[openssl-dev] [openssl.org #4119] DTLS resets handshake hash too frequently for ClientHello
Matt Caswell via RT
rt at openssl.org
Wed Nov 4 12:04:54 UTC 2015
On 03/11/15 17:43, David Benjamin via RT wrote:
> I'm not sure that fix quite works though. If BIO_flush completes
> asynchronously
Ahhh, yes good point. Updated patch attached.
> (hrm, it's missing an rwstate update),
Yes, just discovered that myself and then came back and reread your
email to find out you already pointed it out! Also addressed in updated
patch.
> then I believe you'll
> be in a state where you *do* want to repeat the init_off / init_num adjust.
> You might be able to get away with using init_off/init_num with some minor
> tweaks? Another problem: because the fragment headers clobber whatever was
> already written, msg_callback sees garbage.
Yuck. Not addressed that issue yet. I'll deal with that separately.
> Yeah, this part of DTLS (like much of it) is woefully underspecified. We
> keep stuffing things into ClientHellos, so if one does need to support
> fragmented ones, I think the right way to do stateless HelloVerifyRequest
> is to silently drop all non-initial ClientHello fragments and require the
> initial one be large enough to include the client_random and whatever else
> you figure into the cookie.
I really like that idea. I'll take a look at doing that in the new
DTLSv1_listen code.
Matt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dtls-frag-retry2.patch
Type: text/x-patch
Size: 6590 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20151104/bfbfcd69/attachment.bin>
More information about the openssl-dev
mailing list