Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Expose RenegotiateFreelyAsClient for SSL/TLS #4386

Closed
brandonmensing opened this issue May 23, 2017 · 3 comments
Closed

Expose RenegotiateFreelyAsClient for SSL/TLS #4386

brandonmensing opened this issue May 23, 2017 · 3 comments
Labels
enhancement Heartbeat

Comments

@brandonmensing
Copy link

By default, Apache will occasionally trigger a renegotiation for the SSL session. When Heartbeat gets the reset, there is an error in the logs: local error: tls: no renegotiation.

This feature in Go would allow Heartbeat to deal with this:
https://golang.org/pkg/crypto/tls/#RenegotiationSupport
@andrewkroh andrewkroh mentioned this issue Oct 6, 2017
Merged
@andrewkroh
Copy link
Member

I opened PR #5353 to get this feature into 6.1. After that merges I'll do a backport to get it into a future 5.6 release (it missed the 5.6.3 freeze).

andrewkroh added a commit to andrewkroh/beats that referenced this issue Oct 6, 2017
@andrewkroh
Add support TLS renegotiation
c76570f 
This PR adds support for enabling TLS renegotiation. The setting is `ssl.renegotiation` and the options are `never` (default), `once`, and `freely`. This exposes the three options from https://golang.org/pkg/crypto/tls/#RenegotiationSupport.

Fixes elastic#4386
ruflin pushed a commit that referenced this issue Oct 9, 2017
@andrewkroh @ruflin
Add support TLS renegotiation (#5353)
28cee61 
This PR adds support for enabling TLS renegotiation. The setting is `ssl.renegotiation` and the options are `never` (default), `once`, and `freely`. This exposes the three options from https://golang.org/pkg/crypto/tls/#RenegotiationSupport.

Fixes #4386
@brandonmensing
Copy link
Author

@andrewkroh If we're going to add this to a patch release in 5.6, could we also add it to a patch in 6.0.x?

andrewkroh added a commit to andrewkroh/beats that referenced this issue Oct 9, 2017
@andrewkroh
Add support TLS renegotiation (elastic#5353)
5b4371c 
This PR adds support for enabling TLS renegotiation. The setting is `ssl.renegotiation` and the options are `never` (default), `once`, and `freely`. This exposes the three options from https://golang.org/pkg/crypto/tls/#RenegotiationSupport.

Fixes elastic#4386

(cherry picked from commit 28cee61)
@andrewkroh andrewkroh mentioned this issue Oct 9, 2017
Merged
@andrewkroh
Copy link
Member

We can patch 6.0 too. I'll have to remember to update the 6.0 branch after the GA release is made.

exekias pushed a commit that referenced this issue Oct 10, 2017
@andrewkroh @exekias
Add support TLS renegotiation (#5353) (#5360)
74a8e07 
This PR adds support for enabling TLS renegotiation. The setting is `ssl.renegotiation` and the options are `never` (default), `once`, and `freely`. This exposes the three options from https://golang.org/pkg/crypto/tls/#RenegotiationSupport.

Fixes #4386

(cherry picked from commit 28cee61)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement Heartbeat
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ruflin @andrewkroh @brandonmensing