I built a vanilla openssl-1.0.0-beta2 and tried to run
./openssl s_client -dtls1
against
./openssl s_server -dtls1
To my disappointment it did not work properly. The client reported
3084506760:error:14106044:SSL
routines:DTLS1_SEND_CLIENT_KEY_EXCHANGE:internal error:d1_clnt.c:976:
The output of the server was
3084805768:error:14102410:SSL routines:DTLS1_READ_BYTES:sslv3 alert
handshake failure:d1_pkt.c:1043:SSL alert number 40
After hours of debugging I found a work around which is to use
./openssl s_server -dtls1 -no_ecdhe -timeout
and
./openssl s_client -dtls1 -timeout
It turned out that the DTLS implementation does not support ECDHE
although it happily advertises the ECDHE cipher suites in the "Client
Hello" message. The long if-else-if-else-if-chain in
dtls1_send_client_key_exchange() simply does not account for ECDHE. So I
think the corresponding ciphers should not be included in the list of
supported ciphers in the first place.
My opinion is that s_client and s_server should always work because they
are kind of reference applications. There's little to no documentation
on how to use DTLS with OpenSSL. Taking this into account a running
example is the only basis you can build on if you're trying to use DTLS
in your app.
I hope that somebody can fix that problem or at least print out a log
message saying "No DTLS support for ECDHE"
Thanks
Daniel Mentz
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
