Hi,
This is somewhat related to RT #1709
In the case where one record within the flight is lost, the DTLS state
machine will
continue to move forward without detecting it.
This is observed when the MTU is low and the cert was fragmented into
multiple records.
Let's say one fragment of the
OpenSSL would SegFault if the DTLS server receives a ChangeCipherSpec as the
first record instead of ClientHello.
Thanks,
Alex.
OpenSSL would SegFault if the DTLS server receives a ChangeCipherSpec as the first record instead of ClientHello.Thanks,Alex.
Hi,
The alert message currently contains extra bytes in the payload.
Proposed patch below
Thanks,
Alex.
Index: ssl/d1_pkt.c
===
RCS file: /data1/Repository/openssl/ssl/d1_pkt.c,v
retrieving revision 1.4.2.9
diff -u -w -B -b
Confirm fixed. Thanks!
alex
On 10/21/07, Andy Polyakov via RT [EMAIL PROTECTED] wrote:
According to our records, your request has been resolved. If you have any
further questions or concerns, please respond to this message.
Confirm fixed. Thanks!alexOn 10/21/07, Andy Polyakov via RT [EMAIL
Hi,
Since ChangeCipherSpec is not of handshake message type, the handshake
message sequence number should not be incremented. Only the record level
sequence number shall be incremented.
Proposed patch attached modifies both the TX side and the RX side.
Thanks,
Alex
Hi,Since ChangeCipherSpec is