On Wed, Apr 22, 2020 at 10:21:52AM +0200, Christian Hesse wrote:
> > So, speaking to myself again :-) - I've looked at the advisory, and
> > it talks about "Server or client applications that call the 
> > SSL_check_chain() function".
> Are you sure that openvpn code does not call any openssl function that calls
> SSL_check_chain() then? Did not check, but I guess that's possible.

This is one of the OpenSSL intricacies I wouldn't know.

OTOH, I would expect the advisory then to be worded as "a TLS 1.3 
handshake might crash" not "... applications that call ... 
SSL_check_chain()", which sounds very specific to me.


"If was one thing all people took for granted, was conviction that if you 
 feed honest figures into a computer, honest figures come out. Never doubted 
 it myself till I met a computer with a sense of humor."
                             Robert A. Heinlein, The Moon is a Harsh Mistress

Gert Doering - Munich, Germany                             g...@greenie.muc.de

Attachment: signature.asc
Description: PGP signature

Openvpn-devel mailing list

Reply via email to