Mercurial > hg > nginx-quic
view auto/stubs @ 7475:49f9d2f7d887
SSL: moved c->ssl->handshaked check in server name callback.
Server name callback is always called by OpenSSL, even
if server_name extension is not present in ClientHello. As such,
checking c->ssl->handshaked before the SSL_get_servername() result
should help to more effectively prevent renegotiation in
OpenSSL 1.1.0 - 1.1.0g, where neither SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS
nor SSL_OP_NO_RENEGOTIATION is available.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Tue, 05 Mar 2019 16:34:19 +0300 |
parents | d620f497c50f |
children |
line wrap: on
line source
# Copyright (C) Igor Sysoev # Copyright (C) Nginx, Inc. have=NGX_SUPPRESS_WARN . auto/have have=NGX_SMP . auto/have