nnrpd rate limits and ssl

Jeffrey M. Vinocur jeff at litech.org
Mon Jun 4 13:29:37 UTC 2001


At present, if SSL support is compiled in, rate-limiting in nnrpd is
completely ignored.  Having this as a compile-time thing seems silly;
cleartext connections could still be limited regardless of whether there's
SSL support.

I'm still curious why the above decision was made, though.  Is it just
that the rate limits wouldn't be accurate because the encrypted datastream
is wider than the raw data?  (If so...it seems like that would still be
acceptable, with a warning in the manpage that it's the size of the
pre-SSL datastream that is limited.)


-- 
Jeffrey M. Vinocur
jeff at litech.org



More information about the inn-workers mailing list