You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If you discover a potential security issue in s2n we ask that you notify
AWS Security via our vulnerability reporting page. Please do not create a public github issue.
Problem:
When the PR #3747 is merged it will change how the state machine is set. Instead of relying on the conn->actual_protocol_version, now we're relying on a new variable, conn->handshake.state_machine. We have written a lot of tests that set the actual_protocol_version and now the worry is that we might make an assumption that we're testing the TLS13 state machine when we're not.
Solution:
Everywhere in the tests that we set the actual_protocol_version, we should also call s2n_conn_choose_state_machine().
The text was updated successfully, but these errors were encountered:
Security issue notifications
If you discover a potential security issue in s2n we ask that you notify
AWS Security via our vulnerability reporting page. Please do not create a public github issue.
Problem:
When the PR #3747 is merged it will change how the state machine is set. Instead of relying on the conn->actual_protocol_version, now we're relying on a new variable, conn->handshake.state_machine. We have written a lot of tests that set the actual_protocol_version and now the worry is that we might make an assumption that we're testing the TLS13 state machine when we're not.
Solution:
Everywhere in the tests that we set the actual_protocol_version, we should also call s2n_conn_choose_state_machine().
The text was updated successfully, but these errors were encountered: