Hi All, I am using openssl-0.9.8n with dtls-srtp extension. After upgrading to openssl version 0.9.8n I see a weird problem.
This happens only once in a few hundred dtls handshakes. The dtls client sends client hello with 0 session id. The dtls server sends server hello with valid session id. Instead of responding to the server hello with ClientKeyExchange the client sends back a client hello message with 0 session id but some additional data (244 bytes) at the end of the packet. Here is the dump of the spurious client hello : <355 bytes> 16 fe ff 00 00 00 00 00 00 00 01 00 60 01 00 00 54 00 00 00 00 00 00 00 54 fe ff 4c 19 5e 5b e2 da 29 22 22 c8 b3 ad 81 e2 33 1f e5 ec a0 1c 73 b8 ee a0 0f 0c 74 c0 ae 02 00 da 00 00 00 24 00 39 00 38 00 35 00 16 00 13 00 0a 00 33 00 32 00 2f 00 07 00 15 00 12 00 09 00 14 00 11 00 08 00 06 00 ff 01 00 00 06 80 01 00 02 00 01 16 fe ff 00 00 00 00 00 00 00 02 00 8e 10 00 00 82 00 01 00 00 00 00 00 82 00 80 04 de 96 fd 46 62 1e 81 e8 41 30 ef 6d 73 34 f4 e5 cf 6e 50 3a a5 46 da ce d3 5b 32 2d af 5e 2b f5 8a d0 68 a2 76 89 b2 e7 fd 09 ef ae 3d f8 d4 01 bc 64 21 ec cd 0a 10 0f 02 22 de 22 f0 7b 65 d4 c3 03 f7 2c f9 36 29 a5 0c d8 2c 1f aa 71 76 ed aa e3 8c 05 e0 ac 87 4d 6e 74 b4 b9 88 61 c6 f1 58 88 ac a1 a4 e2 d7 76 4a ac 9b 98 e9 bd a6 53 7a ff 5e 57 ef c3 0e 44 bd fc a5 d5 ae 0e 1d 14 fe ff 00 00 00 00 00 00 00 03 00 01 01 16 fe ff 00 01 00 00 00 00 00 00 00 40 9e f2 5e 8b df 59 06 b1 a8 8b 98 ff aa 30 a2 37 83 c5 a3 52 a7 63 5a 35 ad 93 d5 00 5d c8 a7 e9 a3 cb 5b 5d 99 c0 29 bc 41 e7 73 3d ed 01 97 58 37 bb 05 7f 9e 36 45 67 92 7b 04 24 08 f4 f2 dc On receiving this client hello the server assumes that we are resuming an existing session and responds back with ServerHello with Finished message. Has anyone seen such a issue or know why this could happen with 0.9.8n. Any help is greatly appreciated. Regards, Nivedita
