sockets - Forbid SSL rehandshake in Java (JSSE)? -


is there way forbid re-handshake in java's ssl libraries on client , server side?

i've searched javadocs of sslcontext, sslparameters, sslsocket, sslserversocket , according factories have not found solution.

i don't know of (simple) solution, have found bad one.

it turns out in 2009, security flaw found in ssl protocol affected ssl renegotiation (or rehandshake). java team addressed in 2 phases (as described here.). first phase disable renegotiation ... , done in java 6 patch 19. second phase implement protocol changes renegotiation specified in new rfc.

so, 1 way disable ssl renegotiation downgrade jvm java 6 patch 19.

frankly, think bad idea:

  • you winding version of java has been eol'd.
  • you backing out of whole stack of security patches.
  • if you've started using java 7 or java 8 language / library features, in work.

however, if digs out of deep hole, might consider it.

well, looked @ source code of sslengineimpl (here), , cannot see straightforward solution based on that. kickstarthandshake method.

there couple of properties enable / disable unsafe forms of renegotiation (for compatibility), there no properties turn off entirely. , since method of work private, don't think disable renegotiation functionality overriding methods in subclass.

so leaves copying code, modifying disable renegotiation, changing package names , creating alternative "provider" ssl engine.

and confuse things further ... there implementation of ssl protocol in sslsocketimpl class (here). didn't try figure out of 2 implementations 1 "by default".


Comments

Post a Comment

Popular posts from this blog

javascript - Jquery show_hide, what to add in order to make the page scroll to the bottom of the hidden field once button is clicked -

i have button on website when clicked, reveals map. button can seen when page first loads up, when clicked, section holding map slides open , goes out of screen since page loads @ top (normal). want page scroll down bottom of div select when button pushed, if map out of screen. if page scrolled down, , clicks show map button, don't want page jump bottom of map. i tried figure out myself, no luck. seasoned jquery coders able give me guidance? many thanks! map = mapdiv.gmap3("get"); infobox = new infobox({ pixeloffset: new google.maps.size(-220, -310), closeboxurl: '', enableeventpropagation: true }); mapdiv.delegate('.infobox .close','click',function () { infobox.close(); }); jquery(".slidingdiv").hide(); jquery(".show_hide").show(); jquery('.show_hide').click(function(){ lastcenter=map.getcenter(); jquery(".slidingdiv...
Read more

python - Django-cities exits with "killed" -

i trying install django-cities on server 500mb ram. whenever run: manage.py cities the system exits saying killed. trying run: manage.py cities --import=country --force worked, guessing matter of running out of memory. to bypass, tried refer package local copy of cities' data file. still didn't work. any ideas on how can migrate data without having increase memory on server? based on suggestion comments, solved setting temporary swap file. if unfamiliar it, can follow these steps: set swap file touch /var/swap.img chmod 600 /var/swap.img set swap file size cd /var dd if=/dev/zero of=/var/swap.img bs=1024k count=1000 this create 1gb swap file. prepare disk image mkswap /var/swap.img activate swap memory swapon /var/swap.img once done, can turn off swap image: swapoff /var/swap.img more information on virtual memory , swap files can found here: https://www.digitalocean.com/community/tutorials/how-to-configure-virtual-me...
Read more

python - How to get a widget position inside it's layout in Kivy? -

i have gridlayout , added image widgets on after adding of images want draw rectangle in each image using canvas couldn't because don't know exact image widgets positions on gridlayout. code: http://paste.ofcode.org/3bdp9yhjrcrzmsztbu9hqp4 http://paste.ofcode.org/3az3gx4fxzr9dlhe2ami97c in last line of python code : rectangle(pos = (child.x - 2.4, child.y + 467), size = (70, 70)) how draw rectangle in child(my method not good^), also why gridlayout not coming in center after setting it's pos_hint = {"center_x" : .5}? if understand question right, try use such methods to_local() , to_parent() , to_widget() , to_window() . try substract position of gridlayout widgets' positions.
Read more