OpenSSL: 1.0.1e OS: Red Hat Enterprise Linux Server release 6.5 (Santiago)
Hello, We recently did some negative testing against OpenSSL 1.0.1e, with a focus on DTLS, and observed that the library, running on the peer, could be made to abort by simply disconnecting during the handshake process. The abort is due to a getsockopt() or setsockopt() call failing from within dgram_sctp_read() because the socket descriptor has been rendered invalid by the disconnect. We ran the same scenario against TLS, but it is not affected. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
