On Thu Jan 15 17:21:35 2015, matt wrote:
> In response to your previous documentation question it is
> (unfortunately)
> undocumented. :-(
> The best I can offer you is the source code:
> int read_ahead; /* Read as many input bytes as possible * (for non-
> blocking
> reads) */
> With regards to yo
Matt,
Thank you for the support. This was lucrative and good response time!
Best regards,
Andrei
> On Jan 14, 2015, at 22:21, Eugen-Andrei Gavriloaie via RT
> wrote:
>
> Hi all,
>
> I believe I have found a bug which is only present in the latest versions
> (1.0.1k)
>
> I have created a si
Matt,
Thank you for the support. This was lucrative and good response time!
Best regards,
Andrei
> On Jan 14, 2015, at 22:21, Eugen-Andrei Gavriloaie via RT
> wrote:
>
> Hi all,
>
> I believe I have found a bug which is only present in the latest versions
> (1.0.1k)
>
> I have created a si
On Thu Jan 15 17:01:51 2015, shir...@gmail.com wrote:
> Hi all,
>
> Also, just for completeness, I want to point out I'm a fortunate case
> where I can actually touch the code and recompile it to fix the
> issue. I'm sure that other cases are not so fortunate. IMHO, when
> DTLS method is used, that
Hi all,
Also, just for completeness, I want to point out I'm a fortunate case where I
can actually touch the code and recompile it to fix the issue. I'm sure that
other cases are not so fortunate. IMHO, when DTLS method is used, that call
should be made by default in the internals of OpenSSL
B
Hi all,
Also, just for completeness, I want to point out I'm a fortunate case where I
can actually touch the code and recompile it to fix the issue. I'm sure that
other cases are not so fortunate. IMHO, when DTLS method is used, that call
should be made by default in the internals of OpenSSL
B
Hi,
Adding "SSL_CTX_set_read_ahead(pSslContext, 1);" fixed both the test app and
the real app I'm working on.
May I ask where should I read more about this function? I'm grateful that it
now works, but is kind of a tough thing to just swallow this info without
chewing on it a bit :)
Best rega
Hi,
Adding "SSL_CTX_set_read_ahead(pSslContext, 1);" fixed both the test app and
the real app I'm working on.
May I ask where should I read more about this function? I'm grateful that it
now works, but is kind of a tough thing to just swallow this info without
chewing on it a bit :)
Best rega
Please could you try making the following call:
SSL_CTX_set_read_ahead(ctx, 1);
Insert it immediately after these lines in your test code:
pSslContext = SSL_CTX_new(DTLSv1_server_method()); assert(pSslContext != NULL);
assert(SSL_CTX_use_certificate(pSslContext, pX509) == 1);
assert(SSL_CTX_use_P
The openssl s_server/s_client -dtls1 works
I now suspect a special edge case of dtls1_get_record function. That buffer I'm
feeding into OpenSSL is taken from Chrome WebRTC DTLS handshake, and as we saw,
is perfectly valid in older OpenSSL versions.
Still digging...
> On Jan 14, 2015, at 22:21,
The openssl s_server/s_client -dtls1 works
I now suspect a special edge case of dtls1_get_record function. That buffer I'm
feeding into OpenSSL is taken from Chrome WebRTC DTLS handshake, and as we saw,
is perfectly valid in older OpenSSL versions.
Still digging...
> On Jan 14, 2015, at 22:21,
Looks like dtls1_get_record is always returning -1
Still digging...
> On Jan 15, 2015, at 00:01, Eugen-Andrei Gavriloaie wrote:
>
>
>> On Jan 14, 2015, at 23:39, Viktor Dukhovni
>> wrote:
>>
>> On Wed, Jan 14, 2015 at 11:31:02PM +0200, Eugen-Andrei Gavriloaie wrote:
>>
>>> Dynamic:
>>> $
> On Jan 14, 2015, at 23:39, Viktor Dukhovni wrote:
>
> On Wed, Jan 14, 2015 at 11:31:02PM +0200, Eugen-Andrei Gavriloaie wrote:
>
>> Dynamic:
>> $ ls -Al /tmp/ssl/lib/
>> total 11336
>> drwxr-xr-x 14 shiretu wheel 476 Jan 14 23:27 engines
>> -r-xr-xr-x 1 shiretu wheel 1602352 Jan 14
