Greetings,
The Tor project has uncovered an issue with the new support for TLS 1.1
and 1.2 in OpenSSL 1.0.1. It is reproducible with the s_client utility.
There does not appear to be any obvious security impact, but it does
represent a failure to interoperate.
The bug relates to the
Hi
Formal bug description:
OpenSSL version: all versions with DTLS support.
OS name: FreeBSD 7.x, 8.x, 9.x
Compiler: any
Application: any DTLS application
Problem description: The DTLS packets do not have Don't fragment IP flag set
(DF bit). According to DTLS specs, it must always be set. In
[ma...@extendedsubset.com - Mon Jun 04 00:23:30 2012]:
Greetings,
The Tor project has uncovered an issue with the new support for TLS
1.1
and 1.2 in OpenSSL 1.0.1. It is reproducible with the s_client
utility.
There does not appear to be any obvious security impact, but it does