> On Apr 26, 2017, at 3:39 AM, Matt Caswell <matt@xxxxxxxxxxx> wrote: > > I'd start by looking at the end-to-end pipe between the client SSL/TLS > stack and the server stack and validating that the records look sane and > unchanged at each step. Well before that, I'd try to find out what's different about the 1.0.2k handshake, by comparing the negotiated protocol, ciphersuite and extensions with those negotiated with the previous version used. It would be appropriate to post which version of OpenSSL was used previously. It is also important to make sure that the headers and dev libraries are from the same 1.0.2 release and that the run-time libraries are in fact also from 1.0.2 (same patch level or higher). -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
