[stunnel-users] Problems when using PSK between a version of stunnel usingopenssl 1.0 and a version of stunnel using openssl 1.1.1 in stunnel-users Digest, Vol 182, Issue 7

Brent Kimberley brent_kimberley at rogers.com
Wed Sep 25 18:33:17 CEST 2019


 Hi Hannah.You're welcome.  Please keep in mind that Michal's unreleased stunnel v5.56 and OpenSSL1.1.1d contain a couple minor severity fixes.
https://www.openssl.org/news/openssl-1.1.1-notes.htmlhttps://www.stunnel.org/NEWS.html

    On Wednesday, September 25, 2019, 08:18:10 a.m. EDT, Koperberg, J. (Hannah) <hannah.koperberg at devolksbank.nl> wrote:  
 
  
Hi Brent
 
  
 
Thank you for your suggestions.
 
  
 
I installed stunnel version 5.55 on the client test side (where the openssl version OpenSSL 1.1.1c is).
 
That has solved the problem.
 
  
 
Kind regards and thanks again for your help,
 
 
 
Hannah Koperberg, de Volksbank N.V., The Netherlands
 
  
 
From: Brent Kimberley <brent_kimberley at rogers.com> 
Sent: woensdag 18 september 2019 18:30
To: stunnel-users at stunnel.org
Subject: Re: [stunnel-users] stunnel-users Digest, Vol 182, Issue 7
 
  
 
psk_find() and psk_server_callback() are marked NOEXPORT.   
 
  
 
You can try whitebox - decompile ctx.c:: psk_server_callback() and/or blackbox - breaking the problem into partsto see what works/fails.  
 
  
 
Decomposing the problem into parts :
 
a) Two differing stunnel versions and a common openssl library.  
 
b) One common stunnel version and two differing openssl libraries.  
 
  
 
On Wednesday, September 18, 2019, 11:28:48 a.m. EDT, Brent Kimberley <brent_kimberley at rogers.com> wrote:
 
  
 
  
 
>> 2019.09.16 13:36:28 LOG6[3]: PSK identity not found (session resumption?)
 
Try dumping the symbols for ctx.c::psk_find(), ssl_lib.c::SSL_get_ex_data(), and ctx.c:: psk_server_callback(). 
 
  
 
  
 
  
 

Dit e-mailbericht is alleen bestemd voor de geadresseerden. Indien dit bericht niet voor u is bedoeld, wordt u verzocht de afzender hiervan op de hoogte te stellen door het bericht te retourneren en de inhoud niet te gebruiken.
This e-mail message is intended to be exclusively for the addressee. If you are not the intended recipient you are kindly requested not to make any use whatsoever of the contents and to notify the sender immediately by returning
this e-mail message.
  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20190925/ea364f43/attachment-0001.htm>


More information about the stunnel-users mailing list