Skip to content
Commit cc22cd54 authored by Matt Caswell's avatar Matt Caswell
Browse files

Provide a test for the Encrypt-Then-Mac renegotiation crash



In 1.1.0 changing the ciphersuite during a renegotiation can result in
a crash leading to a DoS attack. In master this does not occur with TLS
(instead you get an internal error, which is still wrong but not a security
issue) - but the problem still exists in the DTLS code.

This commit provides a test for the issue.

CVE-2017-3733

Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
parent 7b3a4d61
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment