On 20/04/17 14:19, Martin Brejcha wrote: > > > Matt Caswell wrote on 04/20/2017 01:29 PM: >> >> >> On 20/04/17 12:26, mahesh gs wrote: >>> Hi Matt, >>> >>> Yes I raised github case for the same issue. I also tried running this >>> call flow with the latest SNAPSHOT code (openssl-SNAP-20170419) and >>> handshake is successful with the latest SNAPSHOT code which is not an >>> official release. >>> >>> I checked the github repo history and observer that during commits on >>> (11 th Jan) as a part of "Move state machine knowledge out of the record >>> layer". "renegotiate" bit that is set to "2" in function >>> "tls_post_process_client_hello" has been removed. May be that is causing >>> the call flow to be successful in the latest SNAPSHOT release. >>> >>> I am assuming commits that are done on 11th Jan or later are not part of >>> release openssl 01.01.00e >> >> Ah. No. That commit is in the dev branch only (scheduled for version >> 1.1.1) and won't be backported to the 1.1.0 branch. I can see why that >> commit might help things, but probably a different solution is more >> appropriate for 1.1.0. >> >> I'm looking at this issue at the moment. >> >> Matt >> > > hi, > > btw: I've tested similar scenario and handshake works fine. > test env: client and server on different VMs (rhel7.2, openssl 1.1.0e, non-blocking sockets and segmented certificate) > So, it should work also with 1.1.0e version. Thanks. Did your handshake include client auth? I think this issue only arises in that case. Matt
Attachment:
signature.asc
Description: OpenPGP digital signature
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
