[openssl-dev] [openssl.org #3703] 1.0.2 regression with Cisco DTLS_BAD_VER

David Woodhouse dwmw2 at infradead.org
Wed Feb 18 17:17:50 UTC 2015


On Wed, 2015-02-18 at 18:09 +0100, Kurt Roeckx via RT wrote:
> 
> Anyway, I'm wondering about that assert.  Is this something a the
> other side could potentionally trigger, and so be a remote DoS?  I
> think you showed that you ran into it.  If that's the case
> wouldn't it be better to generate an error instead?

This is just a sanity check on our own output; it doesn't see incoming
packets.

-- 
David Woodhouse                            Open Source Technology Centre
David.Woodhouse at intel.com                              Intel Corporation
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5745 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150218/7a2b80ec/attachment.bin>


More information about the openssl-dev mailing list