Nikos Mavrogiannopoulos aa9c401cac Prevent clients with a broken GnuTLS version from connecting using DTLS ...

That prevents clients that send an all-zero DTLS client hello from being
able to establish a connection.

That also introduces the OCSERV_ALLOW_BROKEN_CLIENTS environment variable
which when set to 1 it allows broken clients to connect. This is used
mainly to allow test cases to pass to existing vulnerable systems in our
CI.

Resolves: #277

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>

2020-04-03 12:51:22 +02:00

9.5 KiB

Raw Blame History

View Raw