id,summary,reporter,owner,description,type,status,milestone,component,version,severity,resolution,keywords,cc
11646,Boost ASIO server-side async_handshake handler not called if Diffie-Hellman key is too small,c.m.brandenburg@…,chris_kohlhoff,"Boost ASIO server-side `async_handshake` handler is never called if the Diffie-Hellman key is too small. Instead, the handshake operation appears to hang indefinitely.

OpenSSL now requires Diffie-Hellman keys to be at least 768 bits (https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/).

This bug may be reproduced using the SSL examples in the Boost documentation (http://www.boost.org/doc/libs/1_58_0/doc/html/boost_asio/example/cpp03/ssl/server.cpp) and a recent version of OpenSSL that restricts DH keys to 768 or more bits. (I'm using OpenSSL version 1.0.2d.) Observe the bug by placing a breakpoint on the server-side handshake handler and seeing that the breakpoint is never hit.

For what it's worth, the client-side handshake operation completes, with error (`""dh key too small""`), as expected. So this problem affects only the server.

",Bugs,new,To Be Determined,asio,Boost 1.58.0,Problem,,use_tmp_dh_file dh diffie hellman key too small ssl openssl,