[openssl-dev] [openssl.org #3657] OpenSSL 1.0.1k DTLS handshake no longer works
Matt Caswell via RT
rt at openssl.org
Wed Jan 14 21:05:26 UTC 2015
On Wed Jan 14 21:55:17 2015, shiretu at gmail.com wrote:
> Hi Matt,
>
> Here are more explanations:
>
> On my Mac OS X Yosemite, the OS provided OpenSSL version
> $ openssl version
> OpenSSL 1.0.1j 15 Oct 2014
>
> Compiling the test
> $ gcc ~/Dropbox/Public/dtls_bug.c -Wno-deprecated-declarations -lssl
> -lcrypto -o /tmp/dtls_bug
>
> Running the test
> $ /tmp/dtls_bug
> $
>
> As we can see, everything looks good, nothing happens, the app exist
> with 0 error code
>
> On my Mac OS X Yosemite, manually compiled OpenSSL 1.0.1k and
> installed it into /tmp/ssl as a static lib (with shared lib behaves
> the same) Compiling:
> $ gcc dtls_bug.c -Wno-deprecated-declarations /tmp/ssl/lib/libssl.a
> /tmp/ssl/lib/libcrypto.a -o /tmp/dtls_bug
>
> Running:
> $ /tmp/dtls_bug
> Assertion failed: (pSSLBuffer->length != 0), function main, file
> /Users/shiretu/Dropbox/Public/dtls_bug.c, line 110.
> Abort trap: 6
>
> As we can see, it fails that that line where I expect the output
> buffer to be populated with an answer and is not happening. The
> pSSLBuffer->length != 0 fails
>
> Same behavior can be seen on Ubuntu 14.10 64 bit
Does it work in s_client/s_server? i.e.
Start an s_server (you'll need an appropriate cert/key):
openssl s_server -dtls1
Start an s_client:
openssl s_client -dtls1
They should complete a handshake successfully.
Matt
More information about the openssl-dev
mailing list