Re: DTLS aborts

2014-07-22 Thread Matt Caswell
On 22/07/14 22:21, Salz, Rich wrote: >> My guess (and its purely speculation) is the report is being held because of >> security considerations. > > I don't believe so; there's no filter on email sent to rt. Interestingly, > there are a few bugs created a day ago, and then a few created four d

RE: DTLS aborts

2014-07-22 Thread Brian Hassink
Just got a reply on the RT about 10 minutes ago :) Looks like things are just slow. -Brian -Original Message- From: Salz, Rich [mailto:rs...@akamai.com] Sent: Tuesday, July 22, 2014 5:22 PM To: openssl-users@openssl.org Subject: RE: DTLS aborts > My guess (and its purely speculat

RE: DTLS aborts

2014-07-22 Thread Salz, Rich
> My guess (and its purely speculation) is the report is being held because of > security considerations. I don't believe so; there's no filter on email sent to rt. Interestingly, there are a few bugs created a day ago, and then a few created four days ago. Looks like mail got lost or is in-tra

Re: DTLS aborts

2014-07-22 Thread Jeffrey Walton
>> However, the devs actively monitor the queue. See >> https://www.openssl.org/about/roadmap.html and >> https://groups.google.com/forum/#!msg/mailing.openssl.users/mDrMrd3zOuQ/BRS_VLZB_mYJ. > > That's only useful if a new report finds its way onto the queue. > Lack of email suggests that this one

RE: DTLS aborts

2014-07-22 Thread Jeremy Farrell
> From: Jeffrey Walton [mailto:noloa...@gmail.com] > Sent: Tuesday, July 22, 2014 3:03 PM > > On Tue, Jul 22, 2014 at 9:42 AM, Brian Hassink > wrote: > > ... > > I sent an email to r...@openssl.org yesterday, shortly after > > receiving the reply below, but received nothing in return > > and did

Re: DTLS aborts

2014-07-22 Thread Jeffrey Walton
On Tue, Jul 22, 2014 at 9:42 AM, Brian Hassink wrote: > ... > I sent an email to r...@openssl.org yesterday, shortly after receiving the > reply below, but received nothing in return and did not see a forward on > openssl-...@openssl.org. I'm not sure if the bug report is forwarded to the devs. Ho

RE: DTLS aborts

2014-07-22 Thread Brian Hassink
inal Message- From: Salz, Rich [mailto:rs...@akamai.com] Sent: Monday, July 21, 2014 2:44 PM To: openssl-users@openssl.org Subject: RE: DTLS aborts > Is the development team aware of this? Should we open an RT? Please open an RT. -- Principal Security Engineer Akamai Techn

RE: DTLS aborts

2014-07-21 Thread Salz, Rich
> Is the development team aware of this?  Should we open an RT? Please open an RT. -- Principal Security Engineer Akamai Technologies, Cambridge, MA IM: rs...@jabber.me; Twitter: RichSalz __ OpenSSL Project

DTLS aborts

2014-07-21 Thread Brian Hassink
Hello all, We recently did some negative testing against OpenSSL 1.0.1e, with a focus on DTLS, and observed that the library, running on the peer, could be made to abort by simply disconnecting during the handshake process. The abort is due to a getsockopt() or setsockopt() call failing f