Upgrade from openssl 1.1.1s to openssl 3.0.7 - encryption and decryption issue

Michael Wojcik Michael.Wojcik at microfocus.com
Fri Feb 10 23:25:28 UTC 2023


> From: openssl-users <openssl-users-bounces at openssl.org> On Behalf Of Bhargava, Shweta via openssl-users
> Sent: Thursday, 9 February, 2023 22:20

> While upgrading from openssl 1.1.1s to openssl 3.0.7, we are facing issue while 
> encrypting and decrypting video.

The nature of the data you're processing is irrelevant to OpenSSL.

> 1) We are facing TCP IP Client connection issue on for encrypting and decrypting video.
> Is there any issue specified earlier related to this while upgrading opensl 1.1.1s to openssl
> 3.0.7.

*What* client connection issue? This question is far too vague to be useful. You need to provide
some details on the failure. There are many ways a TLS connection can fail -- and for that matter,
many ways a TCP connection can fail before TLS can be attempted, and many ways an application
connection can fail after the TLS connection is complete.

> 2) We are using TLSv1.2 but it's mentioned on https://www.openssl.org/news/cl30.txt
> A version of SSL/TLS below TLSv1.3 must have been negotiated.

I have no idea what you're referring to. What in the changelog makes you think TLSv1.3 isn't
supported?

> Is it a problem to use TLSv1.2 for encrypting and decrypting video.

TLS does not care what sort of data you're sending and receiving.

> 3) We are getting segmentation fault, is there any major we need to do to fix this.

You have a bug in your code. You need to identify it and fix it. There are many tools to assist
in diagnosing memory-access issues. Asking about them in a mailing list is not one of them.
Any operation in your application which involves dereferencing a pointer (including array
operations) could be invalid. We have no way of guessing what might be responsible.

> Segment related values like start time , end time etc. coming wrong.

I'm afraid I don't know what this means.

In short, you haven't provided any information we could use to even guess what your
problem(s) might be.

-- 
Michael Wojcik


More information about the openssl-users mailing list