Re: OpenSSL 0.9.8b - DTLS1 bug
Hi, This implementation is totally wrong (I posted a complete list of problems I've found), this implementation doesn't follow the rfc at all but works on my Debian box to see where the problem comes from you could use Wireshark (new version of Ethereal) I have made a dissector that allow you to see messages...(it's an advice) If you put pcap file I will try to correct this when I have time (not before 1 month) (I have done a patch that I posted a long time ago that correct version problem and ClientKeyExchange buggy message but don't apply it to see messages with Wireshark) regards, Samuel On 8/11/06, Kyle Hamilton [EMAIL PROTECTED] wrote: As I recall, it was someone who was working on it who was having patches committed as he implemented it, and never finished it? It probably is buggy. -Kyle H On 8/10/06, ViSolve Security Consulting Group [EMAIL PROTECTED] wrote: Hi Developers, We have compiled OpenSSL 0.9.8b on HP-UX Itanium Processor Family. While trying to establish a communication between a server and a client with DTLS1 protocol support. The server aborts with a core dump. SSL_accept:SSLv3 write key exchange A d1_both.c(1063): OpenSSL internal error, assertion failed: s-d1-w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH == (unsigned int)s-init_num Abort(coredump) Is it a bug in DTLS1 protocol support in OpenSSL ?? The commands we used for SSL server client are - # openssl s_server -accept 1234 -cert ksb_cert.pem -key ksb_priv_key.pem -verify 2 -CAfile ca_cert.pem -dtls1 -state -debug # openssl s_client -connect localhost:1234 -verify 2 -CAfile ca_cert.pem -cert ksb_cert.pem -key ksb_priv_key.pem -dtls1 -state -debug Thanks, ViSolve Security Consulting Group. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED] -- Authesserre Samuel 12 rue de la défense passive 14000 CAEN FRANCE 06-27-28-13-32 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Documentation question
Hi, I would like to know where I can find documentation on openssl implementation (not API use for programming others programs, I'm looking for openssl internals) I want to correct dtls implementation (I have already sent a little patch ;) ) and I want to understand implementation organization to realize clean code(general architecture and operation) Thanks by advance for yours answers regards, -- Authesserre Samuel 12 rue de la défense passive 14000 CAEN FRANCE 06-27-28-13-32 [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: [PATCH] DTLS version + 2 bytes length rsa key exchange
hi, this little patch to correct version problem and add the 2 bytes before rsa key exchange... I am searching how I can add replay in this implementation, if someone have an idea I will thank him and I will follow advices to create the patch (I don't know well openssl implem) regards, -- ++ + Authesserre Samuel+ + 12 rue de la défense passive+ + 14000 CAEN + + FRANCE + + 06-27-28-13-32 + + [EMAIL PROTECTED] + ++ diff -ru openssl-0.9.8b/include/openssl/dtls1.h openssl-0.9.8b_patched/include/openssl/dtls1.h --- openssl-0.9.8b/include/openssl/dtls1.h 2005-05-31 00:34:27.0 +0200 +++ openssl-0.9.8b_patched/include/openssl/dtls1.h 2006-06-16 08:53:48.033483744 +0200 @@ -67,9 +67,9 @@ extern C { #endif -#define DTLS1_VERSION 0x0100 -#define DTLS1_VERSION_MAJOR 0x01 -#define DTLS1_VERSION_MINOR 0x00 +#define DTLS1_VERSION 0xFEFF +#define DTLS1_VERSION_MAJOR 