[stunnel-users] stunnel-users Digest, Vol 182, Issue 7
brent_kimberley at rogers.com
Wed Sep 18 18:30:21 CEST 2019
psk_find() and psk_server_callback() are marked NOEXPORT.
You can try whitebox - decompile ctx.c:: psk_server_callback() and/or blackbox - breaking the problem into parts to see what works/fails.
Decomposing the problem into parts :a) Two differing stunnel versions and a common openssl library. b) One common stunnel version and two differing openssl libraries.
On Wednesday, September 18, 2019, 11:28:48 a.m. EDT, Brent Kimberley <brent_kimberley at rogers.com> wrote:
>> 2019.09.16 13:36:28 LOG6: PSK identity not found (session resumption?)Try dumping the symbols for ctx.c::psk_find(), ssl_lib.c::SSL_get_ex_data(), and ctx.c:: psk_server_callback().
Date: Tue, 17 Sep 2019 18:18:13 +0200
From: Hannah Koperberg <hannah.koperberg at gmail.com>
Subject: [stunnel-users] Problems when using PSK between a version of
stunnel usingopenssl 1.0 and a version of stunnel using openssl 1.1.1
We encounter problems when using PSK between a version of stunnel using openssl 1.0 and a version of stunnel using openssl 1.1.1
The problem being the following:
2019.09.16 13:36:28 LOG6: PSK identity not found (session resumption?)
2019.09.16 13:36:28 LOG7: TLS alert (write): fatal: unknown PSK identity
2019.09.16 13:36:28 LOG3: SSL_accept: s3_srvr.c:2845: error:1408B0DF:SSL routines:ssl3_get_client_key_exchange:psk identity not found
No problems are encountered when using certificates or when the same versions of stunnel and openssl are used.
In the latter case neither certificates nor PSK give any problems connecting.
Hannah Koperberg, de Volksbank in the Netherlands
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the stunnel-users