[openssl-dev] [openssl.org #3657] OpenSSL 1.0.1k DTLS handshake no longer works

Eugen-Andrei Gavriloaie via RT rt at openssl.org
Thu Jan 15 16:01:51 UTC 2015


Hi all,

Also, just for completeness, I want to point out I'm a fortunate case where I can actually touch the code and recompile it to fix the issue. I'm sure that other cases are not so fortunate. IMHO, when DTLS method is used, that call should be made by default in the internals of OpenSSL

Best regards,
Andrei

> On Jan 14, 2015, at 22:21, Eugen-Andrei Gavriloaie via RT <rt at openssl.org> wrote:
> 
> Hi all,
> 
> I believe I have found a bug which is only present in the latest versions (1.0.1k)
> 
> I have created a simple C test which does the following things in this order:
> 
> 1. initialize the SSL library
> 2. creates an X509 key and cert
> 3. creates an DTLS server SSL context
> 4. Setup 2 memory BIO instances on the SSL context
> 5. Feed the input BIO with a hardcoded "Client Hello" packet
> 6. Call SSL_accept
> 
> Wanted:
> The output BIO should contain a packet ("Server Hello") to be sent over the wire
> 
> Observed:
> The output BIO is empty, the handshake never succeeds
> 
> Same file test app linked with OpenSSL 1.0.1j works as expected, the output is generated.
> 
> I have attached the C file.
> 
> Best regards,
> Andrei
> 
> 
> <dtls_bug.c>
> 
> 
> _______________________________________________
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev




More information about the openssl-dev mailing list