On 14 December 2013 13:38, Stephen Henson via RT <r...@openssl.org> wrote: > Hmm... that's a weird one. The debug info tells me it is a TLS v1.0 connection > and that it is attempting to use MD5 when calculating the handshake hash. It > caches handshake records in the function ssl3_digest_cached_records() using > pretty much the same logic that fails later on. That function wouldn't be > called if the handshake buffer was never initialised but it should be > initialised when the connection is accepted.
But the return code from EVP_DigestInit_ex is not checked? Could it be that the initialisation of the EVP_MD_CTX has failed for some reason and it just carries on regardless....thus causing the crash in the EVP_DigestFinal_ex call?? Matt ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org