Re: Query regarding DTLS handshake

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 20/04/17 14:19, Martin Brejcha wrote:
> 
> 
> Matt Caswell wrote on 04/20/2017 01:29 PM:
>>
>>
>> On 20/04/17 12:26, mahesh gs wrote:
>>> Hi Matt,
>>>
>>> Yes I raised github case for the same issue. I also tried running this
>>> call flow with the latest SNAPSHOT code (openssl-SNAP-20170419) and
>>> handshake is successful with the latest SNAPSHOT code which is not an
>>> official release.
>>>
>>> I checked the github repo history and observer that during commits on
>>> (11 th Jan) as a part of "Move state machine knowledge out of the record
>>> layer".  "renegotiate" bit that is set to "2" in function
>>> "tls_post_process_client_hello" has been removed. May be that is causing
>>> the call flow to be successful in the latest SNAPSHOT release.
>>>
>>> I am assuming commits that are done on 11th Jan or later are not part of
>>> release openssl 01.01.00e
>>
>> Ah. No. That commit is in the dev branch only (scheduled for version
>> 1.1.1) and won't be backported to the 1.1.0 branch. I can see why that
>> commit might help things, but probably a different solution is more
>> appropriate for 1.1.0.
>>
>> I'm looking at this issue at the moment.
>>
>> Matt
>>
> 
> hi,
> 
> btw: I've tested similar scenario and handshake works fine.
> test env: client and server on different VMs (rhel7.2, openssl 1.1.0e, non-blocking sockets and segmented certificate)
> So, it should work also with 1.1.0e version.

Thanks. Did your handshake include client auth? I think this issue only
arises in that case.

Matt


Attachment: signature.asc
Description: OpenPGP digital signature

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux