It looks like OpenSSL 1.0.0d and 1.0.0e have broken compatibility with Cisco's pre-standardisation version of DTLS. $DEITY knows why Cisco haven't updated to the real standard by now; they could easily have run both DTLS1.0 and their speshul DTLS0.9 in parallel on the servers, and upgraded clients over time to use the proper version. But they haven't. See http://marc.info/?l=openssl-dev&m=136061761129563&w=2 The required patch (to OpenSSL) is below: diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c index 2e93657..1db1d8c 100644 --- a/ssl/s3_cbc.c +++ b/ssl/s3_cbc.c @@ -146,7 +146,7 @@ int tls1_cbc_remove_padding(const SSL* s, unsigned padding_length, good, to_check, i; const unsigned overhead = 1 /* padding length byte */ + mac_size; /* Check if version requires explicit IV */ - if (s->version >= TLS1_1_VERSION || s->version == DTLS1_VERSION) + if (s->version >= TLS1_1_VERSION || s->version == DTLS1_BAD_VER) { /* These lengths are all public so we can test them in * non-constant time. -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 6171 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20130211/cdcb77bb/attachment.bin>
