CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2021/06/19 09:52:41
Modified files:
regress/lib/libssl/dtls: dtlstest.c
Log message:
Expand comment that details why two DTLS tests currently fail.
Two tests currently fail (and are disabled) due to a flaw in the DTLSv1.0
specification - this flaw was addressed in DTLSv1.2, however our DTLS
server code still needs to support the fix.
Quoting RFC 6347 section 4.2.4:
"This requirement applies to DTLS 1.0 as well, and though not explicit in
[DTLS1], it was always required for the state machine to function
correctly."
In otherwords, both the original DTLS implementation and the DTLSv1.0
specification have a broken state machine, resulting in possible dead lock.
