Matt Caswell wrote on 04/20/2017 03:23 PM: > > > On 20/04/17 14:19, Martin Brejcha wrote: >> >> >> Matt Caswell wrote on 04/20/2017 01:29 PM: >>> >>> >>> On 20/04/17 12:26, mahesh gs wrote: >>>> Hi Matt, >>>> >>>> Yes I raised github case for the same issue. I also tried running this >>>> call flow with the latest SNAPSHOT code (openssl-SNAP-20170419) and >>>> handshake is successful with the latest SNAPSHOT code which is not an >>>> official release. >>>> >>>> I checked the github repo history and observer that during commits on >>>> (11 th Jan) as a part of "Move state machine knowledge out of the record >>>> layer". "renegotiate" bit that is set to "2" in function >>>> "tls_post_process_client_hello" has been removed. May be that is causing >>>> the call flow to be successful in the latest SNAPSHOT release. >>>> >>>> I am assuming commits that are done on 11th Jan or later are not part of >>>> release openssl 01.01.00e >>> >>> Ah. No. That commit is in the dev branch only (scheduled for version >>> 1.1.1) and won't be backported to the 1.1.0 branch. I can see why that >>> commit might help things, but probably a different solution is more >>> appropriate for 1.1.0. >>> >>> I'm looking at this issue at the moment. >>> >>> Matt >>> >> >> hi, >> >> btw: I've tested similar scenario and handshake works fine. >> test env: client and server on different VMs (rhel7.2, openssl 1.1.0e, >> non-blocking sockets and segmented certificate) >> So, it should work also with 1.1.0e version. > > Thanks. Did your handshake include client auth? I think this issue only > arises in that case. > > Matt > >
yes, client auth with segmented certificate has been included. Martin > >
0xB42AB632.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
