer_st #define TLS1_FLAGS_TLS_PADDING_BUG 0x0008 #define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010 /* SSL3_FLAGS_SGC_RESTART_DONE is set when we * restart a handshake because of MS SGC and so prevents us * from restarting the handshake in a loop. It's reset on a * renegotiation, so effectively limits the client to one restart * per negotiation. This limits the possibility of a DDoS * attack where the client handshakes in a loop using SGC to * restart. Servers which permit renegotiation can still be * effected, but we can't prevent that. */ #define SSL3_FLAGS_SGC_RESTART_DONE 0x0040 typedef struct ssl3_state_st { long flags; Loading
