On 22 Jul 2014, at 23:32, Brian Hassink via RT <r...@openssl.org> wrote:
> OpenSSL: 1.0.1e > > OS: Red Hat Enterprise Linux Server release 6.5 > (Santiago) > > > > Hello, > > > > We recently did some negative testing against OpenSSL 1.0.1e, with a focus on > DTLS, and observed that the library, running on the peer, could be made to > abort by simply disconnecting during the handshake process. > > > > The abort is due to a getsockopt() or setsockopt() call failing from within > dgram_sctp_read() because the socket descriptor has been rendered invalid by > the disconnect. Did you test DTLS/UDP or DTLS/SCTP? Do you really mean dgram_sctp_read()? Best regards Michael > > > > We ran the same scenario against TLS, but it is not affected. > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List openssl-dev@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
