OpenSSL 1.1.1 Windows dependencies
Viktor Dukhovni
openssl-users at dukhovni.org
Wed Oct 26 15:53:29 UTC 2022
On Wed, Oct 26, 2022 at 11:50:16AM -0400, Viktor Dukhovni wrote:
> On Wed, Oct 26, 2022 at 11:15:25AM +0100, Matt Caswell wrote:
>
> > > I'm not promising anything. But if you send me the captures I can take a
> > > look at them.
> >
> > I've taken a look at the captures for the working and non-working scenarios.
> >
> > Do I understand correctly that your application is acting as the server
> > in this setup?
> >
> > I have compared the working and non-working captures. In both cases the
> > ClientHello is successfully received, and the server responds with a
> > ServerHello, Certificate, ServerKeyExchange and ServerHelloDone message.
> > Aside from normal variations between one session and another, AFAICT,
> > the ClientHello and the server's response messages all look identical
> > other than the server obviously has a different Certificate. The
> > Certificates themselves also look identical to each other other than the
> > subject/subjectaltname being for a different server. The intermediate
> > certs are the same in both cases.
> >
> > Following the server's ServerHelloDone the client continues with a
> > ClientKeyExchange message in the working case. In the non-working case
> > the the client immediately closes the TCP connection without sending any
> > kind of alert.
>
> See longish thread at:
>
> https://marc.info/?l=postfix-users&m=166584042429636&w=2
>
> which describes a remarkably similar set of symptoms observed after a
> Microsoft patch update. Today the OP posted that a more follow-on patch
> appears to have resolved the problem.
TL;DR: progress on identifying the issue begins with:
https://marc.info/?l=postfix-users&m=166585652703462&w=2
--
Viktor.
More information about the openssl-users
mailing list