On 12/18/13, 7:40 AM, "Stephen Henson via RT" <r...@openssl.org> wrote:
>I've added some error and sanity checking to the relevant piece of code. >OpenSSL *should* just end up reporting an internal error now if that >happens >instead of crashing. If you end up with lots of those then it may need >further >investigation. > >The new code is here: > >http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0294b2be5f4c11 > >Steve. >-- >Dr Stephen N. Henson. OpenSSL project core developer. >Commercial tech support now available see: http://www.openssl.org > Thanks Steve. After applying the patch and letting it run in production for approx. 5 hours I did not see any crashes. The only suspicious (i.e. Change in behavior from previous) looking error message was two of these: [Dec 18 15:27:51.789] Server {0x2ab820908700} ERROR: SSL::27:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:337: [Dec 18 17:15:41.125] Server {0x2ab820605700} ERROR: SSL::24:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:337: ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
