...@openssl.org
--
View this message in context:
http://old.nabble.com/Test-of-disabled-renegotiation-in-0.9.8l-tp26301719p26385119.html
Sent from the OpenSSL - Dev mailing list archive at Nabble.com.
__
OpenSSL Project
majord...@openssl.org
--
View this message in context:
http://old.nabble.com/Test-of-disabled-renegotiation-in-0.9.8l-tp26301719p26385119.html
Sent from the OpenSSL - Dev mailing list archive at Nabble.com
Probably not intended, at least behavior of current 0.9.8-stable CVS
is
different now. See my mail with quite similar question:
http://marc.info/?l=openssl-devm=125792743829558w=2
Thanks Tomas, interesting post... I have tested various builds against
the client renegotiation vulnerability
Boyle Owen wrote:
PPS: Although I have subscribed to this list, I am not getting the mails
(I have to keep checking the archives). Is there anyone who can check
out my account?
Hmm. If memory serves me right there was a subscribe message sent to
the list instead of the mailing list
Greetings,
I am testing the behaviour of 0.9.8l with respect to client
renegotiation. The build is httpd-2.2.14 with openssl-0.9.8l on Solaris
10. I do:
$ openssl s_client -connect wibble:443
...
GET / HTTP/1.1
Host:wibble
R
RENEGOTIATING
Then the
On Wed, 11 Nov 2009 13:00:09 +0100 Boyle Owen
owen.bo...@six-group.com wrote:
This stays like this until I kill the session. Is this the intended
behaviour? I thought it was supposed to drop the connection?
Probably not intended, at least behavior of current 0.9.8-stable CVS is
different now.