Re: DTLS and mutual authentication. - Openssl
This is a discussion on Re: DTLS and mutual authentication. - Openssl ; It's probability the same issue.
There is also message at found at
http://groups.google.com/group/maili...d5d65994f0886e
that references a fix for this from nagendra modadugu. It seems that the
fix may be out there but is not making it back into
openssl.
Kyle ...
-
Re: DTLS and mutual authentication.
It's probability the same issue.
There is also message at found at
http://groups.google.com/group/maili...d5d65994f0886e
that references a fix for this from nagendra modadugu. It seems that the
fix may be out there but is not making it back into
openssl.
Kyle Hamilton wrote:
> My mistake -- the patch that was applied was the one to issue an
> unexpected message alert on unexpected packets. There is an issue
> that I'm seeing in my archives which suggests that 'openssl s_client
> -verify 2 -dtls' can assert-crash the client, which I haven't seen any
> followup on.
>
> The DTLS code is buggy, and is known not to be production-stable.
> Unfortunately, I don't work on it. (I try to be something of a
> librarian -- knowing about things, and helping others with
> knowledge... but I'm not adept at that, either.)
>
> -Kyle H
>
> On 9/28/06, Jeremy Goddard wrote:
>> I tried both openssl-SNAP-20060928.tar.gz and
>> openssl-0.9.8-stable-SNAP-20060928.tar.gz. They both exhibit the same
>> error. Did I get the wrong file?
>>
>> -Jeremy
>>
>> Kyle Hamilton wrote:
>> > There was a patch applied recently (within the past week) to address
>> > that assertion. Please try the latest 0.9.8 snapshot.
>> >
>> > -Kyle H
>> >
>> > On 9/27/06, Jeremy Goddard wrote:
>> >> Hello,
>> >>
>> >> When attempting to use DTLS with mutual authentication my DTLS server
>> >> fails with message:
>> >>
>> >> d1_both.c(1064): OpenSSL internal error, assertion failed:
>> >> s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH == (unsigned
>> >> int)s->init_num"
>> >>
>> >> I have noted a few threads referencing this error going back to
>> version
>> >> 9.7a. Can anyone advise me if there if there is a fix available for
>> >> this?
>> >>
>> >> My current openssl version is 9.8a
>> >>
>> >> Thanks,
>> >> Jeremy
>> >>
>> >>
>> >>
>> >>
>> __________________________________________________ ____________________
>> >> OpenSSL Project
>> http://www.openssl.org
>> >> Development Mailing List
>> openssl-dev@openssl.org
>> >> Automated List Manager
>> majordomo@openssl.org
>> >>
>> >
>> >
>>
>> __________________________________________________ ____________________
>> OpenSSL Project http://www.openssl.org
>> Development Mailing List openssl-dev@openssl.org
>> Automated List Manager majordomo@openssl.org
>>
>
>
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org
