On Fri, May 01, 2015 at 09:01:47PM +0100, Matt Caswell wrote: > > > On 01/05/15 20:09, faraz khan wrote: > > Matt, > > Thanks again! To be precise webrtc is using boringssl (Google's fork of > > openssl). From the commits it seems VERY recent but I'm unable to figure > > out the last openssl merge-in. You think this could be the issue? Should > > I try both with boringSSL (its kinda hard to compile webrtc with openSSL > > now since after the move to boringSSL) > > Ahhh. BoringSSL. That means a slightly different list of potential > causes (they forked OpenSSL 1.0.2, and have continued to make changes > since then). I've just checked the latest dev version, and that means > possible causes: > > - digest check failed processing the Finished message > - CRL signature failure processing the client Certificate > - Overly short RSA key > - Bad RSA decrypt/signature processing the CertificateVerify > > To be honest I am more inclined to believe it is a problem on the client > side rather than the WebRTC side. The fact that it goes away after you > restart the client suggests to me that the client is getting itself into > a strange state. Perhaps some kind of memory corruption (either through > client application or openssl bug)? > > Anyway I'd suggest two things as next steps: > - Try and figure out how to get more logging out of WebRTC to find out > more specifically what it is complaining about > - Upgrade your OpenSSL version to 1.0.1m He could also try to use something like valgrind to see if memory gets corrupted, or use build it using address sanitizer. Kurt