> On Jan 14, 2015, at 23:39, Viktor Dukhovni wrote:
>
> On Wed, Jan 14, 2015 at 11:31:02PM +0200, Eugen-Andrei Gavriloaie wrote:
>
>> Dynamic:
>> $ ls -Al /tmp/ssl/lib/
>> total 11336
>> drwxr-xr-x 14 shiretu wheel 476 Jan 14 23:27 engines
>> -r-xr-xr-x 1 shiretu wheel 1602352 Jan 14
On Wed, Jan 14, 2015 at 11:31:02PM +0200, Eugen-Andrei Gavriloaie wrote:
> Dynamic:
> $ ls -Al /tmp/ssl/lib/
> total 11336
> drwxr-xr-x 14 shiretu wheel 476 Jan 14 23:27 engines
> -r-xr-xr-x 1 shiretu wheel 1602352 Jan 14 23:27 libcrypto.1.0.0.dylib
> -rw-r--r-- 1 shiretu wheel 3196
Dynamic:
$ ls -Al /tmp/ssl/lib/
total 11336
drwxr-xr-x 14 shiretu wheel 476 Jan 14 23:27 engines
-r-xr-xr-x 1 shiretu wheel 1602352 Jan 14 23:27 libcrypto.1.0.0.dylib
-rw-r--r-- 1 shiretu wheel 3196880 Jan 14 23:27 libcrypto.a
lrwxr-xr-x 1 shiretu wheel 21 Jan 14 23:27 libcr
On Wed, Jan 14, 2015 at 10:54:57PM +0200, Eugen-Andrei Gavriloaie wrote:
> On my Mac OS X Yosemite, manually compiled OpenSSL 1.0.1k and installed it
> into /tmp/ssl as a static lib (with shared lib behaves the same) Compiling:
>
> $ gcc dtls_bug.c -Wno-deprecated-declarations /tmp/ssl/lib/libssl
On Wed Jan 14 21:55:17 2015, shir...@gmail.com wrote:
> Hi Matt,
>
> Here are more explanations:
>
> On my Mac OS X Yosemite, the OS provided OpenSSL version
> $ openssl version
> OpenSSL 1.0.1j 15 Oct 2014
>
> Compiling the test
> $ gcc ~/Dropbox/Public/dtls_bug.c -Wno-deprecated-declarations -lss
And from an Ubuntu box (apparently, it runs 1.0.1f)
shiretu@ubuntu:/tmp$ gcc -std=c99 dtls_bug.c -lssl -lcrypto -o dtls_bug
shiretu@ubuntu:/tmp$ ./dtls_bug
dtls_bug: dtls_bug.c:110: main: Assertion `pSSLBuffer->length != 0' failed.
Aborted (core dumped)
shiretu@ubuntu:/tmp$ uname -a
Linux ubunt
And from an Ubuntu box (apparently, it runs 1.0.1f)
shiretu@ubuntu:/tmp$ gcc -std=c99 dtls_bug.c -lssl -lcrypto -o dtls_bug
shiretu@ubuntu:/tmp$ ./dtls_bug
dtls_bug: dtls_bug.c:110: main: Assertion `pSSLBuffer->length != 0' failed.
Aborted (core dumped)
shiretu@ubuntu:/tmp$ uname -a
Linux ubunt
Forgot to add the 1.0.1k version info:
$ /tmp/ssl/bin/openssl version
OpenSSL 1.0.1k 8 Jan 2015
> On Jan 14, 2015, at 22:54, Eugen-Andrei Gavriloaie wrote:
>
> Hi Matt,
>
> Here are more explanations:
>
> On my Mac OS X Yosemite, the OS provided OpenSSL version
> $ openssl version
> OpenSSL 1.
Forgot to add the 1.0.1k version info:
$ /tmp/ssl/bin/openssl version
OpenSSL 1.0.1k 8 Jan 2015
> On Jan 14, 2015, at 22:54, Eugen-Andrei Gavriloaie wrote:
>
> Hi Matt,
>
> Here are more explanations:
>
> On my Mac OS X Yosemite, the OS provided OpenSSL version
> $ openssl version
> OpenSSL 1.
Hi Matt,
Here are more explanations:
On my Mac OS X Yosemite, the OS provided OpenSSL version
$ openssl version
OpenSSL 1.0.1j 15 Oct 2014
Compiling the test
$ gcc ~/Dropbox/Public/dtls_bug.c -Wno-deprecated-declarations -lssl -lcrypto
-o /tmp/dtls_bug
Running the test
$ /tmp/dtls_bug
$
As
Hi Matt,
Here are more explanations:
On my Mac OS X Yosemite, the OS provided OpenSSL version
$ openssl version
OpenSSL 1.0.1j 15 Oct 2014
Compiling the test
$ gcc ~/Dropbox/Public/dtls_bug.c -Wno-deprecated-declarations -lssl -lcrypto
-o /tmp/dtls_bug
Running the test
$ /tmp/dtls_bug
$
As
On Wed Jan 14 21:21:46 2015, shir...@gmail.com wrote:
> Hi all,
>
> I believe I have found a bug which is only present in the latest
> versions (1.0.1k)
>
> I have created a simple C test which does the following things in this
> order:
>
> 1. initialize the SSL library
> 2. creates an X509 key and
Hi all,
I believe I have found a bug which is only present in the latest versions
(1.0.1k)
I have created a simple C test which does the following things in this order:
1. initialize the SSL library
2. creates an X509 key and cert
3. creates an DTLS server SSL context
4. Setup 2 memory BIO inst
26 matches
Mail list logo
