Got the same error on Linux, both x86 and x64, when tried to add following lines to ./ssl/t1_enc.c@tls1_change_cipher_state:
ssl3_cleanup_key_block(s); OPENSSL_cleanse(s->s3->read_mac_secret, sizeof(s->s3->read_mac_secret)); OPENSSL_cleanse(s->s3->write_mac_secret, sizeof(s->s3->write_mac_secret)); at the very end. Just before return(1); err: SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,ERR_R_MALLOC_FAILURE); Error appears both for TLS 1.2 AES128-SHA256 and AES256-SHA256 ciphersuites. And do NOT appears for any other ciphersuites. On 13 January 2014 20:26, Shawn via RT <r...@openssl.org> wrote: > hey OpenSSL community maintainers, > > Compiled OpenSSL with GCC -O3 optimization on ARM64 might cause > AES256-SHA256 testing fails: > > ------------------------------------------------------------------------------------------------------------- > [ 3022s] Testing AES256-SHA256 > [ 3024s] Available compression methods: > [ 3024s] NONE > [ 3024s] ERROR in SERVER > [ 3024s] 274890758944:error:1408F119: > SSL > routines:SSL3_GET_RECORD:decryption failed or bad record > mac:s3_pkt.c:484: > [ 3024s] TLSv1.2, cipher TLSv1/SSLv3 AES256-SHA256, 2048 bit RSA > [ 3024s] 1 handshakes of 256 bytes done > [ 3024s] Failed AES256-SHA256 > [ 3024s] make[1]: *** [test_ssl] Error 1 > [ 3024s] make[1]: Leaving directory > `/home/abuild/rpmbuild/BUILD/openssl-1.0.1f/test' > > ----------------------------------------------------------------------------------------------------------- > > I'm not sure if this is an issue of OpenSSL. -O3 works for previous > release( 1.0.1e). Plz check the fully log which was attached! Thanks! > > > -- > GNU powered it... > GPL protect it... > God blessing it... > > regards > Shawn > >