Re: [openssl-dev] [openssl.org #3657] OpenSSL 1.0.1k DTLS handshake no longer works

Wed, 14 Jan 2015 13:00:48 -0800 

Forgot to add the 1.0.1k version info:
$ /tmp/ssl/bin/openssl version
OpenSSL 1.0.1k 8 Jan 2015

> On Jan 14, 2015, at 22:54, Eugen-Andrei Gavriloaie <shir...@gmail.com> wrote:
> 
> Hi Matt,
> 
> Here are more explanations:
> 
> On my Mac OS X Yosemite, the OS provided OpenSSL version
> $ openssl version
> OpenSSL 1.0.1j 15 Oct 2014
> 
> Compiling the test
> $ gcc ~/Dropbox/Public/dtls_bug.c -Wno-deprecated-declarations -lssl -lcrypto 
> -o /tmp/dtls_bug
> 
> Running the test
> $ /tmp/dtls_bug 
> $ 
> 
> As we can see, everything looks good, nothing happens, the app exist with 0 
> error code
> 
> On my Mac OS X Yosemite, manually compiled OpenSSL 1.0.1k and installed it 
> into /tmp/ssl as a static lib (with shared lib behaves the same) Compiling:
> $ gcc dtls_bug.c -Wno-deprecated-declarations /tmp/ssl/lib/libssl.a 
> /tmp/ssl/lib/libcrypto.a -o /tmp/dtls_bug
> 
> Running:
> $ /tmp/dtls_bug 
> Assertion failed: (pSSLBuffer->length != 0), function main, file 
> /Users/shiretu/Dropbox/Public/dtls_bug.c, line 110.
> Abort trap: 6
> 
> As we can see, it fails that that line where I expect the output buffer to be 
> populated with an answer and is not happening. The pSSLBuffer->length != 0 
> fails
> 
> Same behavior can be seen on Ubuntu 14.10 64 bit
> 
> Best regards,
> Andrei
> 
> 
>> On Jan 14, 2015, at 22:21, Eugen-Andrei Gavriloaie via RT <r...@openssl.org> 
>> wrote:
>> 
>> Hi all,
>> 
>> I believe I have found a bug which is only present in the latest versions 
>> (1.0.1k)
>> 
>> I have created a simple C test which does the following things in this order:
>> 
>> 1. initialize the SSL library
>> 2. creates an X509 key and cert
>> 3. creates an DTLS server SSL context
>> 4. Setup 2 memory BIO instances on the SSL context
>> 5. Feed the input BIO with a hardcoded "Client Hello" packet
>> 6. Call SSL_accept
>> 
>> Wanted:
>> The output BIO should contain a packet ("Server Hello") to be sent over the 
>> wire
>> 
>> Observed:
>> The output BIO is empty, the handshake never succeeds
>> 
>> Same file test app linked with OpenSSL 1.0.1j works as expected, the output 
>> is generated.
>> 
>> I have attached the C file.
>> 
>> Best regards,
>> Andrei
>> 
>> 
>> <dtls_bug.c>
>> 
>> 
>> _______________________________________________
>> openssl-dev mailing list
>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
> 

_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Reply via email to