Re: [openssl-users] How to handle DTLS Certificate Reassembly Error

2016-09-18 Thread Chad Phillips
Great, thanks for this very clear description, I passed it along to the Licode developers, and hopefully we can put this sucker to rest. I also included your recommendation to upgrade, which is something I’ve been bugging them to do for awhile :) On Sun, Sep 18, 2016 at 1:37 AM, Matt Caswell

Re: [openssl-users] How to handle DTLS Certificate Reassembly Error

2016-09-18 Thread Matt Caswell
On 18/09/16 01:01, Chad Phillips wrote: > On Sat, Sep 17, 2016 at 3:43 PM, Matt Caswell > wrote: > > There is an OpenSSL API which is intended to resolve this issue: > > DTLSv1_handle_timeout() > > The application is expected to call

Re: [openssl-users] How to handle DTLS Certificate Reassembly Error

2016-09-17 Thread Chad Phillips
On Sat, Sep 17, 2016 at 3:43 PM, Matt Caswell wrote: There is an OpenSSL API which is intended to resolve this issue: > > DTLSv1_handle_timeout() > > The application is expected to call this periodically during the > handshake if no other data has been sent or received. The

Re: [openssl-users] How to handle DTLS Certificate Reassembly Error

2016-09-17 Thread Matt Caswell
On 17/09/16 16:11, Chad Phillips wrote: > Was this packet capture done on the client side or the server side or > somewhere in the middle? There appears to be some messages missing. > In particular I don’t see any CCS or Finished messages being > exchanged. Is the network this is

Re: [openssl-users] How to handle DTLS Certificate Reassembly Error

2016-09-17 Thread Chad Phillips
Matt, thanks for the reply, very helpful so far! Answers to your questions below: You don't say what version of OpenSSL. > The support library I’m using is Licode: http://lynckia.com/licode/index.html The version of openssl I have compiled into it is 1.0.2h. > The packet trace you sent is

Re: [openssl-users] How to handle DTLS Certificate Reassembly Error

2016-09-16 Thread Matt Caswell
On 16/09/16 19:47, Chad Phillips wrote: > I’m using a support library leveraging openssl to complete a DTLS handshake. You don't say what version of OpenSSL. The packet trace you sent is quite confusing, as there appears to be two separate handshakes going on at the same time that are

[openssl-users] How to handle DTLS Certificate Reassembly Error

2016-09-16 Thread Chad Phillips
I’m using a support library leveraging openssl to complete a DTLS handshake. Occasionally, I’ll see in my packet captures that a handshake has failed with a “Certificate reassembly error”, and the support library doesn’t seem to be catching this properly to forward the error on. The library