DTLS retransmissions ...

? The particular timeouts that OpenSSL chose for its DTLS handshake will not be suitable for all application needs and I think some other applications that use DTLS will also need this capability. So, such a change might have a place in the mainline too. Cheers! - John Lane Schultz Spread

Parameter requirements of SSL_read / SSL_write after an associated SSL_ERROR_WANT_READ / SSL_ERROR_WANT_WRITE ...

unwritten data as previous calls. So, what am I missing? Why does this requirement exist? Cheers! - John Lane Schultz Spread Concepts LLC Cell: 443 838 2200 __ OpenSSL Project http

Re: Parameter requirements of SSL_read / SSL_write after an associated SSL_ERROR_WANT_READ / SSL_ERROR_WANT_WRITE ...

was taken and processed by the OS, but that is not true for SSL_write(). Regardless, it looks like if I enable the modes SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER, I will get what I need for my purposes. Cheers! - John Lane Schultz Spread Concepts LLC Cell: 443

How to determine if a ssl object is using a DTLS method?

Lane Schultz Spread Concepts LLC Cell: 443 838 2200 __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager

Leveraging a TLS handshake for a DTLS handshake ...

on the server? Cheers! - John Lane Schultz Spread Concepts LLC Cell: 443 838 2200 __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org

Re: How to determine if a ssl object is using a DTLS method?

Thanks! That will work. A system call is pretty heavy weight though, is there a cheaper OpenSSL way of determining the same? Cheers! - John Lane Schultz Spread Concepts LLC Cell: 443 838 2200 On Nov 24, 2014, at 4:23 PM, Scott Neugroschl scot...@xypro.com wrote: Use getsockopt(SO_TYPE

Re: How to determine if a ssl object is using a DTLS method?

Thank you, that worked just fine: int is_dtls(SSL *ssl) { return NULL != BIO_find_type(SSL_get_rbio(ssl), BIO_TYPE_DGRAM); } Cheers! - John Lane Schultz Spread Concepts LLC Cell: 443 838 2200 On Nov 24, 2014, at 8:04 PM, Dr. Stephen Henson st...@openssl.org wrote: On Mon, Nov 24

DTLS handshake reliability timeouts ...

the DTLS handshake to proceed quite quickly and redundantly / aggressively to overcome any network loss. Can anyone point me at any relevant documentation on this in OpenSSL? Cheers! - John Lane Schultz Spread Concepts LLC Cell: 443 838 2200

Re: SSL v3.0 is not set as default protocol upon disabling v2.

hello msg? How can a client force the library to use a SSLv3 hello msg while still advertising that is also supports higher TLS protocols? It wasn’t apparent to me how to cause this behavior from the top level documentation. Cheers! - John Lane Schultz Spread Concepts LLC Cell: 443 838 2200

Re: SSL v3.0 is not set as default protocol upon disabling v2.

to SSLv3? If a SSLv3 server can’t understand a TLSv1 hello, then it kind of defeats the purpose of being able to fallback to SSLv3 ... Cheers! - John Lane Schultz Spread Concepts LLC Cell: 443 838 2200 On Sep 16, 2014, at 12:36 PM, abhijit pai abhijitpa...@gmail.com wrote: Hi Thulasi

Avoiding a read that wants writeability (and vice versa) ...

SSL_connect and SSL_accept returning both errors but would like to remove the additional logic that read needing writeability (and vice versa) causes if at all possible. PS - My application runs over top of network sockets if that matters at all. Thanks! - John Lane Schultz Spread Concepts LLC

Avoiding a read that wants writeability (and vice versa) ...

twice. Thanks! - John Lane Schultz Spread Concepts LLC Cell: 443 838 2200 __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org