<div dir="ltr">Thankyou Matt!<div class="gmail_extra"><br><div class="gmail_quote">On Thu, Jan 11, 2018 at 1:01 AM, Matt Caswell <span dir="ltr"><<a href="mailto:matt@openssl.org" target="_blank">matt@openssl.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class=""><br>
<br>
On 10/01/18 09:24, Grace Priscilla Jero wrote:<br>
> Thankyou Matt for the patch.<br>
> It works fine now with the patch. In which release will you be including<br>
> this patch?<br>
<br>
</span>The patch is already merged into the 1.1.0 branch so it will be in the<br>
next release (1.1.0h).<br>
<br>
Matt<br>
<span class=""><br>
<br>
><br>
> It is a negative scenario setup on configuration.<br>
> Thanks,<br>
> Grace<br>
><br>
><br>
> On Fri, Jan 5, 2018 at 4:28 PM, Matt Caswell <<a href="mailto:matt@openssl.org">matt@openssl.org</a><br>
</span><div><div class="h5">> <mailto:<a href="mailto:matt@openssl.org">matt@openssl.org</a>>> wrote:<br>
><br>
><br>
><br>
> On 05/01/18 05:30, Grace Priscilla Jero wrote:<br>
> > Hi Matt,<br>
> > We are using openssl v 1.1.0g.<br>
> > Attaching the pcap files.<br>
><br>
> Thanks - that helped a lot and I have been able to recreate your issue.<br>
><br>
> The problem is this:<br>
><br>
> - The server is DTLSv1.0 only<br>
> - The client is DTLSv1.2 only<br>
> - When the server selects DTLSv1.0 the client sends back a protocol<br>
> version alert with a record version of DTLSv1.2<br>
> - The server is expecting incoming records of version DTLSv1.0, because<br>
> that is the version it selected. Anything else is silently discarded,<br>
> including the incoming protocol version alert.<br>
><br>
> Whether this behaviour is a "bug" or not is debatable. The spec is quite<br>
> unclear in this regards. The only thing relevant I can see is this:<br>
><br>
> "Unlike TLS, DTLS is resilient in the face of invalid records (e.g.,<br>
> invalid formatting, length, MAC, etc.). In general, invalid records<br>
> SHOULD be silently discarded, thus preserving the association; ..."<br>
><br>
> An OpenSSL client (at least in 1.1.0 - I didn't check other versions),<br>
> will respond with a DTLSv1.0 alert record if it doesn't like the<br>
> protocol version selected by the server, so this situation never arises<br>
> when an OpenSSL client is talking to an OpenSSL server.<br>
><br>
> Probably the right thing for us to do is be more tolerant of record<br>
> version number mismatches when the record type is alert. I have created<br>
> a patch to do that here (master and 1.1.0):<br>
><br>
> <a href="https://github.com/openssl/openssl/pull/5018" rel="noreferrer" target="_blank">https://github.com/openssl/<wbr>openssl/pull/5018</a><br>
> <<a href="https://github.com/openssl/openssl/pull/5018" rel="noreferrer" target="_blank">https://github.com/openssl/<wbr>openssl/pull/5018</a>><br>
><br>
> And the 1.0.2 version is here:<br>
><br>
> <a href="https://github.com/openssl/openssl/pull/5019" rel="noreferrer" target="_blank">https://github.com/openssl/<wbr>openssl/pull/5019</a><br>
> <<a href="https://github.com/openssl/openssl/pull/5019" rel="noreferrer" target="_blank">https://github.com/openssl/<wbr>openssl/pull/5019</a>><br>
><br>
> I've also attached a patch file suitable for applying to 1.1.0g.<br>
><br>
> This issue triggers a few other thoughts for your case:<br>
><br>
> - I am wondering why you have configured your server for DTLSv1.0 only<br>
> given that 1.1.0g is perfectly capable of talking both DTLSv1.2 and<br>
> DTSLv1.0<br>
><br>
> - Your server application should probably be modified to ensure it is<br>
> capable of handling a stalled connection like this (e.g. by timing out<br>
> after a period if a connection is not achieved). Such stalled<br>
> connections can happen in DTLS due to packet loss. For example the<br>
> protocol version alert could be dropped at a network level. Alerts are<br>
> never retransmitted, so the server will wait for ever waiting for the<br>
> next message.<br>
><br>
> - Do you control the client in this case? I wonder why the client is<br>
> configured for DTLSv1.2 only (rather than being able to handle both<br>
> DTLSv1.2 *and* DTLSv1.0). Is this a deliberate choice or a<br>
