Bug report. openssl-1.0.0-beta2 uname -a Linux daniel-desktop 2.6.28-11-generic #42-Ubuntu SMP Fri Apr 17 01:57:59 UTC 2009 i686 GNU/Linux
OS: Ubuntu 9.04 I built a vanilla openssl-1.0.0-beta2 on a and tried to run ./openssl s_client -dtls1 against ./openssl s_server -dtls1 To my disappointment it did not work properly. The client reported 3084506760:error:14106044:SSL routines:DTLS1_SEND_CLIENT_KEY_EXCHANGE:internal error:d1_clnt.c:976: The output of the server was 3084805768:error:14102410:SSL routines:DTLS1_READ_BYTES:sslv3 alert handshake failure:d1_pkt.c:1043:SSL alert number 40 After hours of debugging I found a work around which is to use ./openssl s_server -dtls1 -no_ecdhe -timeout and ./openssl s_client -dtls1 -timeout It turned out that the DTLS implementation does not support ECDHE although it happily advertises the ECDHE cipher suites in the "Client Hello" message. The long if-else-if-else-if-chain in dtls1_send_client_key_exchange() simply does not account for ECDHE. So I think the corresponding ciphers should not be included in the list of supported ciphers in the first place. My opinion is that s_client and s_server should always work because they are kind of reference applications. There's little to no documentation on how to use DTLS with OpenSSL. Taking this into account a running example is the only basis you can build on if you're trying to use DTLS in your app. I hope that somebody can fix that problem or at least print out a log message saying "No DTLS support for ECDHE" Thanks Daniel Mentz ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org