重新协商SSL握手
[英]Renegotiate SSL handshake
问题描述
Is it possible to do a renegotiation of the SSL handshake while the current SSL connection remains active. 
当当前的SSL连接保持活动状态时,是否可以重新协商SSL握手。 When the new handshake has succeeded the server should respond with a confirmation of the new handshake. 当新的握手成功后,服务器应以新握手的确认作为响应。
I've searched on SSL renegotiation but I couldn't find anything concrete. 我已经搜索过SSL重新协商,但是找不到任何具体的内容。 Does anyone know if something like this is possible? 有人知道这样的事情是否可能吗?
2 个解决方案
解决方案1
2 已采纳 2013-03-19 16:16:17
解决方案2
0 2019-09-27 06:00:56
I have faced this situation some time back, and we were using GoLang. 一段时间以前,我已经遇到了这种情况,我们正在使用GoLang。 Renegotiate mode can be set by setting tlsCfg.Renegotiation to one of the following values: 可以通过将tlsCfg.Renegotiation设置为以下值之一来设置重新协商模式:
- RenegotiateNever RenegotiateNever
- RenegotiateOnceAsClient RenegotiateOnceAsClient
- RenegotiateFreelyAsClient which are defined in https://golang.org/src/crypto/tls/common.go 在https://golang.org/src/crypto/tls/common.go中定义的RenegotiateFreelyAsClient
The following function can be used to set the request TLS Config. 以下功能可用于设置请求TLS配置。
func (r *request) SetRenegotiationMode(mode string) (IRequest, error) {
modeMap := map[string]tls.RenegotiationSupport{
"once": tls.RenegotiateOnceAsClient,
"freely": tls.RenegotiateFreelyAsClient,
"never": tls.RenegotiateNever,
}
if val, ok := modeMap[mode]; ok {
if r.tlsCfg == nil {
r.tlsCfg = &tls.Config{}
}
r.tlsCfg.Renegotiation = val
} else {
//if anything other than the allowed values is passed, it'll thrown an error
return nil, <DEFINE AN ERROR>
}
return r, nil
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.