Hi team,
We were trying to generate UDP traffic using the openssl rand command over a DTLS connection in Linux network namespaces.
After generating certificates,
1. we set up the dtls server on the server namespace using the following command,
openssl s_server -dtls -key server.key -cert server.crt -accept 4433
2. We use the following command to generate a UDP flow for 5s on the client namespace,
timeout 5s bash -c "while true; do openssl rand -hex 1024;done" | openssl s_client -dtls -connect 10.0.2.2:4433 -cert client.crt -key client.key
While executing the above, we notice that the DTLS handshake is done successfully, but the server does not receive application data; instead, we encounter the following error,
write:errno=90
803B1C61FC7E0000:error:80000020:system library:file_ctrl:Broken pipe:../crypto/bio/bss_file.c:326:calling fflush()
803B1C61FC7E0000:error:10080002:BIO routines:file_ctrl:system lib:../crypto/bio/bss_file.c:328:
However, the commands work while generating TCP traffic over a TLS connection.
Our openssl configurations are,
OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022)
built on: Mon Feb 6 17:57:17 2023 UTC
platform: debian-amd64
options: bn(64,64)
compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -Wa,--noexecstack -g -O2 -ffile-prefix-map=/build/openssl-hnAO60/openssl-3.0.2=. -flto=auto -ffat-lto-objects -flto=auto -ffat-lto-objects -fstack-protector-strong -Wformat -Werror=format-security -DOPENSSL_TLS_SECURITY_LEVEL=2 -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_BUILDING_OPENSSL -DNDEBUG -Wdate-time -D_FORTIFY_SOURCE=2
OPENSSLDIR: "/usr/lib/ssl"
ENGINESDIR: "/usr/lib/x86_64-linux-gnu/engines-3"
MODULESDIR: "/usr/lib/x86_64-linux-gnu/ossl-modules"
Seeding source: os-specific
CPUINFO: OPENSSL_ia32cap=0x7ffaf3ffffebffff:0x405f5ef2bf67eb
built on: Mon Feb 6 17:57:17 2023 UTC
platform: debian-amd64
options: bn(64,64)
compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -Wa,--noexecstack -g -O2 -ffile-prefix-map=/build/openssl-hnAO60/openssl-3.0.2=. -flto=auto -ffat-lto-objects -flto=auto -ffat-lto-objects -fstack-protector-strong -Wformat -Werror=format-security -DOPENSSL_TLS_SECURITY_LEVEL=2 -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_BUILDING_OPENSSL -DNDEBUG -Wdate-time -D_FORTIFY_SOURCE=2
OPENSSLDIR: "/usr/lib/ssl"
ENGINESDIR: "/usr/lib/x86_64-linux-gnu/engines-3"
MODULESDIR: "/usr/lib/x86_64-linux-gnu/ossl-modules"
Seeding source: os-specific
CPUINFO: OPENSSL_ia32cap=0x7ffaf3ffffebffff:0x405f5ef2bf67eb
Please help us figure out the solution.
Regards,
Kathan Vakharia and Team
