Don't restrict the number of KeyUpdate messages we can process
Prior to this commit we were keeping a count of how many KeyUpdates we have processed and failing if we had had too many. This simplistic approach is not sufficient for long running connections. Since many KeyUpdates would not be a particular good DoS route anyway, the simplest solution is to simply remove the key update count. Fixes #8068 Reviewed-by: NKurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/8299) (cherry picked from commit 3409a5ff8a44ddaf043d83ed22e657ae871be289)
Showing
想要评论请 注册 或 登录