[openssl-dev] [openssl.org #3657] OpenSSL 1.0.1k DTLS handshake no longer works
Eugen-Andrei Gavriloaie
shiretu at gmail.com
Wed Jan 14 22:10:26 UTC 2015
Looks like dtls1_get_record is always returning -1
Still digging...
> On Jan 15, 2015, at 00:01, Eugen-Andrei Gavriloaie <shiretu at gmail.com> wrote:
>
>
>> On Jan 14, 2015, at 23:39, Viktor Dukhovni <openssl-users at dukhovni.org> wrote:
>>
>> On Wed, Jan 14, 2015 at 11:31:02PM +0200, Eugen-Andrei Gavriloaie wrote:
>>
>>> Dynamic:
>>> $ ls -Al /tmp/ssl/lib/
>>> total 11336
>>> drwxr-xr-x 14 shiretu wheel 476 Jan 14 23:27 engines
>>> -r-xr-xr-x 1 shiretu wheel 1602352 Jan 14 23:27 libcrypto.1.0.0.dylib
>>> -rw-r--r-- 1 shiretu wheel 3196880 Jan 14 23:27 libcrypto.a
>>> lrwxr-xr-x 1 shiretu wheel 21 Jan 14 23:27 libcrypto.dylib -> libcrypto.1.0.0.dylib
>>> -r-xr-xr-x 1 shiretu wheel 382440 Jan 14 23:27 libssl.1.0.0.dylib
>>> -rw-r--r-- 1 shiretu wheel 605504 Jan 14 23:27 libssl.a
>>> lrwxr-xr-x 1 shiretu wheel 18 Jan 14 23:27 libssl.dylib -> libssl.1.0.0.dylib
>>> drwxr-xr-x 5 shiretu wheel 170 Jan 14 23:27 pkgconfig
>>
>> And you have the 1.0.1k include files (/tmp/ssl/include/openssl/*.h)?
>> And "/tmp/ssl/bin/openssl version -a" output is what?
>>
>>> $ gcc ~/Dropbox/Public/dtls_bug.c -I/tmp/ssl/include -L/tmp/ssl/lib -lssl -lcrypto -o /tmp/dtls_bug
>>>
>>> $ otool -L /tmp/dtls_bug
>>> /tmp/dtls_bug:
>>> /tmp/ssl/lib/libssl.1.0.0.dylib (compatibility version 1.0.0, current version 1.0.0)
>>> /tmp/ssl/lib/libcrypto.1.0.0.dylib (compatibility version 1.0.0, current version 1.0.0)
>>> /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1213.0.0)
>>
>>> $ /tmp/dtls_bug
>>> Assertion failed: (pSSLBuffer->length != 0), function main, file /Users/shiretu/Dropbox/Public/dtls_bug.c, line 110.
>>> Abort trap: 6
>>
>> You should also update your code to report error return values from
>> SSL_accept() and print the contents of error stack.
> $ /tmp/dtls_bug
> ret: -1
> sslErrorCode: 2
> Assertion failed: (pSSLBuffer->length != 0), function main, file /Users/shiretu/Dropbox/Public/dtls_bug.c, line 114.
> Abort trap: 6
>
> errorCode 2 means SSL_ERROR_WANT_READ, which is consistent with the rejection of the input packet.
>
> And the updated source:
> https://dl.dropboxusercontent.com/u/2918563/dtls_bug.c
>
>>
>> --
>> Viktor.
>> _______________________________________________
>> openssl-dev mailing list
>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
>
More information about the openssl-dev
mailing list