Mercurial > hg > nginx
comparison auto/modules @ 7356:e3ba4026c02d
SSL: disabled renegotiation checks with SSL_OP_NO_RENEGOTIATION.
Following 7319:dcab86115261, as long as SSL_OP_NO_RENEGOTIATION is
defined, it is OpenSSL library responsibility to prevent renegotiation,
so the checks are meaningless.
Additionally, with TLSv1.3 OpenSSL tends to report SSL_CB_HANDSHAKE_START
at various unexpected moments - notably, on KeyUpdate messages and
when sending tickets. This change prevents unexpected connection
close on KeyUpdate messages and when finishing handshake with upcoming
early data changes.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Fri, 21 Sep 2018 20:31:32 +0300 |
parents | f2396ecf608b |
children | ee36940cfb0f |
comparison
equal
deleted
inserted
replaced
7355:b64adc956643 | 7356:e3ba4026c02d |
---|