[openssl-dev] FW: 1.1 master fails mac-then-encrypt test
Blumenthal, Uri - 0553 - MITLL
uri at ll.mit.edu
Wed Nov 30 22:46:21 UTC 2016
I confirm that this fix (currently in the master) resolves the issue.
Thanks!
—
Regards,
Uri
On 11/29/16, 4:53 AM, "openssl-dev on behalf of Matt Caswell" <openssl-dev-bounces at openssl.org on behalf of matt at openssl.org> wrote:
On 28/11/16 23:00, Blumenthal, Uri - 0553 - MITLL wrote:
> > The problem is in the test. Version negotiation happens before cipher
> > selection. The test creates a connection which negotiates TLSv1.3. It
> > then attempts to select a cipher. However no TLSv1.3 ciphers are offered
> > by the test so the connection aborts. In truth the test is all about
> > mac-then-encrypt which doesn't apply to TLSv1.3 anyway, so the test
> > should just disable negotiation of that protocol version.
>
> Thanks for explaining!
>
> Would you be able to push a fix for this test?
Fix is in github:
https://github.com/openssl/openssl/pull/2013
Matt
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5211 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20161130/f0661e56/attachment-0001.bin>
More information about the openssl-dev
mailing list