Ok - thanks. I'll try and take a look tomorrow.
Matt
On 29/08/16 17:37, Julien Vermillard wrote:
> I patched s_server to send a fake OCSP content (4 bytes).
> I suppose the server will just push that to the client and the client
> should fail complaining it's not a correct OCSP response.
> But t
I patched s_server to send a fake OCSP content (4 bytes).
I suppose the server will just push that to the client and the client
should fail complaining it's not a correct OCSP response.
But the server crash with:
ssl/statem/statem_dtls.c:127: OpenSSL internal error: assertion failed:
s->init_num ==
It's a mix of C and Go, so it's really not minimal, but I'll try to modify
s_server to see if I can reproduce it.
--
Julien Vermillard
On Mon, Aug 29, 2016 at 6:13 PM, Matt Caswell wrote:
>
>
> On 29/08/16 17:08, Julien Vermillard wrote:
> > I have a DTLS 1.2 server based on last master (commit
On 29/08/16 17:08, Julien Vermillard wrote:
> I have a DTLS 1.2 server based on last master (commit
> d196305aa0de1fc38837c27cb1ea6e60af9dd98d)
> I try to add ocsp stapling support (based on code in s_server.c).
>
> Basicaly in my callback I set the OCSP response by:
>
>
> if (SSL_set_tls
I have a DTLS 1.2 server based on last master (commit
d196305aa0de1fc38837c27cb1ea6e60af9dd98d)
I try to add ocsp stapling support (based on code in s_server.c).
Basicaly in my callback I set the OCSP response by:
if (SSL_set_tlsext_status_ocsp_resp(s,dataPtr,respLen) == 0) {
return
On 29/08/16 14:27, lilulo wrote:
> Hi All,
>
> I need to use TLS on the top of our collection of low-level transport
> classes. It looks like the standard choice is to create a BIO Pair and
> to manage data transfer between transport layer and the TLS through it.
> This looks fine but actual imp
Hi All,
I need to use TLS on the top of our collection of low-level transport
classes. It looks like the standard choice is to create a BIO Pair and to
manage data transfer between transport layer and the TLS through it. This
looks fine but actual implementation of a socket's BIO in
openssl\crypto
Hello,
I'm running an application which runs an authentication session with a server.
The server provides some random data, and my application needs to sign it with
its private key, and send back the signature. The server which knows the public
key verifies the signature, and it good then the cl