[openssl-dev] [openssl.org #3657] OpenSSL 1.0.1k DTLS handshake no longer works
Eugen-Andrei Gavriloaie
shiretu at gmail.com
Wed Jan 14 21:03:11 UTC 2015
And from an Ubuntu box (apparently, it runs 1.0.1f)
shiretu at ubuntu:/tmp$ gcc -std=c99 dtls_bug.c -lssl -lcrypto -o dtls_bug
shiretu at ubuntu:/tmp$ ./dtls_bug
dtls_bug: dtls_bug.c:110: main: Assertion `pSSLBuffer->length != 0' failed.
Aborted (core dumped)
shiretu at ubuntu:/tmp$ uname -a
Linux ubuntu 3.16.0-23-generic #31-Ubuntu SMP Tue Oct 21 17:56:17 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
shiretu at ubuntu:/tmp$ openssl version
OpenSSL 1.0.1f 6 Jan 2014
shiretu at ubuntu:/tmp$ ldd dtls_bug
linux-vdso.so.1 => (0x00007fff0fbe7000)
libssl.so.1.0.0 => /lib/x86_64-linux-gnu/libssl.so.1.0.0 (0x00007fec11f22000)
libcrypto.so.1.0.0 => /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 (0x00007fec11b3f000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fec11779000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007fec11575000)
/lib64/ld-linux-x86-64.so.2 (0x00007fec12189000)
> On Jan 14, 2015, at 22:21, Eugen-Andrei Gavriloaie via RT <rt at openssl.org> wrote:
>
> Hi all,
>
> I believe I have found a bug which is only present in the latest versions (1.0.1k)
>
> I have created a simple C test which does the following things in this order:
>
> 1. initialize the SSL library
> 2. creates an X509 key and cert
> 3. creates an DTLS server SSL context
> 4. Setup 2 memory BIO instances on the SSL context
> 5. Feed the input BIO with a hardcoded "Client Hello" packet
> 6. Call SSL_accept
>
> Wanted:
> The output BIO should contain a packet ("Server Hello") to be sent over the wire
>
> Observed:
> The output BIO is empty, the handshake never succeeds
>
> Same file test app linked with OpenSSL 1.0.1j works as expected, the output is generated.
>
> I have attached the C file.
>
> Best regards,
> Andrei
>
>
> <dtls_bug.c>
>
>
> _______________________________________________
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
More information about the openssl-dev
mailing list