0xFE +#define DTLS1_VERSION_MINOR 0xFF #define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE110 diff -ru openssl-0.9.8b/ssl/d1_clnt.c openssl-0.9.8b_patched/ssl/d1_clnt.c --- openssl-0.9.8b/ssl/d1_clnt.c 2005-12-05 18:32:19.0 +0100 +++ openssl-0.9.8b_patched/ssl/d1_clnt.c 2006-06-16 08:55:27.044431792 +0200 @@ -733,7 +733,7 @@ q=p; /* Fix buf for TLS and beyond */ - if (s-version SSL3_VERSION) + p+=2; n=RSA_public_encrypt(sizeof tmp_buf, tmp_buf,p,rsa,RSA_PKCS1_PADDING); @@ -748,12 +748,9 @@ } /* Fix buf for TLS and beyond */ - if (s-version SSL3_VERSION) -{ -s2n(n,q); -n+=2; -} - + s2n(n,q); + n+=2; + s-session-master_key_length= s-method-ssl3_enc-generate_master_secret(s, s-session-master_key, Seulement dans openssl-0.9.8b_patched/ssl: d1_clnt.c~ diff -ru openssl-0.9.8b/ssl/d1_pkt.c openssl-0.9.8b_patched/ssl/d1_pkt.c --- openssl-0.9.8b/ssl/d1_pkt.c 2006-02-08 20:16:32.0 +0100 +++ openssl-0.9.8b_patched/ssl/d1_pkt.c 2006-06-16 08:55:55.442114688 +0200 @@ -486,9 +486,9 @@ SSL3_RECORD *rr; SSL_SESSION *sess; unsigned char *p; - short version; + unsigned short version; DTLS1_BITMAP *bitmap; -unsigned int is_next_epoch; + unsigned int is_next_epoch; rr= (s-s3-rrec); sess=s-session; Seulement dans openssl-0.9.8b_patched/ssl: d1_pkt.c~ diff -ru openssl-0.9.8b/ssl/dtls1.h openssl-0.9.8b_patched/ssl/dtls1.h --- openssl-0.9.8b/ssl/dtls1.h 2005-05-31 00:34:27.0 +0200 +++ openssl-0.9.8b_patched/ssl/dtls1.h 2006-06-16 08:53:48.033483744 +0200 @@ -67,9 +67,9 @@ extern C { #endif -#define DTLS1_VERSION 0x0100 -#define DTLS1_VERSION_MAJOR 0x01 -#define DTLS1_VERSION_MINOR 0x00 +#define DTLS1_VERSION 0xFEFF +#define DTLS1_VERSION_MAJOR 0xFE +#define DTLS1_VERSION_MINOR 0xFF #define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE110 Seulement dans openssl-0.9.8b_patched/ssl: dtls1.h~
[PATCH] DTLS version + 2 bytes length rsa key exchange
hi, this little patch to correct version problem and add the 2 bytes before rsa key exchange... I am searching how I can add replay in this implementation, if someone have an idea I will thank him and I will follow advices to create the patch (I don't know well openssl implem) regards, -- ++ + Authesserre Samuel+ + 12 rue de la défense passive+ + 14000 CAEN + + FRANCE + + 06-27-28-13-32 + + [EMAIL PROTECTED] + ++ diff -ru openssl-0.9.8b/include/openssl/dtls1.h openssl-0.9.8b_patched/include/openssl/dtls1.h --- openssl-0.9.8b/include/openssl/dtls1.h 2005-05-31 00:34:27.0 +0200 +++ openssl-0.9.8b_patched/include/openssl/dtls1.h 2006-06-16 08:53:48.033483744 +0200 @@ -67,9 +67,9 @@ extern C { #endif -#define DTLS1_VERSION 0x0100 -#define DTLS1_VERSION_MAJOR 0x01 -#define DTLS1_VERSION_MINOR 0x00 +#define DTLS1_VERSION 0xFEFF +#define DTLS1_VERSION_MAJOR 0xFE +#define DTLS1_VERSION_MINOR 0xFF #define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE110 diff -ru openssl-0.9.8b/ssl/d1_clnt.c openssl-0.9.8b_patched/ssl/d1_clnt.c --- openssl-0.9.8b/ssl/d1_clnt.c 2005-12-05 18:32:19.0 +0100 +++ openssl-0.9.8b_patched/ssl/d1_clnt.c 2006-06-16 08:55:27.044431792 +0200 @@ -733,7 +733,7 @@ q=p; /* Fix buf for TLS and beyond */ - if (s-version SSL3_VERSION) + p+=2; n=RSA_public_encrypt(sizeof tmp_buf, tmp_buf,p,rsa,RSA_PKCS1_PADDING); @@ -748,12 +748,9 @@ } /* Fix buf for TLS and beyond */ - if (s-version SSL3_VERSION) -{ -s2n(n,q); -n+=2; -} - + s2n(n,q); + n+=2; + s-session-master_key_length= s-method-ssl3_enc-generate_master_secret(s, s-session-master_key, Seulement