Hello, I apologize if this message appears multiple times.
This is a proposed patch for openssl-0.9.8-beta for all platforms. I tested it with openssl-0.9.8beta2 however I think it is applicable to all openssl-0.9.8 trees. I think the current implementation of DTLS is not compliant with the draft. According to http://www.ietf.org/internet-drafts/draft-rescorla-dtls-04.txt Section 4.3 the HelloVerifyRequest is defined like this: struct { Cookie cookie<0..32>; } HelloVerifyRequest; The 0.9.8-beta2 implementation has two additional octets which specify the protocol version. Is this according to a newer version of the DTLS draft or is it an error? Attached is a patch that removes the code that parses and generates this additional octets. Thanks Tigran Gevorgyan -------------------------------------------------------------------- This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. Thank you. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]