The fix for the issue that I referenced (-verify 2 on s_client coredump/segv) was already integrated into CVS, and should have been part of the snapshot that you downloaded... thus, it might not be the same issue.
I notice that there was a patch in the message that you linked to. Is that code in your snapshot? If not, please submit a case via rt with the patch attached. Thanks! -Kyle H On 9/29/06, Jeremy Goddard <[EMAIL PROTECTED]> wrote:
It's probability the same issue. There is also message at found at http://groups.google.com/group/mailing.openssl.dev/browse_thread/thread/984bdb1f224d55f3/f3d5d65994f0886e?lnk=gst&q=dtls&rnum=26#f3d5d65994f0886e that references a fix for this from nagendra modadugu. It seems that the fix may be out there but is not making it back into openssl. Kyle Hamilton wrote: > My mistake -- the patch that was applied was the one to issue an > unexpected message alert on unexpected packets. There is an issue > that I'm seeing in my archives which suggests that 'openssl s_client > -verify 2 -dtls' can assert-crash the client, which I haven't seen any > followup on. > > The DTLS code is buggy, and is known not to be production-stable. > Unfortunately, I don't work on it. (I try to be something of a > librarian -- knowing about things, and helping others with > knowledge... but I'm not adept at that, either.) > > -Kyle H > > On 9/28/06, Jeremy Goddard <[EMAIL PROTECTED]> wrote: >> I tried both openssl-SNAP-20060928.tar.gz and >> openssl-0.9.8-stable-SNAP-20060928.tar.gz. They both exhibit the same >> error. Did I get the wrong file? >> >> -Jeremy >> >> Kyle Hamilton wrote: >> > There was a patch applied recently (within the past week) to address >> > that assertion. Please try the latest 0.9.8 snapshot. >> > >> > -Kyle H >> > >> > On 9/27/06, Jeremy Goddard <[EMAIL PROTECTED]> wrote: >> >> Hello, >> >> >> >> When attempting to use DTLS with mutual authentication my DTLS server >> >> fails with message: >> >> >> >> d1_both.c(1064): OpenSSL internal error, assertion failed: >> >> s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH == (unsigned >> >> int)s->init_num" >> >> >> >> I have noted a few threads referencing this error going back to >> version >> >> 9.7a. Can anyone advise me if there if there is a fix available for >> >> this? >> >> >> >> My current openssl version is 9.8a >> >> >> >> Thanks, >> >> Jeremy >> >> >> >> >> >> >> >> >> ______________________________________________________________________ >> >> OpenSSL Project >> http://www.openssl.org >> >> Development Mailing List >> [email protected] >> >> Automated List Manager >> [EMAIL PROTECTED] >> >> >> > >> > >> >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> Development Mailing List [email protected] >> Automated List Manager [EMAIL PROTECTED] >> > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
-- -Kyle H ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
