Red Hat Bugzilla – Bug 527015
DTLS broken in 1.0.0-beta3
Last modified: 2009-10-09 05:19:20 EDT
As soon as the openconnect VPN client tries to call SSL_read() on a DTLS connection, it goes into an endless loop.
GDB is useless...
#0 0xffffffffff60013b in ?? ()
#1 0x00007fff4c765610 in ?? ()
#2 0x00007fff4c7ff644 in ?? ()
Backtrace stopped: previous frame identical to this frame (corrupt stack?)
The fix is already in the 1.0.0 branch in CVS; it's the second hunk of RT#1993:
--- ssl/d1_pkt.c 2009-07-13 13:44:04.000000000 +0200
+++ ssl/d1_pkt.c 2009-07-23 12:47:41.000000000 +0200
@@ -775,7 +775,7 @@
/* Check for timeout */
- if (dtls1_read_failed(s, -1) > 0);
+ if (dtls1_read_failed(s, -1) > 0)
Created attachment 363544 [details]
Is it OK for me to commit this patch and build a new package?
This bug has broken my VPN connectivity under F-12.
I'll commit&build it but we will also need a releng request to tag it into F-12.
Built as openssl-1.0.0-0.beta3.9.fc12.
Also created a tag request https://fedorahosted.org/rel-eng/ticket/2417
VPN works with this package; thanks.