开发者

renegotiate_rate_limit

开发者 https://www.devze.com 2023-02-18 10:58 出处：网络

Does anyone know wh开发者_如何学Cere and how to set this limit? This is regarding SSL/ TLS connections.If you are using OpenSSL and you want a renegotiation to happen after a certain number of bytes,

相关专题：ssl

Does anyone know wh开发者_如何学Cere and how to set this limit? This is regarding SSL/ TLS connections.

If you are using OpenSSL and you want a renegotiation to happen after a certain number of bytes, you can use BIO_set_ssl_renegotiate_bytes. If you want it to happen after a certain interval of time has elapsed, you can use BIO_set_ssl_renegotiate_timeout.

If, instead, you want to set an upper limit on how often renegotiation is allowed, I don't think OpenSSL has explicit support for that. Instead, you might register an info callback with BIO_set_info_callback and then wait for SSL_ST_RENEGOTIATE notifications. If you observe them at a rate greater than you want, take some action (eg close the connection).