Re: Upgrading to 1.1.1

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

In message <memo.20171116175923.5976A@xxxxxxxxxxxxxxxxxxxxxxxx> on Thu, 16 Nov 2017 17:59 +0000 (GMT Standard Time), "Angus Robertson - Magenta Systems Ltd" <angus@xxxxxxxxxxxx> said:

angus> I'm updating our Delphi SSL code to support 1.1.1 in addition to 1.0.2
angus> and 1.1.0, common code with a few version checks. This is using Windows
angus> 10.  
angus> 
angus> With 1.1.1, SSL connections fail to initialise, failing with the first
angus> BIO_read after setting up the context and BIOs. There is no real error
angus> (I can see), read just fails and BIO_should_retry says no with a zero
angus> reason.   
angus> 
angus> We are using SSL filter I/O with a BIO pair, we handle all I/O using
angus> non-blocking Windows APIs.  
angus> 
angus> There was no particular issue updating to 1.1.0, apart from new context
angus> stuff, but 1.1.1 seems to have changed something to make our code fail.
angus> I can not see anything in the TLS/1.3 notes that relates to simple SSL
angus> initialisation.  
angus> 
angus> The main APIs called are, in order: 
angus> 
angus> SSL_new(myContext) 
angus> BIO_new(BIO_f_ssl)
angus> BIO_new_bio_pair
angus> SSL_set_ex_data
angus> SSL_set_session
angus> SSL_set_tlsext_host_name
angus> SSL_set_connect_state
angus> SSL_set_bio
angus> SSL_set_info_callback
angus> SSL_set_msg_callback
angus> BIO_set_ssl
angus> BIO_read - 0 bytes
angus> 
angus> which is where it dies, after a SSL_CB_HANDSHAKE_START info message and
angus> a 512 byte write client hello. 
angus> 
angus> The openssl.exe built with 1.1.1 seems to work OK making a client
angus> connection, but uses different BIO I/O.
angus> 
angus> Is some new initialisation required for 1.1.1?  

Doesn't one of the test programs in test/ do something similar?
Another option is if you could craft a simple program that
demonstrates the issue, that would certainly help.

Lastly, unless you get a quick answer here, this might be worth making
a github issue here: https://github.com/openssl/openssl/issues

Cheers,
Richard

-- 
Richard Levitte         levitte@xxxxxxxxxxx
OpenSSL Project         http://www.openssl.org/~levitte/
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux