开发者

renegotiate_rate_limit

Does anyone know wh开发者_如何学Cere and how to set this limit? This is regarding SSL/ TLS connections.


If you are using OpenSSL and you want a renegotiation to happen after a certain number of bytes, you can use BIO_set_ssl_renegotiate_bytes. If you want it to happen after a certain interval of time has elapsed, you can use BIO_set_ssl_renegotiate_timeout.

If, instead, you want to set an upper limit on how often renegotiation is allowed, I don't think OpenSSL has explicit support for that. Instead, you might register an info callback with BIO_set_info_callback and then wait for SSL_ST_RENEGOTIATE notifications. If you observe them at a rate greater than you want, take some action (eg close the connection).

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