[openssl-dev] 1.0.2 regression with Cisco DTLS_BAD_VER
David Woodhouse
dwmw2 at infradead.org
Tue Feb 17 16:21:45 UTC 2015
(Dropping rt@ from Cc as it doesn't seem to be working any more).
On Mon, 2015-02-16 at 10:28 +0000, David Woodhouse wrote:
> Connected vpntest0 as 192.168.1.13, using SSL
> d1_both.c(1112): OpenSSL internal error, assertion failed:
> s->d1->w_msg_hdr.msg_len + DTLS1_CCS_HEADER_LENGTH == (unsigned
> int)s->init_num
> Aborted (core dumped)
>
> ---
> The patch below fixes it. Tested in 1.0.2,
Hm, that was tested against ocserv¹, not an actual Cisco ASA. That uses
GnuTLS, which doesn't care too much about the version number in the
ClientHello when it's told to use Cisco DTLS compatibility mode.
The Cisco ASA, on the other hand, is offended by a change in commit
741c9959. In switching from dtls1_client_hello() to the more generic
ssl3_client_hello() we now end up putting ssl->client_version on the
wire instead of ssl->version.
This fixes it for OpenSSL 1.0.2 and HEAD, but I'm not sure if it's
entirely correct. And if it is, do we need to be setting
s->client_version in any of the other cases too?
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index 2845757..1f10054 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -270,7 +270,7 @@ void dtls1_clear(SSL *s)
ssl3_clear(s);
if (s->options & SSL_OP_CISCO_ANYCONNECT)
- s->version = DTLS1_BAD_VER;
+ s->client_version = s->version = DTLS1_BAD_VER;
else if (s->method->version == DTLS_ANY_VERSION)
s->version = DTLS1_2_VERSION;
else
--
dwmw2
¹ http://www.infradead.org/ocserv/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5745 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150217/b0d2bf95/attachment.bin>
More information about the openssl-dev
mailing list