On Tue, Nov 16, 2010 at 03:48:13PM -0500, Victor Duchovni wrote:
>
> Anyone know why I am seeing the below errors:
>
> ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem
> -no_dhe -num 10 -f -time
> Available compression methods:
> NONE
> DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit
> RSA
> ERROR in SERVER
> 182902820544:error:1408A0E3:SSL routines:SSL3_GET_CLIENT_HELLO:parse
> tlsext:s3_srvr.c:1043:
Running under gdb with symbols seems to the suggest the issue is with
the ec
else if (type == TLSEXT_TYPE_ec_point_formats &&
s->version != DTLS1_VERSION)
{
unsigned char *sdata = data;
int ecpointformatlist_length = *(sdata++);
if (ecpointformatlist_length != size - 1)
{
*al = TLS1_AD_DECODE_ERROR;
return 0;
}
if (!s->hit)
{
if(s->session->tlsext_ecpointformatlist)
{
---> fail here --->
*al = TLS1_AD_DECODE_ERROR;
return 0;
}
Is this related to the CVE fix to the session state? Some other change?
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
