[riot-notifications] [RIOT-OS/RIOT] pkg/tinydtls: handling of close_notify (#16422)

János Brodbeck notifications at github.com
Mon Jul 5 23:52:44 CEST 2021


@janosbrodbeck commented on this pull request.



> + * @note For tinyDTLS this function destroys the session object right after notifying the remote
+ *       peer about the closing. This is an interim solution, preventing endlessly blocked session
+ *       slots, but allows as a consequence truncation attacks.

Good idea! Squashed it right away.
I also watch the upstream changes to look out for fixes. A solution on tinyDTLS side would be the best of course. Just have to be careful later when supporting further DTLS stacks that they behave similarly.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/RIOT-OS/RIOT/pull/16422#discussion_r664136910
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riot-os.org/pipermail/notifications/attachments/20210705/6b692d19/attachment.htm>


More information about the notifications mailing list