[openssl-dev] FW: 1.1 master fails mac-then-encrypt test
Matt Caswell
matt at openssl.org
Tue Nov 29 09:53:27 UTC 2016
On 28/11/16 23:00, Blumenthal, Uri - 0553 - MITLL wrote:
> > The problem is in the test. Version negotiation happens before cipher
> > selection. The test creates a connection which negotiates TLSv1.3. It
> > then attempts to select a cipher. However no TLSv1.3 ciphers are offered
> > by the test so the connection aborts. In truth the test is all about
> > mac-then-encrypt which doesn't apply to TLSv1.3 anyway, so the test
> > should just disable negotiation of that protocol version.
>
> Thanks for explaining!
>
> Would you be able to push a fix for this test?
Fix is in github:
https://github.com/openssl/openssl/pull/2013
Matt
More information about the openssl-dev
mailing list