The Sessionticket extension doesn't work with DTLS. The NewSessionTicket message of the server is truncated because of a wrong calculation of the length and the server is also unable to parse the ticket attached to a ClientHello because DTLS is considered as an unknown protocol version.
Regards, Robin Index: ssl/d1_srvr.c =================================================================== RCS file: /v/openssl/cvs/openssl/ssl/d1_srvr.c,v retrieving revision 1.20.2.14 diff -u -r1.20.2.14 d1_srvr.c --- ssl/d1_srvr.c 26 Jan 2010 19:46:29 -0000 1.20.2.14 +++ ssl/d1_srvr.c 31 Jan 2010 18:09:17 -0000 @@ -1525,9 +1667,10 @@ p += hlen; /* Now write out lengths: p points to end of data written */ /* Total length */ - len = p - (unsigned char *)&(s->init_buf->data[DTLS1_HM_HEADER_LENGTH]); + len = p - (unsigned char *)(s->init_buf->data); + /* Ticket length */ p=(unsigned char *)&(s->init_buf->data[DTLS1_HM_HEADER_LENGTH]) + 4; - s2n(len - 18, p); /* Ticket length */ + s2n(len - DTLS1_HM_HEADER_LENGTH - 6, p); /* number of bytes to write */ s->init_num= len; Index: ssl/ssl_asn1.c =================================================================== RCS file: /v/openssl/cvs/openssl/ssl/ssl_asn1.c,v retrieving revision 1.36.2.5 diff -u -r1.36.2.5 ssl_asn1.c --- ssl/ssl_asn1.c 30 Oct 2009 14:06:18 -0000 1.36.2.5 +++ ssl/ssl_asn1.c 31 Jan 2010 18:09:20 -0000 @@ -394,7 +394,7 @@ ((unsigned long)os.data[1]<< 8L)| (unsigned long)os.data[2]; } - else if ((ssl_version>>8) == SSL3_VERSION_MAJOR) + else if ((ssl_version>>8) >= SSL3_VERSION_MAJOR) { if (os.length != 2) { Index: ssl/ssl_sess.c =================================================================== RCS file: /v/openssl/cvs/openssl/ssl/ssl_sess.c,v retrieving revision 1.74.2.1 diff -u -r1.74.2.1 ssl_sess.c --- ssl/ssl_sess.c 19 Apr 2009 18:03:13 -0000 1.74.2.1 +++ ssl/ssl_sess.c 31 Jan 2010 18:09:22 -0000 @@ -538,7 +538,7 @@ p=buf; l=ret->cipher_id; l2n(l,p); - if ((ret->ssl_version>>8) == SSL3_VERSION_MAJOR) + if ((ret->ssl_version>>8) >= SSL3_VERSION_MAJOR) ret->cipher=ssl_get_cipher_by_char(s,&(buf[2])); else ret->cipher=ssl_get_cipher_by_char(s,&(buf[1]));
dtls-sessionticket-bug-1.0.0.patch
Description: Binary data
dtls-sessionticket-bug-0.9.8.patch
Description: Binary data