客户端发起的重新协商攻击缓解

The TLS protocol lets the client renegotiate certain aspects of the TLS session. Unfortunately, session renegotiation requires a disproportionate amount of server-side resources, which makes it a potential vector for denial-of-service attacks.

To mitigate this, renegotiation is limited to three times every 10 minutes. An error is emitted on the [tls.TLSSocket][] instance when the threshold is exceeded. These limits are configurable:

• tls.CLIENT_RENEG_LIMIT: renegotiation limit, default is 3.

• tls.CLIENT_RENEG_WINDOW: renegotiation window in seconds, default is 10 minutes.

Do not change the defaults without a full understanding of the implications.

To test the server, connect to it with openssl s_client -connect address:port and tap R<CR> (i.e., the letter R followed by a carriage return) a few times.