The introduction of NPN support seems to have broken DTLS. [12] ./openssl s_server -dtls1 WARNING: can't open config file: /usr/local/ssl/openssl.cnf Using default temp DH parameters Using default temp ECDH parameters ACCEPT ERROR 2692642180:error:1408C06F:SSL routines:SSL3_GET_FINISHED:bad digest length:s3_both.c:262: shutting down SSL CONNECTION CLOSED ACCEPT
I haven't tracked down the exact defect, but I'm assuming that ssl3_take_mac() needs to be added to dtls1_get_message() to match up to the change in ssl3_get_message(). ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org