help : tls1.3 : tls1.2 test case failing after integration of openssl-1.1.1-pre7

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

help : tls1.3 : tls1.2 test case failing after integration of openssl-1.1.1-pre7

Chakrapani Reddy

Hello  ,

Started using openssl-1.1.1-pre7 (pre-release 7) in my lab. Compiled the code in Linux successfully. When I run the tls1.2 test case observed that it's failing with openssl-1.1.1-pre7 but the same test case is passing with the openssl-1.1.0g.

Sample code :
    SSL_CTX *ctx = SSL_CTX_new(TLSv1_2_method());
    if (ctx==0) {
        return(false);
    }
    if ((ssl_session = SSL_new(ctx))==0) {
        return(false);
    }
    if (ssl_get_new_session(ssl_session, 1)==0)  {
        return(false);
    }
    if(ssl_session->session == NULL)
    {
        printf("++++++++++ SSL_new : ssl_session->session is NULL +++++++++");
    }
    if(ssl_session->s3 == NULL)
    {
        printf("+++++++++ SSL_new : ssl_session->s3 is NULL +++++++++");
    }

Below are the observations:
* SSL_new() returned the valid pointer but s3 member  as NULL.
* ssl_get_new_session() is giving the session member as NULL.

Configured the below flags during the compilation process.
./Configure --prefix=/opt/build/openssl-1.1.1-pre7  no-tls1_3 no-shared enable-rc5 enable-md2 enable-ssl2 enable-weak-ssl-ciphers enable-zlib --with-zlib-lib=/opt/build/zlib-1.2.8/lib/ --with-zlib-include=/opt/build/zlib-1.2.8/include/  linux-x86_64

Behavior is same with the configuration flag " enable-tls1_3" too.

Can you please help to explain here if I am missing anything in integration part or known issue in openssl-1.1.1-pre7 ?


Regards,
Chakrapani


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: help : tls1.3 : tls1.2 test case failing after integration of openssl-1.1.1-pre7

Matt Caswell-2


On 19/06/18 16:18, Chakrapani Reddy wrote:

> Hello  ,
>
> Started using openssl-1.1.1-pre7 (pre-release 7) in my lab. Compiled the
> code in Linux successfully. When I run the tls1.2 test case observed
> that it's failing with openssl-1.1.1-pre7 but the same test case is
> passing with the openssl-1.1.0g.
>
> Sample code :
>     SSL_CTX *ctx = SSL_CTX_new(TLSv1_2_method());
>     if (ctx==0) {
>         return(false);
>     }
>     if ((ssl_session = SSL_new(ctx))==0) {
>         return(false);
>     }
>     if (ssl_get_new_session(ssl_session, 1)==0)  {
>         return(false);
>     }
>     if(ssl_session->session == NULL)
>     {
>         printf("++++++++++ SSL_new : ssl_session->session is NULL
> +++++++++");
>     }
>     if(ssl_session->s3 == NULL)
>     {
>         printf("+++++++++ SSL_new : ssl_session->s3 is NULL +++++++++");
>     }
>
> Below are the observations:
> * SSL_new() returned the valid pointer but s3 member  as NULL.
> * ssl_get_new_session() is giving the session member as NULL.

The SSL object is an opaque type, so you are not supposed to access
those members. Given that the structure definition is not in the public
header files, have you included an internal OpenSSL header file in your
project? If so, that is likely to be your problem.

Matt

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: help : tls1.3 : tls1.2 test case failing after integration of openssl-1.1.1-pre7

Chakrapani Reddy
In reply to this post by Chakrapani Reddy
Hi Matt, 
Thanks Matt for your reply. As per my understanding internal OpenSSL header file is not included. Shall we know the way how to access SSL object members with openssl-1.1.1-pre ?

Regards,
Chakrapani

On 19/06/18 16:18, Chakrapani Reddy wrote:
> Hello  ,
> 
> Started using openssl-1.1.1-pre7 (pre-release 7) in my lab. Compiled the
> code in Linux successfully. When I run the tls1.2 test case observed
> that it's failing with openssl-1.1.1-pre7 but the same test case is
> passing with the openssl-1.1.0g.
> 
> Sample code :
>     SSL_CTX *ctx = SSL_CTX_new(TLSv1_2_method());
>     if (ctx==0) {
>         return(false);
>     }
>     if ((ssl_session = SSL_new(ctx))==0) {
>         return(false);
>     }
>     if (ssl_get_new_session(ssl_session, 1)==0)  {
>         return(false);
>     }
>     if(ssl_session->session == NULL)
>     {
>         printf("++++++++++ SSL_new : ssl_session->session is NULL
> +++++++++");
>     }
>     if(ssl_session->s3 == NULL)
>     {
>         printf("+++++++++ SSL_new : ssl_session->s3 is NULL +++++++++");
>     }
> 
> Below are the observations:
> * SSL_new() returned the valid pointer but s3 member  as NULL.
> * ssl_get_new_session() is giving the session member as NULL.
The SSL object is an opaque type, so you are not supposed to access
those members. Given that the structure definition is not in the public
header files, have you included an internal OpenSSL header file in your
project? If so, that is likely to be your problem.

Matt

On Tue, Jun 19, 2018 at 8:48 PM, Chakrapani Reddy <[hidden email]> wrote:

Hello  ,

Started using openssl-1.1.1-pre7 (pre-release 7) in my lab. Compiled the code in Linux successfully. When I run the tls1.2 test case observed that it's failing with openssl-1.1.1-pre7 but the same test case is passing with the openssl-1.1.0g.

Sample code :
    SSL_CTX *ctx = SSL_CTX_new(TLSv1_2_method());
    if (ctx==0) {
        return(false);
    }
    if ((ssl_session = SSL_new(ctx))==0) {
        return(false);
    }
    if (ssl_get_new_session(ssl_session, 1)==0)  {
        return(false);
    }
    if(ssl_session->session == NULL)
    {
        printf("++++++++++ SSL_new : ssl_session->session is NULL +++++++++");
    }
    if(ssl_session->s3 == NULL)
    {
        printf("+++++++++ SSL_new : ssl_session->s3 is NULL +++++++++");
    }

Below are the observations:
* SSL_new() returned the valid pointer but s3 member  as NULL.
* ssl_get_new_session() is giving the session member as NULL.

Configured the below flags during the compilation process.
./Configure --prefix=/opt/build/openssl-1.1.1-pre7  no-tls1_3 no-shared enable-rc5 enable-md2 enable-ssl2 enable-weak-ssl-ciphers enable-zlib --with-zlib-lib=/opt/build/zlib-1.2.8/lib/ --with-zlib-include=/opt/build/zlib-1.2.8/include/  linux-x86_64

Behavior is same with the configuration flag " enable-tls1_3" too.

Can you please help to explain here if I am missing anything in integration part or known issue in openssl-1.1.1-pre7 ?


Regards,
Chakrapani



--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users