Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Determine value of bool variable $SERVER_SIZE_LIMIT_BUG upfront or when needed #1202
... and not every instance we're potentially sending >= 128 ciphers.
This is a reminder for a future development. As of now we're two  check (and subsequently if unsuccessful workarounds) in a few scenarios for $SERVER_SIZE_LIMIT_BUG.
Maybe it would be better to determine a quiet test initially or when needed and populate the variable.
I suspect (but I am not really sure) that there could be more ClientHellos with >= 128 ciphers than those two places.
Edit:: It is actually 128 ciphers, not 129 when the bug hits
In order to handle better Cisco ACE loadbalancers (almost extinct species) which have a problem with ClientHellos >127 ciphers we have had introduced a variable which needs to be filled better with some sense. This commit does that by introducing the function determine_sizelimitbug() which is called in lets_roll(). It also removes then redundant code in cipher_pref_check(). Open: * handle run_grease() * do we want this information at least in a logfile * or maybe eben on screen? See also #1202 .