Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-bugs: [Wireshark-bugs] [Bug 2071] Problem with DTLS packets

Date: Tue, 4 Dec 2007 23:38:45 +0000 (GMT)
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2071





------- Comment #2 from martin.vladic@xxxxxxxxx  2007-12-04 23:38 GMT -------
(In reply to comment #1)
> Both look the inverse of each other. They're not used directly in the Wireshark
> code. Could you rebuild with 0.99.7 and up to date libraries and see if the
> problems remain?
> 

I have found in file packet-ssl-utils.h from the latest Wireshark source
distribution following constant:

#define DTLSV1DOT0_VERSION     0x100

And this constant is used in file packet-dtls.c several times. 

So, Wireshark still uses invalid DTLS protocol version. Regarding the version
of DTLS, RFC 4347 states:

"This documen describes DTLS Version 1.0, which uses the version { 254, 255 }. 
The version value of 254.255 is the 1's complement of DTLS Version 1.0. This
maximal spacing between TLS and DTLS version numbers ensures that records from
the two protocols can be easily distinguished.  It should be noted that future
on-the-wire version numbers of DTLS are decreasing in value (while the true
version number is increasing in value.)"

Obviously, OpenSLL also had a bug in version 0.9.8e which has been fixed in
version 0.9.8g. 

Regards,
Martin


-- 
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.