Hi all,
The patch that disable renegotiation has broken DTLS's ClientHello exchange
in 0.9.8l.
Server sends an Alert together with HelloVerifyRequest...
Thanks,
Alex.
alexl-lnx2:~/openssl-098l/openssl/apps ./openssl s_server -dtls1 -debug
Using default temp DH parameters
Using default temp ECDH
Hi all,
Just wondering if there is any plan to release OpenSSL 0.9.8l ?
If so, do we know when?
I'd like to stay with the 0.9.8 branch, but I do see some fixes double
committed from the 1.0.0 branch.
Thanks,
Alex.
Hi,
This is somewhat related to RT #1709
In the case where one record within the flight is lost, the DTLS state
machine will
continue to move forward without detecting it.
This is observed when the MTU is low and the cert was fragmented into
multiple records.
Let's say one fragment of the
OpenSSL would SegFault if the DTLS server receives a ChangeCipherSpec as the
first record instead of ClientHello.
Thanks,
Alex.
OpenSSL would SegFault if the DTLS server receives a ChangeCipherSpec as the first record instead of ClientHello.Thanks,Alex.
Hi,
The alert message currently contains extra bytes in the payload.
Proposed patch below
Thanks,
Alex.
Index: ssl/d1_pkt.c
===
RCS file: /data1/Repository/openssl/ssl/d1_pkt.c,v
retrieving revision 1.4.2.9
diff -u -w -B -b
I believe the answers are...
1) SSL_free(ssl)
2) SSL* ssl
3) SSL_free(ssl)
On 10/21/07, wang9736 [EMAIL PROTECTED] wrote:
hi all
if server has reboot ,what should client do to reconnect with server ?
SSL_shutdown(ssl);
SSL_free(ssl);
SSL_CTX_free(ctx);
close(normal_tcp_fd);
all
Confirm fixed. Thanks!
alex
On 10/21/07, Andy Polyakov via RT [EMAIL PROTECTED] wrote:
According to our records, your request has been resolved. If you have any
further questions or concerns, please respond to this message.
Confirm fixed. Thanks!alexOn 10/21/07, Andy Polyakov via RT [EMAIL
Hi Vincent,
A random number is needed to generate the IV for AES-CBC.
Please see top of page 22 of RFC 4346.
Alex
On 10/16/07, v.miethe [EMAIL PROTECTED] wrote:
Hi all,
May i'am wrong but:
In function dtls1_enc() iv-size random bytes will be added to input before
encryption. (if block
Hi,
Since ChangeCipherSpec is not of handshake message type, the handshake
message sequence number should not be incremented. Only the record level
sequence number shall be incremented.
Proposed patch attached modifies both the TX side and the RX side.
Thanks,
Alex
Hi,Since ChangeCipherSpec is
Hi Andy,
4347, section 4.2.6
However, in order to remove sensitivity to fragmentation, the Finished MAC
MUST be computed as if each handshake message had been send as a single
fragment.
My interpretation is that you re-assemble all fragments and fix the
handshake
header as if it is a single
Hi,
I noticed that the DTLS record layer MAC is computed using wrong input.
* Instead of using DTLS version , it's using TLS version.
* DTLS record layer epoch is also missing.
Please find patch file attached.
I am looking forward to 0.9.8f as it is closing the non-RFC compliance gap.
When will
Hi all,
The cookie length field in the ServerHello message is always zero because we
are setting the length field before the cookie callback function.
Please find patch attach to fix this.
Thanks,
alex
Index: d1_srvr.c
===
RCS
Hi all,
There had been a number of email threads on both the user and dev mailing
lists regarding DTLS non-RFC-compliance.
So, I think it is better to group them together to raise awareness and
ensure interoperability with other DTLS stacks.
I have verified these on snapshot-2007 08 01
1)
Hey Kiran,I am not sure about (1), but I second (2). In addition, I want to add to your list..On 5/24/06, kiran kumar
[EMAIL PROTECTED] wrote:The dtls implementation in OpenSSL-0.9.8a/0.9.8b seems to be non-conformant with RFC 4347 atleast in the following two cases:
1)Initial ClientHello and
14 matches
Mail list logo
