On Sep 17, 2012, at 3:25 PM, Fredrik Jansson wrote:
Hi!
I have found a crash in the DTLS code (OpenSSL 1.0.1c), unfortunately I don't
have a way of reproducing it. This has happened to one client (of many) in a
production environment, so it's not a common problem.
The code that
On Apr 22, 2013, at 7:11 PM, Tamer Refaei wrote:
I guess my confusion was that I expected heartbeats to be
automatically/frequently sent by DTLS but it seems they have to be
triggered by your application by an SSL_heartbeat function call. Am I
right?
Correct.
Best regards
Michael
On Fri,
On 08 Apr 2014, at 19:19, mclellan, dave dave.mclel...@emc.com wrote:
Hi all. There are two mitigations possible for the recently discovered
Heartbleed attack.
Ø Upgrade to 1.0.1g, released yesterday with a fix
Ø Recompile a vulnerable release with –DOPENSSL_NO_HEARTBEATS
Suppose
On Jul 24, 2011, at 12:40 AM, com...@gmx.ch wrote:
Hi,
I got some code which uses nonblocking dtls via self fed bios.
If a unknown session comes up, I create a new session, feed/drain the
sessions bios from/to the wire until SSL_accept returns success.
Now, I added DTLS cookies.
I
On Oct 19, 2011, at 11:45 PM, Oleg Moskalenko wrote:
Hi
I installed the new OpenSSL version and I immediately ran into a problem with
DTLS: when the option SSL_OP_NO_QUERY_MTU is set, then the SSL_connect
command produces a segmentation fault.
Have you tried the first bug fix available
On Jan 3, 2012, at 11:17 AM, Fredrik Jansson wrote:
Hi all,
I am having some trouble with DTLS.
I can easily get into a situation where my server is restarted (or the
client's SSL object is removed for other reasons) and the client may not know.
Now when the client sends data to the
On Mar 15, 2012, at 7:39 PM, Erwin Himawan wrote:
Hi Folks,
Can anybody shed some light where to adjust DTLS flight timer?
I think they are hardcoded. An initial value of 1 second and doubling
on timeout as specified in
http://tools.ietf.org/html/rfc6347#section-4.2.4.1
Best regards
Michael
On Jun 3, 2012, at 7:56 PM, Oleg Moskalenko wrote:
Hi
I am using the OpenSSL library with FreeBSD, primarily the DTLS
functionality. Unfortunately, what I discovered, is that the DTLS networking
requirements are implemented for Linux only in OpenSSL code. That code is
protected by
Dear opensslers,
has someone compiled openssl compiled on MacOS X DR 4?
Best regards
Michael
--
e-mail: [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
On 12 Apr 2014, at 17:43, Matthias Apitz g...@unixarea.de wrote:
El dÃa Wednesday, April 09, 2014 a las 01:05:22AM -0700, monloi perez
escribió:
True. Thanks for the quick reply.
On Wednesday, April 9, 2014 3:33 PM, Alan Buxey a.l.m.bu...@lboro.ac.uk
wrote:
On 12 Apr 2014, at 21:30, Matthias Apitz g...@unixarea.de wrote:
El día Saturday, April 12, 2014 a las 09:08:15PM +0200, Michael Tuexen
escribió:
What is the exact bug, can someone show a svn/git diff of the first
source version having the bug?
http://git.openssl.org/gitweb/?p=openssl.git
On 12 Apr 2014, at 21:43, Michael Smith m...@smithbowen.net wrote:
On Apr 12, 2014, at 3:08 PM, Michael Tuexen
michael.tue...@lurchi.franken.de wrote:
I have read the rumor. It is wrong.
Introduced with intent vs. known to the NSA -- two
different things, right?
