Re: Issue with DTLS for UDP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Thankyou for the suggestions. After correcting few options the "ClientHello" goes successfully but we have failure in "DTLSv1_listen". There are'nt any cookies in the Client Hello request.
But DTLSv1_listen return error and the failure in see is in "SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_COOKIE_GEN_CALLBACK_FAILURE);"

We are using 1.1.0f version. Is there a way we can disable cookies?

Thanks,
Grace

On Fri, Oct 27, 2017 at 12:39 PM, Grace Priscilla Jero <grace.priscilla@xxxxxxxxx> wrote:
Hi Matt,

SSL_get_error()  returns 5. 
It is the same socket using which the UDP connection is established.
Could you suggest some logging that can be done for OPENSSL.

Thanks,
Grace


On Thu, Oct 26, 2017 at 9:23 PM, Matt Caswell <matt@xxxxxxxxxxx> wrote:


On 26/10/17 16:43, Grace Priscilla Jero wrote:
> Thankyou for the responses.
> We figured the issue. But now we are getting error -5 from "SSL_connect"
> and the errno is set to 22 which means invalid argument.
> Is there a easy way to debug or get logs for SSL_connect.
>
> Below is the sequence for the dtls udp connect that we are trying.
> ssl = SSL_new(ctx)
> bio = BIO_new_dgram(sock_id,BIO_NOCLOSE)
> SSL_set_bio(ssl, bio, bio);
> VI_res = SSL_connect(ssl)

Do you really mean SSL_connect() returns -5? Or do you mean that after a
negative return value from SSL_connect() you call SSL_get_error() and
that return 5 (SSL_ERROR_SYSCALL)?

If you really mean SSL_connect() returns -5 then you need to call
SSL_get_error() as a next step.

If you are getting SSL_ERROR_SYSCALL then my guess is that there is a
problem with sock_id. How do create it?

Matt


>
>
>
> Thanks,
> Grace
>
> On Tue, Oct 24, 2017 at 4:07 PM, Matt Caswell <matt@xxxxxxxxxxx
> <mailto:matt@xxxxxxxxxxx>> wrote:
>
>
>
>     On 24/10/17 11:25, Grace Priscilla Jero wrote:
>     > We are using SSL_accept to accept the connection for which we see the
>     > failure. Please let know if you have any thoughts.
>
>     Have you set the wbio correctly? Does SSL_get_wbio() return your wbio
>     object if you call it immediately before SSL_do_handshake()?
>
>     Matt
>
>     --
>     openssl-users mailing list
>     To unsubscribe:
>     https://mta.openssl.org/mailman/listinfo/openssl-users
>     <https://mta.openssl.org/mailman/listinfo/openssl-users>
>
>
>
>
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux