ssl/d1_pkt.c:680 it assumes p is set.
however, it is not always => hello, segmentation fault. To be more precise, for server (s->d1->listen is true) SSL3_RT_HANDSHAKE replays can cause a boom. (LibreSSL’s latest version is also vulnerable, line number 590) Cheers, -Markus
