summaryrefslogtreecommitdiff
path: root/usr.bin/ssh
diff options
context:
space:
mode:
authorJoel Sing <jsing@cvs.openbsd.org>2021-07-21 07:51:13 +0000
committerJoel Sing <jsing@cvs.openbsd.org>2021-07-21 07:51:13 +0000
commit571df4b33336cbaeae11fac663f95f145f31b48e (patch)
treefc2ddc11226e7ab478bef9328410ab2649bcbaa8 /usr.bin/ssh
parent17e91064c9228d1b955c0e8d789668165f9736d3 (diff)
Silently discard invalid DTLS records.
Per RFC 6347 section 4.1.2.1, DTLS should silently discard invalid records, including those that have a bad MAC. When converting to the new record layer, we inadvertantly switched to standard TLS behaviour, where an invalid record is fatal. This restores the previous behaviour. Issue noted by inoguchi@ ok inoguchi@
Diffstat (limited to 'usr.bin/ssh')
0 files changed, 0 insertions, 0 deletions