OpenSSL
 » 
OpenSSL - User

DTLSv1 SSL_renegotiate

View: New views
2 Messages — Rating Filter:   Alert me  

DTLSv1 SSL_renegotiate

by David Isaac Wolinsky :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Hi all,

I am implementing a project that uses OpenSSL DTLSv1.  I noticed that
even after sending approximately 1 GB of data, the cipher spec did not
change.  So I implemented a manual renegotiate and I attempted to verify
that it worked.  It didn't.  For some reason, after the server receives
the renegotiate message from the client, it gets stuck at "SSLv3 read
client hello B".  I then tried the exact same code but switched the
SSL_method to SSLv3 and TLSv1 and it worked just fine.  The peers
renegotiated a new cipher spec.  Any thoughts?

Regards,
David
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@...
Automated List Manager                           majordomo@...

Re: DTLSv1 SSL_renegotiate

by Robin Seggelmann :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Hi David,

Which version of OpenSSL are you using? The current 0.9.8 stable is  
*very* buggy and also in 1.0.0 beta 3 are still several known bugs.  
You should either use the development version in the CVS repository or  
apply our patches from sctp.fh-muenster.de to have them fixed. You can  
also find some DTLS example code there. If you still experience any  
problems, please supply a detailed description so that I can try to  
reproduce it.

Regards,
Robin


On Nov 2, 2009, at 6:46 AM, David Isaac Wolinsky wrote:

> Hi all,
>
> I am implementing a project that uses OpenSSL DTLSv1.  I noticed  
> that even after sending approximately 1 GB of data, the cipher spec  
> did not change.  So I implemented a manual renegotiate and I  
> attempted to verify that it worked.  It didn't.  For some reason,  
> after the server receives the renegotiate message from the client,  
> it gets stuck at "SSLv3 read client hello B".  I then tried the  
> exact same code but switched the SSL_method to SSLv3 and TLSv1 and  
> it worked just fine.  The peers renegotiated a new cipher spec.  Any  
> thoughts?
>
> Regards,
> David
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    openssl-users@...
> Automated List Manager                           majordomo@...

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@...
Automated List Manager                           majordomo@...
Free embeddable forum powered by Nabble Forum Help