[openssl-dev] [openssl.org #3657] OpenSSL 1.0.1k DTLS handshake no longer works

Eugen-Andrei Gavriloaie shiretu at gmail.com
Wed Jan 14 22:10:26 UTC 2015 

Looks like dtls1_get_record is always returning -1
Still digging...



> On Jan 15, 2015, at 00:01, Eugen-Andrei Gavriloaie <shiretu at gmail.com> wrote:
> 
> 
>> On Jan 14, 2015, at 23:39, Viktor Dukhovni <openssl-users at dukhovni.org> wrote:
>> 
>> On Wed, Jan 14, 2015 at 11:31:02PM +0200, Eugen-Andrei Gavriloaie wrote:
>> 
>>> Dynamic:
>>> $ ls -Al /tmp/ssl/lib/
>>> total 11336
>>> drwxr-xr-x  14 shiretu  wheel      476 Jan 14 23:27 engines
>>> -r-xr-xr-x   1 shiretu  wheel  1602352 Jan 14 23:27 libcrypto.1.0.0.dylib
>>> -rw-r--r--   1 shiretu  wheel  3196880 Jan 14 23:27 libcrypto.a
>>> lrwxr-xr-x   1 shiretu  wheel       21 Jan 14 23:27 libcrypto.dylib -> libcrypto.1.0.0.dylib
>>> -r-xr-xr-x   1 shiretu  wheel   382440 Jan 14 23:27 libssl.1.0.0.dylib
>>> -rw-r--r--   1 shiretu  wheel   605504 Jan 14 23:27 libssl.a
>>> lrwxr-xr-x   1 shiretu  wheel       18 Jan 14 23:27 libssl.dylib -> libssl.1.0.0.dylib
>>> drwxr-xr-x   5 shiretu  wheel      170 Jan 14 23:27 pkgconfig
>> 
>> And you have the 1.0.1k include files (/tmp/ssl/include/openssl/*.h)?
>> And "/tmp/ssl/bin/openssl version -a" output is what?
>> 
>>> $ gcc ~/Dropbox/Public/dtls_bug.c -I/tmp/ssl/include -L/tmp/ssl/lib -lssl -lcrypto -o /tmp/dtls_bug
>>> 
>>> $ otool -L /tmp/dtls_bug 
>>> /tmp/dtls_bug:
>>> 	/tmp/ssl/lib/libssl.1.0.0.dylib (compatibility version 1.0.0, current version 1.0.0)
>>> 	/tmp/ssl/lib/libcrypto.1.0.0.dylib (compatibility version 1.0.0, current version 1.0.0)
>>> 	/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1213.0.0)
>> 
>>> $ /tmp/dtls_bug 
>>> Assertion failed: (pSSLBuffer->length != 0), function main, file /Users/shiretu/Dropbox/Public/dtls_bug.c, line 110.
>>> Abort trap: 6
>> 
>> You should also update your code to report error return values from
>> SSL_accept() and print the contents of error stack.
> $ /tmp/dtls_bug 
> ret: -1
> sslErrorCode: 2
> Assertion failed: (pSSLBuffer->length != 0), function main, file /Users/shiretu/Dropbox/Public/dtls_bug.c, line 114.
> Abort trap: 6
> 
> errorCode 2 means SSL_ERROR_WANT_READ, which is consistent with the rejection of the input packet.
> 
> And the updated source:
> https://dl.dropboxusercontent.com/u/2918563/dtls_bug.c
> 
>> 
>> -- 
>> 	Viktor.
>> _______________________________________________
>> openssl-dev mailing list
>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
>

More information about the openssl-dev mailing list