projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7b3a4d6) | patch
Provide a test for the Encrypt-Then-Mac renegotiation crash
authorMatt Caswell <matt@openssl.org>
Fri, 3 Feb 2017 11:21:07 +0000 (11:21 +0000)
committerMatt Caswell <matt@openssl.org>
Thu, 16 Feb 2017 09:35:56 +0000 (09:35 +0000)
commitcc22cd546bd0b0e1b55c1835403ab564d5f30581
tree3cf928045ffeb0b8b5638286a6f414681d54cccetree | snapshot
parent7b3a4d610731929d4fde15411f9be9b883974980commit | diff
Provide a test for the Encrypt-Then-Mac renegotiation crash

In 1.1.0 changing the ciphersuite during a renegotiation can result in
a crash leading to a DoS attack. In master this does not occur with TLS
(instead you get an internal error, which is still wrong but not a security
issue) - but the problem still exists in the DTLS code.

This commit provides a test for the issue.

CVE-2017-3733

Reviewed-by: Richard Levitte <levitte@openssl.org>
test/handshake_helper.c diff | blob | history
test/ssl-tests/17-renegotiate.conf diff | blob | history
test/ssl-tests/17-renegotiate.conf.in diff | blob | history
test/ssl-tests/18-dtls-renegotiate.conf diff | blob | history
test/ssl-tests/18-dtls-renegotiate.conf.in diff | blob | history
test/ssl_test_ctx.c diff | blob | history
test/ssl_test_ctx.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.