daohualiuxiang/node - node - Gitea: Git with a cup of tea

Commit Graph

Author	SHA1	Message	Date
isaacs	0cdf85e28d	Lint all the JavaScripts.	2012-02-18 15:34:57 -08:00
Ben Noordhuis	3415427dbf	tls: mitigate session renegotiation attacks The TLS protocol allows (and sometimes requires) clients to renegotiate the session. However, renegotiation requires a disproportional amount of server-side resources, particularly CPU time, which makes it a potential vector for denial-of-service attacks. To mitigate this issue, we keep track of and limit the number of renegotiation requests over time, emitting an error if the threshold is exceeded.	2012-02-16 18:15:21 +01:00

Author

SHA1

Message

Date

isaacs

0cdf85e28d

Lint all the JavaScripts.

2012-02-18 15:34:57 -08:00

Ben Noordhuis

3415427dbf

tls: mitigate session renegotiation attacks

The TLS protocol allows (and sometimes requires) clients to renegotiate the
session. However, renegotiation requires a disproportional amount of server-side
resources, particularly CPU time, which makes it a potential vector for
denial-of-service attacks.

To mitigate this issue, we keep track of and limit the number of renegotiation
requests over time, emitting an error if the threshold is exceeded.

2012-02-16 18:15:21 +01:00

2 Commits (0888cdd4123e80fcb859d90808bd6cc708eec3d6)