lukechilds
/
node
mirror of https://github.com/lukechilds/node.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

openssl: disable HEARTBEAT TLS extension 

Microsoft's IIS doesn't support it, and is not replying with ServerHello
after receiving ClientHello which contains it.

The good way might be allowing to opt-out this at runtime from
javascript-land, but unfortunately OpenSSL doesn't support it right now.

see #5119
v0.10.2-release
Fedor Indutny 12 years ago
parent
f0b68892d4
commit
28c6e42ee7
1 changed files with 7 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 8
      deps/openssl/openssl.gyp

8
deps/openssl/openssl.gyp
View File

@ -16,7 +16,13 @@
# No clue what these are for. # No clue what these are for.
'L_ENDIAN', 'L_ENDIAN',
'PURIFY', 'PURIFY',
'_REENTRANT' '_REENTRANT',
# Heartbeat is a TLS extension, that couldn't be turned off or
# asked to be not advertised. Unfortunately this is unacceptable for
# Microsoft's IIS, which seems to be ignoring whole ClientHello after
# seeing this extension.
'OPENSSL_NO_HEARTBEATS',
], ],
'sources': [ 'sources': [
'openssl/ssl/bio_ssl.c', 'openssl/ssl/bio_ssl.c',

Write Preview
Loading…
Cancel
Save