On Friday 11 September 2015 15:34:15 Matt Caswell wrote: > I've just opened a github pull request to show recent work I have been > doing on rewriting the OpenSSL state machine (for version 1.1.0). > See: https://github.com/openssl/openssl/pull/394 > > My objectives for the rewrite were: > - Separate message flow state from handshake state (in order to better > understand each)
Unfortunately, it doesn't look like the rewrite fixed https://rt.openssl.org/Ticket/Display.html?id=3712&user=guest&pass=guest I can still reproduce the issue: openssl req -x509 -newkey rsa -keyout localhost.key -out localhost.crt\ -nodes -batch ~/dev/openssl/apps/openssl s_server -key localhost.key -cert\ localhost.crt pip install --pre tlslite-ng git clone https://github.com/tomato42/tlsfuzzer.git cd tlsfuzzer PYTHONPATH=. python scripts/test-openssl-3712.py The client reports Broken pipe While the server reports: 140584857466520:error:140940F5:SSL routines:ssl3_read_bytes:unexpected record:record/rec_layer_s3.c:1458: -- Regards, Hubert Kario Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
