On Wed, 18 Dec 2013 23:42:08 +0100 Stephen Henson via RT wrote:
Many thanks for that info. I think I've traced the cause of the thing
now with that clue. It might have security implications (DoS only
though) so I'll keep any further details off the public mailing lists.
This is now covered by
On 12/16/13, 6:40 PM, Stephen Henson via RT r...@openssl.org wrote:
Yes, please print out the entire s-s3-handshake_dgst array instead of
just
the first element. That is:
s-s3-handshake_dgst[0]
s-s3-handshake_dgst[1]
.. up to ...
s-s3-handshake_dgst[5]
I had to set this back up so this is a
On 12/18/13, 7:40 AM, Stephen Henson via RT r...@openssl.org wrote:
I've added some error and sanity checking to the relevant piece of code.
OpenSSL *should* just end up reporting an internal error now if that
happens
instead of crashing. If you end up with lots of those then it may need
further
I've added some error and sanity checking to the relevant piece of code.
OpenSSL *should* just end up reporting an internal error now if that happens
instead of crashing. If you end up with lots of those then it may need further
investigation.
The new code is here:
On 12/18/13, 7:40 AM, Stephen Henson via RT r...@openssl.org wrote:
I've added some error and sanity checking to the relevant piece of code.
OpenSSL *should* just end up reporting an internal error now if that
happens
instead of crashing. If you end up with lots of those then it may need
further
On Wed, Dec 18, 2013, Ron Barber via RT wrote:
Thanks Steve. After applying the patch and letting it run in production
for approx. 5 hours I did not see any crashes. The only suspicious (i.e.
Change in behavior from previous) looking error message was two of these:
[Dec 18 15:27:51.789]
On 12/14/13 7:38 AM, Stephen Henson via RT r...@openssl.org wrote:
Hmm... that's a weird one. The debug info tells me it is a TLS v1.0
connection
and that it is attempting to use MD5 when calculating the handshake hash.
It
caches handshake records in the function ssl3_digest_cached_records()
using
On 12/16/13, 6:40 PM, Stephen Henson via RT r...@openssl.org wrote:
Yes, please print out the entire s-s3-handshake_dgst array instead of
just
the first element. That is:
s-s3-handshake_dgst[0]
s-s3-handshake_dgst[1]
.. up to ...
s-s3-handshake_dgst[5]
I had to set this back up so this is a
On Tue, Dec 17, 2013, Ron Barber via RT wrote:
On 12/16/13, 6:40 PM, Stephen Henson via RT r...@openssl.org wrote:
Yes, please print out the entire s-s3-handshake_dgst array instead of
just
the first element. That is:
s-s3-handshake_dgst[0]
s-s3-handshake_dgst[1]
.. up to ...
On 12/14/13 7:38 AM, Stephen Henson via RT r...@openssl.org wrote:
Hmm... that's a weird one. The debug info tells me it is a TLS v1.0
connection
and that it is attempting to use MD5 when calculating the handshake hash.
It
caches handshake records in the function ssl3_digest_cached_records()
using
On 14 December 2013 13:38, Stephen Henson via RT r...@openssl.org wrote:
Hmm... that's a weird one. The debug info tells me it is a TLS v1.0 connection
and that it is attempting to use MD5 when calculating the handshake hash. It
caches handshake records in the function
On Mon Dec 16 22:20:47 2013, rbar...@yahoo-inc.com wrote:
Thank you Steve. Not sure how to proceed from here, is there more
information from the core dumps which would be useful?
Yes, please print out the entire s-s3-handshake_dgst array instead of just
the first element. That is:
On Sat Dec 14 08:41:53 2013, rbar...@yahoo-inc.com wrote:
We are seeing a segfault when TLS 1.2 is enabled with OpenSSL 1.0.1e (also
with 1.0.1a). We are running Apache Traffic Server on RHEL6 and when we
upgraded OpenSSL from 1.0.0 to 1.0.1 we started seeing this issue. I was
able to narrow
We are seeing a segfault when TLS 1.2 is enabled with OpenSSL 1.0.1e (also
with 1.0.1a). We are running Apache Traffic Server on RHEL6 and when we
upgraded OpenSSL from 1.0.0 to 1.0.1 we started seeing this issue. I was
able to narrow down the issue to TLS 1.2 by disabling TLS 1.2. The crash
14 matches
Mail list logo