You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
2019-08-28 13:01:05: @trengginascreated the issue on trac ticket 2221
Before closing a connection, close notify alert must be sent to avoid truncation attack as stated in rfc5246:
7.2.1. Closure Alerts
The client and the server must share knowledge that the connection is
ending in order to avoid a truncation attack. Either party may
initiate the exchange of closing messages.
Currently, the close notify alert is not sent before the connection is closed.
Thanks to Peter Koletzki for the report.
2019-08-28 13:02:55: @trengginaschanged status from new to closed
2019-08-28 13:01:05: @trengginas created the issue on trac ticket 2221
Before closing a connection, close notify alert must be sent to avoid truncation attack as stated in rfc5246:
Currently, the close notify alert is not sent before the connection is closed.
Thanks to Peter Koletzki for the report.
2019-08-28 13:02:55: @trengginas changed status from new to closed
2019-08-28 13:02:55: @trengginas set owner to @trengginas
2019-08-28 13:02:55: @trengginas set resolution to fixed
2019-08-28 13:02:55: @trengginas commented
In r6054:
Fixed #2221: When using Openssl as TLS backend, close notify alert is not sent before closing the connection.
The text was updated successfully, but these errors were encountered: