subject:"Re\: \[openssl\-users\] Setting an OCSP stapling response on a DTLS server result in crash"

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

2016-08-30 Thread Matt Caswell

On 30/08/16 15:26, Matt Caswell wrote: > > > On 29/08/16 17:37, Julien Vermillard wrote: >> I patched s_server to send a fake OCSP content (4 bytes). >> I suppose the server will just push that to the client and the client >> should fail complaining it's not a correct OCSP response. >> But the

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

2016-08-30 Thread Julien Vermillard

Awesome thanks :) I'll try it. Yes I have the feeling I'm the first user of stapling with DTLS -- Julien Vermillard On Tue, Aug 30, 2016 at 4:26 PM, Matt Caswell wrote: > > > On 29/08/16 17:37, Julien Vermillard wrote: > > I patched s_server to send a fake OCSP content (4

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

2016-08-30 Thread Matt Caswell

On 29/08/16 17:37, Julien Vermillard wrote: > I patched s_server to send a fake OCSP content (4 bytes). > I suppose the server will just push that to the client and the client > should fail complaining it's not a correct OCSP response. > But the server crash with: > ssl/statem/statem_dtls.c:127:

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

2016-08-29 Thread Matt Caswell

Ok - thanks. I'll try and take a look tomorrow. Matt On 29/08/16 17:37, Julien Vermillard wrote: > I patched s_server to send a fake OCSP content (4 bytes). > I suppose the server will just push that to the client and the client > should fail complaining it's not a correct OCSP response. > But

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

2016-08-29 Thread Julien Vermillard

I patched s_server to send a fake OCSP content (4 bytes). I suppose the server will just push that to the client and the client should fail complaining it's not a correct OCSP response. But the server crash with: ssl/statem/statem_dtls.c:127: OpenSSL internal error: assertion failed: s->init_num

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

2016-08-29 Thread Julien Vermillard

It's a mix of C and Go, so it's really not minimal, but I'll try to modify s_server to see if I can reproduce it. -- Julien Vermillard On Mon, Aug 29, 2016 at 6:13 PM, Matt Caswell wrote: > > > On 29/08/16 17:08, Julien Vermillard wrote: > > I have a DTLS 1.2 server based on

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

2016-08-29 Thread Matt Caswell

On 29/08/16 17:08, Julien Vermillard wrote: > I have a DTLS 1.2 server based on last master (commit > d196305aa0de1fc38837c27cb1ea6e60af9dd98d) > I try to add ocsp stapling support (based on code in s_server.c). > > Basicaly in my callback I set the OCSP response by: > > > if

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

Re: [openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

7 matches

Site Navigation

Mail list logo

Footer information