Expand comment that details why two DTLS tests currently fail. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2021-06-19 15:52:41 +0000
committer	jsing <>	2021-06-19 15:52:41 +0000
commit	32dc5b1907004e6c78b993afed1d6a26d33c6165 (patch)
tree	551cbd62a43f4110584997c46543184cae767689 /src/lib/libssl/ssl_locl.h
parent	941752ee1ae5c1480dafbffcbd9c927d1a91c077 (diff)
download	openbsd-32dc5b1907004e6c78b993afed1d6a26d33c6165.tar.gz openbsd-32dc5b1907004e6c78b993afed1d6a26d33c6165.tar.bz2 openbsd-32dc5b1907004e6c78b993afed1d6a26d33c6165.zip

Expand comment that details why two DTLS tests currently fail.

Two tests currently fail (and are disabled) due to a flaw in the DTLSv1.0 specification - this flaw was addressed in DTLSv1.2, however our DTLS server code still needs to support the fix. Quoting RFC 6347 section 4.2.4: "This requirement applies to DTLS 1.0 as well, and though not explicit in [DTLS1], it was always required for the state machine to function correctly." In otherwords, both the original DTLS implementation and the DTLSv1.0 specification have a broken state machine, resulting in possible dead lock.

Diffstat (limited to 'src/lib/libssl/ssl_locl.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: