upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-02-03 20:39:41 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 12
haproxy/include
History
Emeric Brun e1f38dbb44 MEDIUM: ssl: protect against client-initiated renegociation 
CVE-2009-3555 suggests that client-initiated renegociation should be
prevented in the middle of data. The workaround here consists in having
the SSL layer notify our callback about a handshake occurring, which in
turn causes the connection to be marked in the error state if it was
already considered established (which means if a previous handshake was
completed). The result is that the connection with the client is immediately
aborted and any pending data are dropped.
2012-09-03 22:03:17 +02:00
..
common CLEANUP: includes: fix includes for a number of users of fd.h 2012-09-03 20:49:14 +02:00
import [MAJOR] replace ultree with ebtree in wait-queues 2008-06-24 08:17:16 +02:00
proto MEDIUM: ssl: protect against client-initiated renegociation 2012-09-03 22:03:17 +02:00
types MEDIUM: config: add support for the 'ssl' option on 'server' lines 2012-09-03 22:02:21 +02:00