dans openssl-0.9.8b_patched/ssl: d1_clnt.c~ diff -ru openssl-0.9.8b/ssl/d1_pkt.c openssl-0.9.8b_patched/ssl/d1_pkt.c --- openssl-0.9.8b/ssl/d1_pkt.c 2006-02-08 20:16:32.0 +0100 +++ openssl-0.9.8b_patched/ssl/d1_pkt.c 2006-06-16 08:55:55.442114688 +0200 @@ -486,9 +486,9 @@ SSL3_RECORD *rr; SSL_SESSION *sess; unsigned char *p; - short version; + unsigned short version; DTLS1_BITMAP *bitmap; -unsigned int is_next_epoch; + unsigned int is_next_epoch; rr= (s-s3-rrec); sess=s-session; Seulement dans openssl-0.9.8b_patched/ssl: d1_pkt.c~ diff -ru openssl-0.9.8b/ssl/dtls1.h openssl-0.9.8b_patched/ssl/dtls1.h --- openssl-0.9.8b/ssl/dtls1.h 2005-05-31 00:34:27.0 +0200 +++ openssl-0.9.8b_patched/ssl/dtls1.h 2006-06-16 08:53:48.033483744 +0200 @@ -67,9 +67,9 @@ extern C { #endif -#define DTLS1_VERSION 0x0100 -#define DTLS1_VERSION_MAJOR 0x01 -#define DTLS1_VERSION_MINOR 0x00 +#define DTLS1_VERSION 0xFEFF +#define DTLS1_VERSION_MAJOR 0xFE +#define DTLS1_VERSION_MINOR 0xFF #define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE110 Seulement dans openssl-0.9.8b_patched/ssl: dtls1.h~
Re: [BUGS] DTLS part of openssl
hi, Thanks for your answer ! I doesn't know this site it a new way to search for me ;) (but for dtls it seems to have 2 posts in total... ) This patch doesn't solve the problem I have : I make a classical connection with a MTU of 900 (the record containing certificate is bigger) the connection failed after the ClientHello, HelloVerifyRequest, ClientHello messages The server can't send his packet and doesn't fragment him It's a minor problem compared with UDP packet loss or reordering (the classical links in our days are Ethernet so 1500 bytes ;) ) best regards, Samuel On 6/12/06, Kurt Roeckx [EMAIL PROTECTED] wrote: On Mon, Jun 12, 2006 at 04:48:07PM +0200, authesserre samuel wrote: - fragmentation seems to not work too (based on MTU move on network interface so I'm not sure that the test is correct) Is this related to: http://www.aet.TU-Cottbus.DE/rt2/Ticket/Display.html?id=1245 Kurt -- ++ + Authesserre Samuel+ + 12 rue de la défense passive+ + 14000 CAEN + + FRANCE + + 06-27-28-13-32 + + [EMAIL PROTECTED] + ++ __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
[BUGS] DTLS part of openssl
Hi all, I have tested DTLS part of openssl and found a lot of errors. I wanted to know if implementation is in progress or not at all to correct them? I will list bellow errors I have seen (I wish this could help DTLS developper(s) part) - MAC is calculated with TLS 1.0 version and without use of epoch field (I have posted a previous mail about this but It disappear on archives? (23/05/06) ) - Version field use 0x0100 in stand of 0xFEFF in handshake protocol : - retransmission timer to handle packet loss don't work - packet reordering don't work - fragmentation seems to not work too (based on MTU move on network interface so I'm not sure that the test is correct) in Application data : - receive of a modified packet (-- bad mac) isn't ignored and make connection closed. I wanted to use this but with this errors it can't be possible at all. I hope this help developpers to find the problems best regards, -- ++ + Authesserre Samuel+ + 12 rue de la défense passive+ + 14000 CAEN + + FRANCE + + 06-27-28-13-32 + + [EMAIL PROTECTED] + ++ __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]