TLS connections closed prematurely

Bug #1422786 reported by Daniel Pocock on 2015-02-17
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
resiprocate (Ubuntu)
High
Unassigned
Trusty
High
Unassigned
Utopic
High
Unassigned

Bug Description

The TLS code has a bug when handling the OpenSSL error queue.

This is not a security vulnerability but it does cause significant inconvenience when TLS clients try to connect to the repro SIP proxy or any other SIP service using the reSIProcate SIP stack.

The situation is explained in an email on the developers mailing list:

http://list.resiprocate.org/archive/resiprocate-devel/msg08664.html

It is fixed in the upstream release 1.9.7.

Changed in resiprocate (Ubuntu):
milestone: none → trusty-updates
importance: Undecided → High
status: New → Confirmed

Could this be related to the changes to ignore TLSv1.2 or is this something else?

As far as I can tell vivid already has resiprocate 1.9.7; so I'll mark this for Trusty and Utopic. What are the proposed changes to fix this? Do you have a debdiff for the changes?

Changed in resiprocate (Ubuntu Trusty):
status: New → Confirmed
Changed in resiprocate (Ubuntu Utopic):
status: New → Confirmed
Changed in resiprocate (Ubuntu Trusty):
importance: Undecided → High
Changed in resiprocate (Ubuntu Utopic):
importance: Undecided → High
Changed in resiprocate (Ubuntu):
status: Confirmed → Fix Released
Daniel Pocock (daniel-pocock) wrote :

This was fixed upstream in 1.9.7 and Utopic has 1.9.7-1 so the bug doesn't exist in Utopic. It only exists in Trusty and earlier versions.

Changed in resiprocate (Ubuntu Utopic):
status: Confirmed → Fix Released
tags: added: trusty
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers