[openssl.org #4060] AutoReply: a crash happened inside SSL_Connect function

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Sep 29, 2015 at 01:56:06PM +0000, Tiantian Liu via RT wrote:

> Hi Matt & Vi
> 
> I tried the SSLv23_method(), and precluded/excluded all SSLv2, SSLv3, TLSv1. I only enabled the TLSv1.2 by SSL_CTX_set_option().
> You can see my previous code:  

Why are you disabling TLSv1, there's little reason to do that at
present.  If the server supports TLS 1.2 you'll use that, otherwise
you'll at least get TLS 1.0

> /*Only allow TLSv1.2 protocol*/
> SSL_CTX_set_options(ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1);

I would not disable TLSv1 at this time, just SSLv2 and SSLv3.


> While the above code didn't work. I couldn't reach the server. Though the SSL_connect() didn't crash, it returned as:
> 
> 17:49:12.939 [5499]- SSL_connect res : -1

And did you print the error stack?  Look at a PCAP trace with
wireshark?  Connect to the server with "openssl s_client" and
examine the negotiated protocol parameters?

> I will continue to investigate, and keep updating the ticket. I
> will adopt your idea to see if I can obtain more information during
> crash.

This thread does not belong on openssl-dev, cross-posting and
redirecting to openssl-users.

-- 
	Viktor.


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux