[strongSwan-dev] TLS negotiation failing on power pc 64

Martin Willi martin at strongswan.org
Thu Jan 8 11:19:37 CET 2015

Hi Avesh,

> It turns out that unintialization of record type in the while loop during
> building of TLS records in tls.c is wreaking havoc on ppc64. I have come up
> with a preliminary patch for upstream review 

Thanks for your in-depth analysis and your patch. There is definitely a
bug while building those records.

I've tried to address this in a slightly different way. The upper layers
return NEED_MORE if any record has been created. So we actually should
check for that return type before querying the type output parameter.

Please try the attached patch; I don't have a PPC64 architecture at
hand, so your feedback is much appreciated.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-libtls-Check-for-CHANGE_CIPHER_SPEC-type-only-if-upp.patch
Type: text/x-patch
Size: 1199 bytes
Desc: not available
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20150108/d37aaea6/attachment.bin>

More information about the Dev mailing list