My statement
On 14 Apr 2014, at 08:33, Me ugobejishv...@gmail.com wrote:
possible vulnerable file: openssl-1.0.1g/ssl/d1_clnt.c
Line: 155 unsigned char sctpauthkey[64];
fixed sized arrays can be overflowed. To fix the problem, use functions that
limit length, or ensure that the size is larger than the
On 31 Aug 2014, at 14:34, Iñaki Baz Castillo i...@aliax.net wrote:
It is sad to know that this question will never be replied by the
OpenSSL developers. May I know what I should do? I am not sure whether
this is a bug or not, should I report it as a bug? If so, how? The
OpenSSL homepage
> This is the lksctp-tools package for Linux Kernel SCTP (Stream Control
> Transmission Protocol) Reference Implementation.
>
>
>
> Thanks,
> Mahesh G S
>
> On Wed, Feb 22, 2017 at 8:33 PM, Michael Tuexen
> <michael.tue...@lurchi.franken.de> wrote:
> > On 2
./dtls_sctp_echo -L 16.181.38.161 -p 4443
>
> Command used on client side : ./dtls_sctp_echo -L 16.181.38.161 -p 4443 -l 50
> -n 5 16.181.38.161
>
> Thanks in advance for your valuable input
I've CCed Irene, who did some testing recently on FreeBSD, where the
implementation works.
The
> On 13. Apr 2017, at 19:26, Martin Brejcha wrote:
>
>
>
> Matt Caswell wrote on 04/13/2017 03:45 PM:
>>
>>
>> On 13/04/17 10:11, mahesh gs wrote:
>>> Hi,
>>>
>>> We are running SCTP connections with DTLS enabled in our application. We
>>> have adapted openssl
> On 13. Apr 2017, at 11:11, mahesh gs wrote:
>
> Hi,
>
> We are running SCTP connections with DTLS enabled in our application. We have
> adapted openssl version (openssl-1.1.0e) to achieve the same.
>
> We have generated the self signed root and node certificates for
> On 1 Mar 2017, at 06:34, Sanjaya Joshi wrote:
>
> Hi,
> Thank you Salz Rich for the confirmation.
> So, whether application can perform manual TLS handshakes when SOCK_SEQPACKET
> is used ?
I this the SOCK_SEQPACKET model doesn't fit well to the way the openssl code
> On 13. Apr 2017, at 11:11, mahesh gs wrote:
>
> Hi,
>
> We are running SCTP connections with DTLS enabled in our application. We have
> adapted openssl version (openssl-1.1.0e) to achieve the same.
>
> We have generated the self signed root and node certificates for
> On 2. May 2017, at 08:03, mahesh gs <mahesh...@gmail.com> wrote:
>
>
>
> On Sun, Apr 30, 2017 at 11:11 PM, Michael Tuexen
> <michael.tue...@lurchi.franken.de> wrote:
> > On 20. Apr 2017, at 20:01, mahesh gs <mahesh...@gmail.com> wrote:
> &g
> On 20. Apr 2017, at 20:01, mahesh gs wrote:
>
> Hi,
>
> This issue occur purely based on the time (sequence of events) at which SSL
> read_state_machine enter the post processing of certificate verify which is
> received from client.
>
> Handshake works fine if the
> On 28. Sep 2017, at 20:36, mahesh gs wrote:
>
> Hi,
>
> We have an application which has SCTP connections we have secured the SCTP
> connections using the openssl DTLS. DTLS is working as expected other than
> the SCTP events.
>
> We use the API "BIO_new_dgram_sctp"
> On 21. Apr 2020, at 23:49, Matt Caswell wrote:
>
>
>
> On 21/04/2020 18:34, Claus Assmann wrote:
>> Thanks for the reply, below is the output, It seems it only fails
>> because the host doesn't support IPv6?
>
> Yes - it does seem to be an IPv6 problem. I don't recall any recent
> changes
> On 22. Apr 2020, at 10:38, Matt Caswell wrote:
>
>
>
> On 21/04/2020 23:45, Michael Tuexen wrote:
>>> Looks like the failing call is here:
>>>
>>> if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY,
>>> (const void *
25 matches
Mail list logo