Provide a test for the Encrypt-Then-Mac renegotiation crash (9c5a691d) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Commit 9c5a691d authored Feb 03, 2017 by

Matt Caswell

Provide a test for the Encrypt-Then-Mac renegotiation crash



Changing the ciphersuite during a renegotiation can result in a crash
leading to a DoS attack. ETM has not been implemented in 1.1.0 for DTLS
so this is TLS only.

This commit provides a test for the issue.

CVE-2017-3733

Reviewed-by: Richard Levitte <levitte@openssl.org>

parent 3bdc1dc8

Hide whitespace changes

Inline Side-by-side

Please register or to comment