Description of problem: When attempting to run a DTLS server using openssl from Fedora 26, the server hangs while receiving packets from the client. Version-Release number of selected component (if applicable): openssl-1.1.0f-3 How reproducible: (instructions require the gnutls git repo for certs/keys) $ cd tests/suite $ openssl s_server -cipher ALL -quiet -accept 5555 -keyform pem -certform pem -timeout -key ./../certs/rsa-2432.pem -cert ./../certs/cert-rsa-2432.pem -dkey ./../key-tests/data/dsa.1024.pem -dcert ./../key-tests/data/cert.dsa.1024.pem -CAfile ./../../doc/credentials/x509/ca.pem -state -dtls1_2 In other terminal: $ gnutls-cli --udp 127.0.0.1 -p 5555 --insecure (the cmd openssl s_client -connect 127.0.0.1:5555 -dtls does not seem to work either) The client hangs waiting for reply from the server. The server seems like it is not receiving the followup client hello messages. I tried reproducing with upstream 1.1.0f from repository and I couldn't. The connection was established.
Investigated and found that this is not broken by downstream patches but by enabling the sctp protocol support. I'll forward this to upstream.
openssl-1.1.0f-4.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-09d4464361
openssl-1.1.0f-4.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-09d4464361
openssl-1.1.0f-4.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.