CBC ciphers + TLS 1.0 protocol does not work in OpenSSL 1.0.2d

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello Jaya

We're going to need some more information. There isn't a generic problem
with CBC ciphers and TLS1.0 in 1.0.2d (it's working fine for me) - so
there is something specific about your environment that is causing the
issue. Comments inserted below.

On 04/12/15 06:53, Jayalakshmi bhat wrote:
> Hi All,
> 
>  
> 
> Recently we have ported OpenSSL 1.0.2d. Everything works perfect except
> the below explained issue.

Is your application a client or a server? Are both ends using OpenSSL
1.0.2d? If not, what is the other end using?


> When we enable only TLS 1.0 protocol and select CBC ciphers,

How exactly are you doing that? Which specific cipher are you seeing fail?


> Now my question is whatever I did is it correct?

That would not be a recommended solution

> Or Do need to replace
> complete s3_cbc.c with OpenSSL 1.0.1e?

No. You cannot just copy and paste stuff from 1.0.1 to 1.0.2.

Some other questions:

Are you able to provide a packet capture?
How did you build OpenSSL...i.e. what "Configure" options did you use?
What O/S is this on?

Matt


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux