On Tue, 2015-03-03 at 16:03 +0100, Nikos Mavrogiannopoulos wrote: > > I don't know whether you'd like to depend on gnutls for testing, but I > have a test of most ciphersuites [0] in common under various protocols > between openssl and gnutls. That currently doesn't cope with DTLS0.9 > (gnutls' name of DTLS_BAD_VER), but could easily extend to handle it.
I did think of it, but wasn't going to suggest that I use GnuTLS purely for testing OpenSSL's DTLS1_BAD_VER support. But the script that you have to do systematic interop between OpenSSL and GnuTLS looks like it could be useful for *both* projects. If that's something that the OpenSSL team think could be added to pre-release testing, then adding the Cisco DTLS there would certainly be helpful. I'd then be less worried about *purely* fixing up DTLSv0_9_server_method() and testing that in the OpenSSL internal tests. -- dwmw2
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
