The fix for the issue that I referenced (-verify 2 on s_client
coredump/segv) was already integrated into CVS, and should have been
part of the snapshot that you downloaded... thus, it might not be the
same issue.

I notice that there was a patch in the message that you linked to. Is
that code in your snapshot? If not, please submit a case via rt with
the patch attached.

Thanks!

-Kyle H

On 9/29/06, Jeremy Goddard wrote:
> It's probability the same issue.
>
> There is also message at found at
> http://groups.google.com/group/maili...d5d65994f0886e
> that references a fix for this from nagendra modadugu. It seems that the
> fix may be out there but is not making it back into
> openssl.
>
> Kyle Hamilton wrote:
> > My mistake -- the patch that was applied was the one to issue an
> > unexpected message alert on unexpected packets. There is an issue
> > that I'm seeing in my archives which suggests that 'openssl s_client
> > -verify 2 -dtls' can assert-crash the client, which I haven't seen any
> > followup on.
> >
> > The DTLS code is buggy, and is known not to be production-stable.
> > Unfortunately, I don't work on it. (I try to be something of a
> > librarian -- knowing about things, and helping others with
> > knowledge... but I'm not adept at that, either.)
> >
> > -Kyle H
> >
> > On 9/28/06, Jeremy Goddard wrote:
> >> I tried both openssl-SNAP-20060928.tar.gz and
> >> openssl-0.9.8-stable-SNAP-20060928.tar.gz. They both exhibit the same
> >> error. Did I get the wrong file?
> >>
> >> -Jeremy
> >>
> >> Kyle Hamilton wrote:
> >> > There was a patch applied recently (within the past week) to address
> >> > that assertion. Please try the latest 0.9.8 snapshot.
> >> >
> >> > -Kyle H
> >> >
> >> > On 9/27/06, Jeremy Goddard wrote:
> >> >> Hello,
> >> >>
> >> >> When attempting to use DTLS with mutual authentication my DTLS server
> >> >> fails with message:
> >> >>
> >> >> d1_both.c(1064): OpenSSL internal error, assertion failed:
> >> >> s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH == (unsigned
> >> >> int)s->init_num"
> >> >>
> >> >> I have noted a few threads referencing this error going back to
> >> version
> >> >> 9.7a. Can anyone advise me if there if there is a fix available for
> >> >> this?
> >> >>
> >> >> My current openssl version is 9.8a
> >> >>
> >> >> Thanks,
> >> >> Jeremy
> >> >>
> >> >>
> >> >>
> >> >>
> >> __________________________________________________ ____________________
> >> >> OpenSSL Project
> >> http://www.openssl.org
> >> >> Development Mailing List
> >> openssl-dev@openssl.org
> >> >> Automated List Manager
> >> majordomo@openssl.org
> >> >>
> >> >
> >> >
> >>
> >> __________________________________________________ ____________________
> >> OpenSSL Project http://www.openssl.org
> >> Development Mailing List openssl-dev@openssl.org
> >> Automated List Manager majordomo@openssl.org
> >>

> >
> >

>
> __________________________________________________ ____________________
> OpenSSL Project http://www.openssl.org
> Development Mailing List openssl-dev@openssl.org
> Automated List Manager majordomo@openssl.org
>



--

-Kyle H
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org