sftcd
sftcd
Hiya, Still the same [branch](https://github.com/jpbland1/wolfssl/tree/ech-hello-retry), right? I pulled that and tried it, but still not working so far. (ECH+HRR is a *real* pain:-) In wireshark I still see an ``enc``...
BTW, I also see a double-free crash at the end of talking to tls-ech.dev here. ``` ... * ALPN: curl offers http/1.1 * ECH: ECHConfig from DoH HTTPS RR *...
Also forgot to say: I need to run curl+wolf in insecure mode to get it to work with most of my servers - not sure why that is, but curl+openssl...
> I'm available anytime tomorrow for a call if you want to discuss this. Suspect a call's a good option. Ping me via email (top of the bug report) and...
Hi Anthony, I've not tried that yet, but will (tomorrow, here:-). My reading of the specs so far is that WolfSSL is compliant, so I think the bug was on...
Hi, I did that build with ``WOLFSSL_TLS13_MIDDLEBX_COMPAT`` and it didn't work, and in this case I think that does show a bug in WolfSSL. [section 5.1](https://datatracker.ietf.org/doc/html/draft-ietf-tls-esni-16#section-5.1) of the ECH spec...
That's fine. I would though also recommend re-considering whether or not to make middlebox mode your default in future, when doing ECH. (ECH already involves sending so many octets saving...
On 20/01/2024 02:12, Tatsuhiro Tsujikawa wrote: > Now www.facebook.com sets maximum_name_length=100, this bug causes a lot of trouble (guess what). > I think this should be fixed quickly. I don't...
Is it maybe using some other port rather than 443 perhaps?
Ah, I don't have any way to test QUIC myself. Can you see the HTTPS RR in DNS that contains the ECHConfig?