On Thu, 24 Feb 2011 19:49:46 +0100 Michael wrote: MT> > I was having trouble trying to get the recent DTLS patches to work with MT> > the CentOS/RHEL rpms, so I punted and built a vanilla 1.0.0d version MT> > from the tarball. I'm pleased to report that this problem no longer MT> > happens. I do still get a missed packet (or something), but the server MT> > no longer asserts, and it is only every 100 requests or so, instead of MT> > 10. I can live with that. MT> MT> I assume with 'recent DTLS patches' you refer to the ones Robin has MT> posted today.
It was last night for me, but yes.
MT> Could you elaborate a bit more on the problem you are still experiencing.
MT> If possible, I would prefer that Robin tries to nail it down and fix it,
MT> even if you can life with it.
Sure. I've now got 1.0.0d from the openssl tarball on the server side,
and openssl-1.0.0b-1.fc13.i686 on the client side. I fired up wireshark
on my local machine (the client) to see what was going on.
I've seen three scenarios so far:
> Client Hello Seq# 0
> Client Hello Seq# 1
> Client Hello Seq# 2
> Client Hello Seq# 0
> Client Hello Seq# 1
< Server Hello Seq# 6
> Client Hello Seq# 2
< Server Hello Seq# 12
> Client Hello Seq# 0
> Client Hello Seq# 1
< Server Hello Seq# 0
> Client Hello Seq# 2
< Server Hello Seq# 6
This happens with or without today's patches applied on the server
side. I haven't tried using the 1.0.0d tarball on the client side.
Robert
--
Senior Software Engineer
SPARTA (dba Cobham Analytic Soloutions)
signature.asc
Description: PGP signature
