- o Security fixes:
- - Block excess renegotiations even if they are RFC5746 compliant.
- This mitigates potential SSL Denial of Service attacks that use
- SSL renegotiation as a way of forcing the server to perform
- unneeded computationally expensive SSL handshakes. Implements
- #4312.
- - Fix a bug where tor would not notice excess renegotiation
- attempts before it received the first data SSL record. Fixes
- part of #4312.
|
