On 03/01/18 10:40, Grace Priscilla Jero wrote: > Hi, > Can someone please respond to the below mail as we want to confirm if it > is an issue with our application or a bug in openSSL. It isn't a known bug (which doesn't mean it isn't an unknown bug!). I think we're going to need some more information to help you with this issue. If I understand you correctly you have a server application which only supports DTLS 1.0 and it is that application which is failing? Which version of OpenSSL is this? All currently supported versions of OpenSSL have the capability to support DTLS1.2 so I'm not sure why you have this scenario. You say that "SSL_accept continuously loops with error 2". Do you mean by that SSL_accept() returns an error and calling SSL_get_error() gives you SSL_ERROR_WANT_READ (value 2)? "The ALERT is not processed": does this mean you are expecting to see an alert but it isn't sent? Or an alert is sent but it is ignored? Perhaps a wireshark trace of the exchange would help us to understand what you are seeing. Matt > > Thanks, > Grace > > On Fri, Dec 15, 2017 at 3:23 PM, Grace Priscilla Jero > <grace.priscilla@xxxxxxxxx <mailto:grace.priscilla@xxxxxxxxx>> wrote: > > Hi All, > > We are having an issue with DTLS on UDP. > > The scenario is that, when a client of DTLS version 1.2 is trying to > connect to a server which is at version DTLS 1.0 the SSL_accept > continuously loops with error 2. The ALERT is not processed. > Is this a known bug? > > Because of the loop, the application is unable to process new changes. > > Thanks, > Grace > > > > -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
