[sr-dev] kamailio 3.1.0 crash on ssl-dos attack
Jijo
realjijo at gmail.com
Tue Dec 20 18:00:28 CET 2011
Hi,
It worked with the latest patches.
I saw in some of the files like tcp_main.c the macro USE_TLS is not used.
Isn't it better to use it?
Thanks
Jijo
On Tue, Dec 20, 2011 at 3:48 AM, Daniel-Constantin Mierla <miconda at gmail.com
> wrote:
> Hello,
>
> thanks for testing.
>
> Regarding tls_max_connections, I just pushed two patches, can you try with
> them?
>
> Cheers,
> Daniel
>
>
> On 12/19/11 11:04 PM, Jijo wrote:
>
> HI,
>
> I merged the changes to kamailio 3.1.0 and tested. I set
> tls_max_connections to 6, but i don't see the connections closed after 6.
> kamailio still accepting the connection.
>
> sercmd> core.tcp_info
> {
> readers: 20
> max_connections: 2048
> max_tls_connections: 6
> opened_connections: 357
> opened_tls_connections: 353
> write_queued_bytes: 0
> }
>
> Thanks for implementing tls renegotiation, i tested that too, which is
> working fine.
>
> Thanks
> JIjo
> On Thu, Dec 15, 2011 at 5:38 AM, Daniel-Constantin Mierla <
> miconda at gmail.com> wrote:
>
>> Hello,
>>
>> I know tls_max_connection is not the solution, but in the context of this
>> discussion resulted that would be good to have such parameter, so I added
>> it -- it was faster that setting a testbed to work on the ssl-dos attack as
>> I was traveling. So I thought you can test it a bit as well, since you have
>> such config in place, to be sure it works.
>>
>> Thanks,
>> Daniel
>>
>>
>>
>
> --
> Daniel-Constantin Mierla -- http://www.asipto.comhttp://linkedin.com/in/miconda -- http://twitter.com/miconda
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-dev/attachments/20111220/a97caf15/attachment.htm>
More information about the sr-dev
mailing list