You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → Posts by embhorn
Hi Kamil,
I am looking into the issue you reported. Could you also send a packet capture of the two cases?
Best regards,
Eric Blankenhorn
wolfSSL Support
Hi @SamSam
This issue was due to a bug in the wolfSSL library. The code changes are available for you to review here:
https://github.com/wolfSSL/wolfssl/pull/1772
The two use cases are both passing now.
Please let us know when you have had an opportunity to test the changes.
Best regards,
Eric Blankenhorn
wolfSSL Support
Hi Sam Sam,
I am trying to reproduce the issues you have reported. For now I would like to try using only wolfSSL, we can add CURL in later.
I have configured wolfSSL using:
$ ./configure --enable-allI am able to connect to the "www.tvnow.de" host using the example client:
$ ./examples/client/client -h 217.118.168.60 -p 443 -d -x -C -g -i
peer's cert info:
issuer : /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
subject: /OU=Domain Control Validated/OU=PositiveSSL Wildcard/CN=*.tvnow.de
altname = tvnow.de
altname = *.tvnow.de
serial number:1c:6b:0d:e8:9a:44:80:03:c3:a1:0e:03:bd:8e:6a:92
SSL version is TLSv1.2
SSL cipher suite is TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
SSL curve name is SECP256R1
Client Random : C70D72DD1A0B6FD211139FF47EF63367DB43A16D7A3AC3807CF5C8649B4B1021
SSL connect ok, sending GET...
HTTP/1.0 302 Found
Location: https://www.tvnow.de/index.html
Server: BigIP
C
onnection: close
Content-Length: 0Also, I can specify the SSL version with the "-v <num>" option:
./examples/client/client -h 217.118.168.60 -p 443 -d -x -C -g -i -v 2
./examples/client/client -h 217.118.168.60 -p 443 -d -x -C -g -i -v 3Only the values 2 and 3 for SSL version are successful with that host.
Does this match your results so far?
Thanks,
Eric Blankenhorn
wolfSSL Support
Excellent. Thanks for your help.
We have found a compiler error in "wolfSSL_X509_load_certificate_file" when building with the "NO_FILESYSTEM" define enabled.
os/networking/ssl/lite/src/ssl.c: In function 'wolfSSL_BIO_free':
os/networking/ssl/lite/src/ssl.c:5781:21: warning: implicit declaration of function 'close' [-Wimplicit-function-declaration]
os/networking/ssl/lite/src/ssl.c: In function 'wolfSSL_X509_load_certificate_file':
os/networking/ssl/lite/src/ssl.c:7187:5: error: unknown type name 'XFILE'
os/networking/ssl/lite/src/ssl.c:7198:5: warning: implicit declaration of function 'XFOPEN' [-Wimplicit-function-declaration]
os/networking/ssl/lite/src/ssl.c:7199:17: error: 'XBADFILE' undeclared (first use in this function)
os/networking/ssl/lite/src/ssl.c:7199:17: note: each undeclared identifier is reported only once for each function it appears in
os/networking/ssl/lite/src/ssl.c:7200:5: warning: implicit declaration of function 'XFSEEK' [-Wimplicit-function-declaration]
os/networking/ssl/lite/src/ssl.c:7200:21: error: 'XSEEK_END' undeclared (first use in this function)
os/networking/ssl/lite/src/ssl.c:7201:5: warning: implicit declaration of function 'XFTELL' [-Wimplicit-function-declaration]
os/networking/ssl/lite/src/ssl.c:7202:5: warning: implicit declaration of function 'XREWIND' [-Wimplicit-function-declaration]
os/networking/ssl/lite/src/ssl.c:7207:13: warning: implicit declaration of function 'XFCLOSE' [-Wimplicit-function-declaration]
os/networking/ssl/lite/src/ssl.c:7212:5: warning: implicit declaration of function 'XFREAD' [-Wimplicit-function-declaration]
make[2]: *** [output/csgnu_arm/at91sam9263ek/net_44/objs/os/networking/ssl/lite/src/ssl.o] Error 1
If I add the compiler conditional "#ifndef NO_FILESYSTEM" around "wolfSSL_X509_load_certificate_file" then the problem is resolved.
wolfSSL - Embedded SSL Library → Posts by embhorn
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.020 seconds (75% PHP - 25% DB) with 4 queries