Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:Ledest:erlang:23
erlang
1202-ssl-Mitigate-memory-usage-from-large-certi...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 1202-ssl-Mitigate-memory-usage-from-large-certificate-cha.patch of Package erlang
From f564a84169f44aa38d514e4c5e340d78d1deac8f Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin <ingela@erlang.org> Date: Fri, 10 Feb 2023 07:54:04 +0100 Subject: [PATCH 1/2] ssl: Mitigate memory usage from large certificate chains --- lib/ssl/src/ssl_handshake.hrl | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/lib/ssl/src/ssl_handshake.hrl b/lib/ssl/src/ssl_handshake.hrl index 6dd47019f4..d889a2228b 100644 --- a/lib/ssl/src/ssl_handshake.hrl +++ b/lib/ssl/src/ssl_handshake.hrl @@ -83,9 +83,14 @@ -define(CERTIFICATE_VERIFY, 15). -define(CLIENT_KEY_EXCHANGE, 16). -define(FINISHED, 20). - -define(MAX_UNIT24, 8388607). --define(DEFAULT_MAX_HANDSHAKE_SIZE, (256*1024)). + +%% Usually the biggest handshake message will be the message conveying the +%% certificate chain. This size should be sufficient for usual certificate +%% chains, certificates without special extensions have a typical size of +%% 1-2kB. By dividing the old default value by 2 we still have a slightly +%% bigger margin than OpenSSL +-define(DEFAULT_MAX_HANDSHAKE_SIZE, ((256*1024) div 2)). -record(random, { gmt_unix_time, % uint32 -- 2.35.3
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor