SSL: safeguard use of SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS

Maxim Dounin mdounin at mdounin.ru
Thu Dec 18 17:10:17 UTC 2014


Hello!

On Wed, Dec 17, 2014 at 03:20:37PM +0100, Lukas Tribus wrote:

> # HG changeset patch
> # User Lukas Tribus <luky-37 at hotmail.com>
> # Date 1418825570 -3600
> #      Wed Dec 17 15:12:50 2014 +0100
> # Node ID 923f5d7061b6df59fb1d28c70379da8b9daf1c8c
> # Parent  a23c35496c2fc0ba9a34d968c2ca6d1f9374f8a8
> SSL: safeguard use of SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS
> 
> OpenSSL or its forks may remove this flag (BoringSSL did), as the
> renegotiation issue was fixed in OpenSSL.

I've committed the patch with some minor changes, thanks.

-- 
Maxim Dounin
http://nginx.org/



More information about the nginx-devel mailing list