On 02 Sep 2014, at 14:42, Brian Hassink via RT <[email protected]> wrote:
> Sorry, I see there were some earlier posts on this very subject. > > Also, I found the following in RFC 6083 (section 1.1)... > > o The maximum user message size is 2^14 bytes, which is the DTLS limit. > > I wonder if the authors of RFC 6733 (section 13.1) were aware of this > limitation when they specified the usage of DTLS/SCTP for secure connections. > Diameter in 4G networks is known for large messages. Why don't you ask them? You can post that question on the dime WG mailing list. When working on DTLS / SCTP, we just kept the generic DTLS limit. So if this is an issue for Diameter, it should be brought up. Just let me know. Best regards Michael > > -Brian > > > -----Original Message----- > From: Brian Hassink [mailto:[email protected]] > Sent: Tuesday, September 02, 2014 8:29 AM > To: '[email protected]' > Subject: RE: [openssl.org #3470] [BUG] DTLS abort > > We do have an open question in regards to DTLS/SCTP, and that is whether it > is possible to send messages larger than 16K? > > In our application, such large messages are not uncommon. > > We've tried setting the SSL_MODE_ENABLE_PARTIAL_WRITE flag with no success. > > Thanks, > Brian > > -----Original Message----- > From: Michael Tüxen via RT [mailto:[email protected]] > Sent: Thursday, August 28, 2014 12:20 PM > To: Brian Hassink > Cc: [email protected] > Subject: Re: [openssl.org #3470] [BUG] DTLS abort > > > On 28 Aug 2014, at 17:25, Brian Hassink via RT <[email protected]> wrote: > >> Hello Michael, >> >> We can confirm that the patch resolves the disconnect abort. > Great, thanks a lot for the feedback. Let me know if you have further issues > with DTLS/SCTP. > > Best regards > Michael >> >> Thanks, >> Brian >> >> -----Original Message----- >> From: Michael Tüxen via RT [mailto:[email protected]] >> Sent: Wednesday, August 27, 2014 3:33 PM >> To: Brian Hassink >> Cc: [email protected] >> Subject: Re: [openssl.org #3470] [BUG] DTLS abort >> >> On 18 Aug 2014, at 21:47, Michael Tuexen <[email protected]> >> wrote: >> >>> On 18 Aug 2014, at 16:31, Brian Hassink <[email protected]> wrote: >>> >>>> Yes, this was observed for DTLS/SCTP. >>> OK. The problem is an incorrect usage of OPENSSL_assert()... Let me >>> see if I can come-up with a patch... >> Hi Brian, >> >> please find attached a patch which fixes several usages of OPENSSL_assert() >> and let me know if this resolves your issue. >> >> Please note that you want also to apply the patch from >> http://rt.openssl.org/Ticket/Display.html?id=3483&user=guest&pass=gues >> t >> >> Best regards >> Michael >> >> >> >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> Development Mailing List [email protected] >> Automated List Manager [email protected] >> > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List [email protected] > Automated List Manager [email protected] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
