[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: safe renegotiation in client side
From: |
Simon Josefsson |
Subject: |
Re: safe renegotiation in client side |
Date: |
Tue, 16 Mar 2010 15:55:16 +0100 |
User-agent: |
Gnus/5.110011 (No Gnus v0.11) Emacs/23.1 (gnu/linux) |
Could we syslog() a message with the address of the server that is buggy
when a client invokes gnutls_handshake()?
We need to extract the server IP address from a socket, though, and will
need to be very careful about handling return values from every syscall.
(It may not even be a socket, GnuTLS doesn't require that, but then it
could just say that the server is buggy with no address..)
Even if we don't have the syslog operation in upstream GnuTLS, we could
recommend a patch so that RedHat/Debian/Ubuntu/etc can apply it in their
builds. This may lead to people upgrading their important servers more
quickly.
/Simon
Re: safe renegotiation in client side, Simon Josefsson, 2010/03/15