I already tested with last version and I have the same results: Here the versions used and the build options:
OpenSSL 0.9.8h 28 May 2008 built on: Sun Aug 31 13:56:12 CEST 2008 platform: linux-x86_64 options: bn(64,64) md2(int) rc4(8x,int) des(idx,cisc,16,int) idea(int) blowfish(ptr2) compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM OpenSSL 0.9.8h 28 May 2008 built on: Sun Aug 31 14:10:35 CEST 2008 platform: linux-elf options: bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(idx) compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -march=pentium -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM On Sun, Aug 31, 2008 at 1:20 PM, Pau Rodriguez-Estivill <[EMAIL PROTECTED]> wrote: > OpenSSL 0.9.8g 19 Oct 2007 > And also isn't de official, is the Debian build. > > So I'm also going to try last version, you recomend 0.9.8h or last snapshot? > Thanks. > > Pau > > On Sun, Aug 31, 2008 at 10:16 AM, Kyle Hamilton <[EMAIL PROTECTED]> wrote: >> Specifically which version of the openssl library are you using? I'm >> going to try to dig into this. >> >> -Kyle H >> >> On Sat, Aug 30, 2008 at 9:45 AM, Pau Rodriguez-Estivill >> <[EMAIL PROTECTED]> wrote: >>> Hi! >>> I have done more tests of this strange data blocks: >>> I send 2 kinds of blocks one of 1500 bytes (block A) and another of >>> 48bytes (block B). >>> A blocks have an identifier. >>> >>> The normal way is receive first 1500bytes of A and then 48 of B: >>> 1: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA (id 515) >>> 2: B >>> >>> But this is what happened when the error occurs: >>> 1: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA (id 516) >>> 2: B >>> 3: A (id 516, 48bytes) >>> 4: SSL_ERROR_WANT_READ >>> 5: AA (id 516, 80bytes) >>> 6: ???????????????????????????????? (1500 bytes, unknown) >>> 7: A (id 516, 48bytes) >>> 8: ???????????????????????????????? (1500 bytes, same as 6 but not sure) >>> >>> All packets have the same identifier, yes, this is what I can't believe. >>> And also I don't know from where the 80 bytes block size came from!? >>> >>> I hope that with this example, i could make more clear the problem. >>> >>> Thanks, for the reply. >>> >>> Pau >>> >>> On Sat, Aug 30, 2008 at 4:40 AM, Pau Rodriguez Estivill >>> <[EMAIL PROTECTED]> wrote: >>>> I always try to do an SSL_read every time I give a new packet to >>>> OpenSSL library, >>>> It's true that I only try it once per packet I give. >>>> >>>> Maybe I should try SSL_pending after this read, to ensure that aren't more >>>> data. >>>> Normally SSL_pending return 0, even before trying to read. >>>> >>>> When I call to SSL_read and it give me an error, as I said, the next >>>> time I call SSL_read it give me a wrong buffer but it's size is >>>> correct according last SSL_write from the other computer. But at least >>>> the first bytes of the block are not correct, because it doesn't >>>> appear as a IPv4 valid packet (I mean an internal packet from the >>>> inside of the VPN). And also any of the next SSL_reads return a valid >>>> decoded block or at least not starting from the first byte. And none >>>> of them return any SSL_* error. >>>> I really think it could be a problem of buffers management. I also >>>> don't trust the DTLS implementation just because I know any >>>> application how make an extensive usage of this >>>> implementation/protocol. >>>> >>>> Maybe anybody can propose a test to get more information about this >>>> problem. >>>> >>>> Thanks, for the reply. >>>> >>>> Pau >>>> >>> ______________________________________________________________________ >>> OpenSSL Project http://www.openssl.org >>> User Support Mailing List openssl-users@openssl.org >>> Automated List Manager [EMAIL PROTECTED] >>> >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-users@openssl.org >> Automated List Manager [EMAIL PROTECTED] >> > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
