[openssl.org #1711] DTLS: Handshake does not detect missing/incomplete records in flight.

Hi, This is somewhat related to RT #1709 In the case where one record within the flight is lost, the DTLS state machine will continue to move forward without detecting it. This is observed when the MTU is low and the cert was fragmented into multiple records. Let's say one fragment of the

[openssl.org #1679] DTLS: SegFault if ChangeCipherSpec is received before ClientHello

OpenSSL would SegFault if the DTLS server receives a ChangeCipherSpec as the first record instead of ClientHello. Thanks, Alex. OpenSSL would SegFault if the DTLS server receives a ChangeCipherSpec as the first record instead of ClientHello.Thanks,Alex.

[openssl.org #1632] DTLS: Extra bytes in Alert messages

Hi, The alert message currently contains extra bytes in the payload. Proposed patch below Thanks, Alex. Index: ssl/d1_pkt.c === RCS file: /data1/Repository/openssl/ssl/d1_pkt.c,v retrieving revision 1.4.2.9 diff -u -w -B -b

Re: [openssl.org #1587] Resolved: DTLS: ChangeCipherSpec is causing handshake message sequence number to increment

Confirm fixed. Thanks! alex On 10/21/07, Andy Polyakov via RT [EMAIL PROTECTED] wrote: According to our records, your request has been resolved. If you have any further questions or concerns, please respond to this message. Confirm fixed. Thanks!alexOn 10/21/07, Andy Polyakov via RT [EMAIL

[openssl.org #1587] DTLS: ChangeCipherSpec is causing handshake message sequence number to increment

Hi, Since ChangeCipherSpec is not of handshake message type, the handshake message sequence number should not be incremented. Only the record level sequence number shall be incremented. Proposed patch attached modifies both the TX side and the RX side. Thanks, Alex Hi,Since ChangeCipherSpec is