Re: Query regarding DTLS handshake

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




Matt Caswell wrote on 04/20/2017 03:23 PM:
> 
> 
> On 20/04/17 14:19, Martin Brejcha wrote:
>>
>>
>> Matt Caswell wrote on 04/20/2017 01:29 PM:
>>>
>>>
>>> On 20/04/17 12:26, mahesh gs wrote:
>>>> Hi Matt,
>>>>
>>>> Yes I raised github case for the same issue. I also tried running this
>>>> call flow with the latest SNAPSHOT code (openssl-SNAP-20170419) and
>>>> handshake is successful with the latest SNAPSHOT code which is not an
>>>> official release.
>>>>
>>>> I checked the github repo history and observer that during commits on
>>>> (11 th Jan) as a part of "Move state machine knowledge out of the record
>>>> layer".  "renegotiate" bit that is set to "2" in function
>>>> "tls_post_process_client_hello" has been removed. May be that is causing
>>>> the call flow to be successful in the latest SNAPSHOT release.
>>>>
>>>> I am assuming commits that are done on 11th Jan or later are not part of
>>>> release openssl 01.01.00e
>>>
>>> Ah. No. That commit is in the dev branch only (scheduled for version
>>> 1.1.1) and won't be backported to the 1.1.0 branch. I can see why that
>>> commit might help things, but probably a different solution is more
>>> appropriate for 1.1.0.
>>>
>>> I'm looking at this issue at the moment.
>>>
>>> Matt
>>>
>>
>> hi,
>>
>> btw: I've tested similar scenario and handshake works fine.
>> test env: client and server on different VMs (rhel7.2, openssl 1.1.0e, non-blocking sockets and segmented certificate)
>> So, it should work also with 1.1.0e version.
> 
> Thanks. Did your handshake include client auth? I think this issue only
> arises in that case.
> 
> Matt
> 
> 

yes, client auth with segmented certificate has been included.

Martin



> 
> 

Attachment: 0xB42AB632.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux