Opened 12 years ago

Closed 8 years ago

#38884 closed defect (fixed)

openssl @1.0.1e_1+universal DTLS handshake error messages with openconnect

Reported by: amanion@… Owned by: larryv (Lawrence Velázquez)
Priority: Low Milestone:
Component: ports Version: 2.1.3
Keywords: Cc: neverpanic (Clemens Lang)
Port: openssl

Description

Using openconnect @4.08_0

... DTLS handshake failed: 2 ... DTLS handshake failed: 1 140735107080668:error:14102410:SSL routines:DTLS1_READ_BYTES:sslv3 alert handshake failure:d1_pkt.c:1166:SSL alert number 40 (repeated)

These may be spurious messages, DTLS seems to be working. Reported elsewhere as a regression in OpenSSL 1.0.1{d,e} and related to Cisco using an old DTLS implementation:

http://lists.infradead.org/pipermail/openconnect-devel/2013-February/000827.html

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701826

http://comments.gmane.org/gmane.network.vpn.openconnect.devel/531

Change History (4)

comment:1 Changed 12 years ago by amanion@…

Sorry, a better summary would be:

openssl @1.0.1e_1+universal DTLS handshake error messages with openconnect 

...
DTLS handshake failed: 2
...
DTLS handshake failed: 1
140735107080668:error:14102410:SSL routines:DTLS1_READ_BYTES:sslv3 alert handshake failure:d1_pkt.c:1166:SSL alert number 40
(last two lines repeat often)

comment:2 Changed 12 years ago by jmroot (Joshua Root)

Keywords: dtls openconnect openssl removed
Owner: changed from macports-tickets@… to mww@…
Summary: openssl @1.0.1e_1+universal DTLSopenssl @1.0.1e_1+universal DTLS handshake error messages with openconnect

Please remember to Cc the maintainer.

comment:3 Changed 10 years ago by jmroot (Joshua Root)

Cc: cal@… added
Owner: changed from mww@… to larryv@…

comment:4 Changed 8 years ago by neverpanic (Clemens Lang)

Resolution: fixed
Status: newclosed

Fixed upstream in 1.0.1e, it seems: https://github.com/openssl/openssl/commit/9fe4603b8245425a4c46986ed000fca054231253.

Note: See TracTickets for help on using tickets.