Hi, This implementation is totally wrong (I posted a complete list of problems I've found), this implementation doesn't follow the rfc at all but works on my Debian box to see where the problem comes from you could use Wireshark (new version of Ethereal) I have made a dissector that allow you to see messages...(it's an advice) If you put pcap file I will try to correct this when I have time (not before 1 month)
(I have done a patch that I posted a long time ago that correct version problem and ClientKeyExchange buggy message but don't apply it to see messages with Wireshark....) regards, Samuel On 8/11/06, Kyle Hamilton <[EMAIL PROTECTED]> wrote:
As I recall, it was someone who was working on it who was having patches committed as he implemented it, and never finished it? It probably is buggy. -Kyle H On 8/10/06, ViSolve Security Consulting Group <[EMAIL PROTECTED]> wrote: > > > Hi Developers, > > We have compiled OpenSSL 0.9.8b on HP-UX Itanium Processor Family. > > While trying to establish a communication between a server and a client with > DTLS1 protocol support. The server aborts with a core dump. > > SSL_accept:SSLv3 write key exchange A > d1_both.c(1063): OpenSSL internal error, assertion failed: > s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH == (unsigned > int)s->init_num > Abort(coredump) > > Is it a bug in DTLS1 protocol support in OpenSSL ?? > > The commands we used for SSL server & client are - > > # openssl s_server -accept 1234 -cert ksb_cert.pem -key ksb_priv_key.pem > -verify 2 -CAfile ca_cert.pem -dtls1 -state -debug > > # openssl s_client -connect localhost:1234 -verify 2 -CAfile ca_cert.pem > -cert ksb_cert.pem -key ksb_priv_key.pem -dtls1 -state -debug > > Thanks, > ViSolve Security Consulting Group. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
-- Authesserre Samuel 12 rue de la défense passive 14000 CAEN FRANCE 06-27-28-13-32 [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
