diff options
| author | Ahamed Nafeez <ahamed.nafeez@gmail.com> | 2013-12-15 04:17:00 +0530 |
|---|---|---|
| committer | Fedor Indutny <fedor.indutny@gmail.com> | 2013-12-15 14:24:51 +0400 |
| commit | 8a79cca80cd3d4a577c680cfcb72877bcaab8df2 (patch) | |
| tree | 204a849c186dc381a259243c0ebb2a8f56a78cc3 /src | |
| parent | 8803aa3af7031e4844eb6eeb6d6e53919808ea3d (diff) | |
| download | nodejs-8a79cca80cd3d4a577c680cfcb72877bcaab8df2.tar.gz nodejs-8a79cca80cd3d4a577c680cfcb72877bcaab8df2.tar.bz2 nodejs-8a79cca80cd3d4a577c680cfcb72877bcaab8df2.zip | |
crypto: comment change on disabling compression
This is a comment change, where it originally says disabling TLS
Compression protects against BEAST attack. But in fact, it is the
CRIME attack(Compression Ratio Info-leak Made Easy) that makes use
of TLS Compression and not BEAST.
BEAST(Browser Exploit Against SSL/TLS) is an entirely another variant
making use of the chosen boundary attack against CBC mode in
encryption.
Just making sure, that the exact reason for disabling TLS compression
must be made clear and not be misleading with some other attack.
Diffstat (limited to 'src')
| -rw-r--r-- | src/node_crypto.cc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/node_crypto.cc b/src/node_crypto.cc index d1467527e..ebd935a30 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -4060,7 +4060,7 @@ void InitCryptoOnce() { CRYPTO_set_locking_callback(crypto_lock_cb); CRYPTO_THREADID_set_callback(crypto_threadid_cb); - // Turn off compression. Saves memory and protects against BEAST attacks. + // Turn off compression. Saves memory and protects against CRIME attacks. #if !defined(OPENSSL_NO_COMP) #if OPENSSL_VERSION_NUMBER < 0x00908000L STACK_OF(SSL_COMP)* comp_methods = SSL_COMP_get_compression_method(); |