[openssl-users] Setting an OCSP stapling response on a DTLS server result in crash

Matt Caswell matt at openssl.org
Tue Aug 30 20:21:31 UTC 2016 


On 30/08/16 15:26, Matt Caswell wrote:
> 
> 
> On 29/08/16 17:37, Julien Vermillard wrote:
>> I patched s_server to send a fake OCSP content (4 bytes).
>> I suppose the server will just push that to the client and the client
>> should fail complaining it's not a correct OCSP response.
>> But the server crash with:
>> ssl/statem/statem_dtls.c:127: OpenSSL internal error: assertion failed:
>> s->init_num == (int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH
>>
>> Command line used:
>>
>> ./openssl s_server -dtls1_2 -port 5684  -cipher
>> ECDHE-ECDSA-AES256-CCM8:ECDHE-ECDSA-AES128-CCM8:PSK-AES256-CCM8:PSK-AES128-CCM8
>> -CAfile ca.pem -cert server.pem -key server.key -chainCAfile bundle.pem
>> -status -status_verbose -mtu 1200
>>
>> and
>> ./openssl s_client -dtls1_2 -port 5684 -psk 73656372657450534b -host
>> localhost -cipher
>> ECDHE-ECDSA-AES256-CCM8:ECDHE-ECDSA-AES128-CCM8:PSK-AES256-CCM8:PSK-AES128-CCM8
>> -CAfile ca.pem -verify_hostname "IMEI:1234567890" -cert client.pem -key
>> client.key -chainCAfile bundle-client.pem -status
>>
>>
>> I attached also the test certificate and keys.
> 
> Actually, even the unpatched s_server has this problem. AFAICT this has
> never worked for DTLS. I'm quite surprised no one has noticed before!
> Even 1.0.2 has this problem (although the symptoms are different)...and
> probably 1.0.1 although I haven't checked.
> 
> I have a fix here:
> 
> https://github.com/openssl/openssl/pull/1516
> 
> Only the first commit with the changes to ssl/statem/statem_srvr.c are
> the fix itself. Everything else in the second commit is about adding a
> test for this.

This fix has now been merged in commit 06314c029.

Matt



> 
> Matt
> 
>>
>> --
>> Julien Vermillard
>>
>> On Mon, Aug 29, 2016 at 6:17 PM, Julien Vermillard
>> <jvermillard at gmail.com <mailto:jvermillard at gmail.com>> wrote:
>>
>>     It's a mix of C and Go, so it's really not minimal, but I'll try to
>>     modify s_server to see if I can reproduce it.
>>
>>     --
>>     Julien Vermillard
>>
>>     On Mon, Aug 29, 2016 at 6:13 PM, Matt Caswell <matt at openssl.org
>>     <mailto:matt at openssl.org>> wrote:
>>
>>
>>
>>         On 29/08/16 17:08, Julien Vermillard wrote:
>>         > I have a DTLS 1.2 server based on last master (commit
>>         > d196305aa0de1fc38837c27cb1ea6e60af9dd98d)
>>         > I try to add ocsp stapling support (based on code in s_server.c).
>>         >
>>         > Basicaly in my callback I set the OCSP response by:
>>         >
>>         >
>>         >     if (SSL_set_tlsext_status_ocsp_resp(s,dataPtr,respLen) == 0) {
>>         >         return SSL_TLSEXT_ERR_NOACK;
>>         >     } else {
>>         >         return SSL_TLSEXT_ERR_OK;
>>         >     }
>>         >
>>         > but if my server manage to get an OCSP response it crash with this message:
>>         >
>>         > ssl/statem/statem_dtls.c:127: OpenSSL internal error: assertion failed:
>>         > s->init_num == (int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH
>>         >
>>         > Any clue?
>>
>>         Do you have some minimal reproducer?
>>
>>         Matt
>>
>>         --
>>         openssl-users mailing list
>>         To unsubscribe:
>>         https://mta.openssl.org/mailman/listinfo/openssl-users
>>         <https://mta.openssl.org/mailman/listinfo/openssl-users>
>>
>>
>>
>>
>>

More information about the openssl-users mailing list