> mis-configuration?<br>
><br>
><br>
> Matt<br>
><br>
> ><br>
> > yes, the SSL_get_error() gives 2.<br>
> > The alert is sent but ignored.<br>
> ><br>
> > Thanks,<br>
> > Grace<br>
> ><br>
> > On Wed, Jan 3, 2018 at 4:23 PM, Matt Caswell <<a href="mailto:matt@openssl.org">matt@openssl.org</a> <mailto:<a href="mailto:matt@openssl.org">matt@openssl.org</a>><br>
</div></div><div><div class="h5">> > <mailto:<a href="mailto:matt@openssl.org">matt@openssl.org</a> <mailto:<a href="mailto:matt@openssl.org">matt@openssl.org</a>>>> wrote:<br>
> ><br>
> ><br>
> ><br>
> > On 03/01/18 10:40, Grace Priscilla Jero wrote:<br>
> > > Hi,<br>
> > > Can someone please respond to the below mail as we want to<br>
> confirm if it<br>
> > > is an issue with our application or a bug in openSSL.<br>
> ><br>
> > It isn't a known bug (which doesn't mean it isn't an unknown<br>
> bug!).<br>
> ><br>
> > I think we're going to need some more information to help you<br>
> with this<br>
> > issue. If I understand you correctly you have a server<br>
> application which<br>
> > only supports DTLS 1.0 and it is that application which is<br>
> failing?<br>
> > Which version of OpenSSL is this? All currently supported<br>
> versions of<br>
> > OpenSSL have the capability to support DTLS1.2 so I'm not sure<br>
> why you<br>
> > have this scenario.<br>
> ><br>
> > You say that "SSL_accept continuously loops with error 2". Do<br>
> you mean<br>
> > by that SSL_accept() returns an error and calling<br>
> SSL_get_error() gives<br>
> > you SSL_ERROR_WANT_READ (value 2)?<br>
> ><br>
> > "The ALERT is not processed": does this mean you are expecting<br>
> to see an<br>
> > alert but it isn't sent? Or an alert is sent but it is ignored?<br>
> ><br>
> > Perhaps a wireshark trace of the exchange would help us to<br>
> understand<br>
> > what you are seeing.<br>
> ><br>
> > Matt<br>
> ><br>
> ><br>
> > ><br>
> > > Thanks,<br>
> > > Grace<br>
> > ><br>
> > > On Fri, Dec 15, 2017 at 3:23 PM, Grace Priscilla Jero<br>
> > > <<a href="mailto:grace.priscilla@gmail.com">grace.priscilla@gmail.com</a><br>
> <mailto:<a href="mailto:grace.priscilla@gmail.com">grace.priscilla@gmail.<wbr>com</a>> <mailto:<a href="mailto:grace.priscilla@gmail.com">grace.priscilla@gmail.<wbr>com</a><br>
> <mailto:<a href="mailto:grace.priscilla@gmail.com">grace.priscilla@gmail.<wbr>com</a>>><br>
> > <mailto:<a href="mailto:grace.priscilla@gmail.com">grace.priscilla@<wbr>gmail.com</a><br>
> <mailto:<a href="mailto:grace.priscilla@gmail.com">grace.priscilla@gmail.<wbr>com</a>><br>
</div></div><span class="">> > <mailto:<a href="mailto:grace.priscilla@gmail.com">grace.priscilla@<wbr>gmail.com</a> <mailto:<a href="mailto:grace.priscilla@gmail.com">grace.priscilla@gmail.<wbr>com</a>>>>> wrote:<br>
> > ><br>
> > > Hi All,<br>
> > ><br>
> > > We are having an issue with DTLS on UDP.<br>
> > ><br>
> > > The scenario is that, when a client of DTLS version 1.2 is<br>
> > trying to<br>
> > > connect to a server which is at version DTLS 1.0 the SSL_accept<br>
> > > continuously loops with error 2. The ALERT is not processed. <br>
> > > Is this a known bug?<br>
> > ><br>
> > > Because of the loop, the application is unable to process new<br>
> > changes. <br>
> > ><br>
> > > Thanks,<br>
> > > Grace<br>
> > ><br>
> > ><br>
> > ><br>
> > ><br>
> > --<br>
> > openssl-users mailing list<br>
> > To unsubscribe:<br>
> > <a href="https://mta.openssl.org/mailman/listinfo/openssl-users" rel="noreferrer" target="_blank">https://mta.openssl.org/<wbr>mailman/listinfo/openssl-users</a><br>
> <<a href="https://mta.openssl.org/mailman/listinfo/openssl-users" rel="noreferrer" target="_blank">https://mta.openssl.org/<wbr>mailman/listinfo/openssl-users</a><wbr>><br>
</span>> > <<a href="https://mta.openssl.org/mailman/listinfo/openssl-users" rel="noreferrer" target="_blank">https://mta.openssl.org/<wbr>mailman/listinfo/openssl-users</a><br>
> <<a href="https://mta.openssl.org/mailman/listinfo/openssl-users" rel="noreferrer" target="_blank">https://mta.openssl.org/<wbr>mailman/listinfo/openssl-users</a><wbr>>><br>
> ><br>
> ><br>
><br>
><br>
</blockquote></div><br></div></div>