Grace Priscilla Jero <grace.priscilla@xxxxxxxxx> wrote:
> We are having a scenario wherein we are having 2 BIOs for DTLS
> attached to the same fd. Each BIO has a different SSL associated with
> it. The messages are getting written to different BIO each time and we
> are trying to resolve it.
> Is there a API or any way to detach one of the BIO/SSL from the fd for
> DTLS?
No. How did you get into that situation in the first place?
My belief is that the DTLS API is suitable for (Secure)RTP only, and not for
CoAP-type usage. (or other DTLS server end-point usage)
According to some source code comments, you should have called connect() on
the socket after the first connection was received, and then (or
previously... there are race conditions either way), opened a new
socket.
I ran into this, and I wound up creating a new API, which is in a pull
request:
https://github.com/openssl/openssl/pull/5024
https://github.com/mcr/openssl/tree/dtls-listen-refactor
Sadly, the new test case I wrote is not running consistently, which I'm still
debugging.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | network architect [
] mcr@xxxxxxxxxxxx http://www.sandelman.ca/ | ruby on rails [
Attachment:
signature.asc
Description: PGP signature
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
