On 18 Aug 2014, at 16:31, Brian Hassink <[email protected]> wrote:
> Yes, this was observed for DTLS/SCTP. OK. The problem is an incorrect usage of OPENSSL_assert()... Let me see if I can come-up with a patch... Best regards Michael > > -Brian > > -----Original Message----- > From: Michael Tüxen via RT [mailto:[email protected]] > Sent: Thursday, August 14, 2014 6:17 PM > To: Brian Hassink > Cc: [email protected] > Subject: Re: [openssl.org #3470] [BUG] DTLS abort > > > On 22 Jul 2014, at 23:32, Brian Hassink via RT <[email protected]> wrote: > >> OpenSSL: 1.0.1e >> >> OS: Red Hat Enterprise Linux Server release 6.5 >> (Santiago) >> >> >> >> Hello, >> >> >> >> We recently did some negative testing against OpenSSL 1.0.1e, with a focus >> on DTLS, and observed that the library, running on the peer, could be made >> to abort by simply disconnecting during the handshake process. >> >> >> >> The abort is due to a getsockopt() or setsockopt() call failing from within >> dgram_sctp_read() because the socket descriptor has been rendered invalid by >> the disconnect. > Did you test DTLS/UDP or DTLS/SCTP? Do you really mean dgram_sctp_read()? > > Best regards > Michael >> >> >> >> We ran the same scenario against TLS, but it is not affected. >> >> >> >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> Development Mailing List [email protected] >> Automated List Manager [email protected] >> > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List [email protected] > Automated List Manager [email protected] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
