> DTLS test "works", but the "random bytes" field differs in the server hello. > There should be > no difference because the test harness is supplying a non-random PRNG.
This is happening because of the following, (which looks like a bug), in ssl/d1_srvr.c, line 923: Time=(unsigned long)time(NULL); /* Time */ l2n(Time,p); RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time)); sizeof(Time) is 8 bytes in x86_84, but l2n() has only advanced the pointer 4 bytes. This leaves 4 bytes of uninitialized data exposed in the random bytes field for x68_64. Unless l2n() can do something different on other platforms, line 923 should be more explicit: RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4); With this fix, my "no-asm" 64bit DTLS test yields a pcap that matches the 32 bit build. ... that isolates the problem to the 64 bit assember changes between 1.0.0 and 1.0.1, specifically, (it would seem), for SHA-1. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org