[sr-dev] kamailio 3.1.0 crash on ssl-dos attack
Daniel-Constantin Mierla
miconda at gmail.com
Tue Dec 20 09:48:47 CET 2011
Hello,
thanks for testing.
Regarding tls_max_connections, I just pushed two patches, can you try
with them?
Cheers,
Daniel
On 12/19/11 11:04 PM, Jijo wrote:
> HI,
> I merged the changes to kamailio 3.1.0 and tested. I set
> tls_max_connections to 6, but i don't see the connections closed after
> 6. kamailio still accepting the connection.
> sercmd> core.tcp_info
> {
> readers: 20
> max_connections: 2048
> max_tls_connections: 6
> opened_connections: 357
> opened_tls_connections: 353
> write_queued_bytes: 0
> }
> Thanks for implementing tls renegotiation, i tested that too, which is
> working fine.
> Thanks
> JIjo
> On Thu, Dec 15, 2011 at 5:38 AM, Daniel-Constantin Mierla
> <miconda at gmail.com <mailto:miconda at gmail.com>> wrote:
>
> Hello,
>
> I know tls_max_connection is not the solution, but in the context
> of this discussion resulted that would be good to have such
> parameter, so I added it -- it was faster that setting a testbed
> to work on the ssl-dos attack as I was traveling. So I thought you
> can test it a bit as well, since you have such config in place, to
> be sure it works.
>
> Thanks,
> Daniel
>
>
--
Daniel-Constantin Mierla -- http://www.asipto.com
http://linkedin.com/in/miconda -- http://twitter.com/miconda
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-dev/attachments/20111220/c7af3fbf/attachment.htm>
More information about the sr-dev
mailing list