On Tue, Sep 18, 2018 at 9:18 AM <aleksandr.derevianko@xxxxxxxxxxx> wrote:> Unfortunelly, it's exactly this example which I use. You have pointed on slightly different version, > but all difference is: > > SSL_CTX_set_cookie_verify_cb(ctx, &verify_cookie); > instead of > SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie); > > ctx = SSL_CTX_new(DTLS_client_method()); > instead of > ctx = SSL_CTX_new(DTLSv1_client_method()); > > > I have tryed it, works exactly the same. > > In both versions, on client side cipher_list is: > SSL_CTX_set_cipher_list(ctx, "eNULL:!MD5"); > > With such list it works, but without encoding (data send in cleartext, connection established as Cipher: NULL-SHA) > > and if I remove eNULL on client side, it doesn't connect - server wait repeat of client cookue forever. > > At the same time, "openssl s_client -dtls1 ..." connects fine, with Cipher: AES256-SHA Then debug why the server is ignoring the client request. OpenSSL has good debug output, in worst case add new prints... -- Thanks, //richard -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
