Hi,
One more question :
How does DTLSv1_listen handle multiple ClientHellos at the same time, let us
say multiple clients are connecting.
It looks like unless for one client hello session is not completed it can not
start hello session for other client.
I understand this way because we have t
Hi,
I just realized that may be DTLSv1_get_timeout and handle timeout is important
because when server sends Server Hello we need to get back the response in time
out.
Is that right understanding ? If that is the case then in select I can not mix
other fds as the may get activity before timeou
Hi Nilesh,
On 09.02.2011, at 17:15, Nilesh Vaghela wrote:
> Just wanted to give additional information that I am not implementing
> multi-threaded server as there can be thousands of connections. Having said
> that I would have to use select for both the fds (one listen socket and many
> conne
Hi,
Two more questions
1. I assume that >= 1.0.0a version has FIPS support fro DTLS ?
2. What is the difference between 0.9.8 and 1.0.0 ? Assuming that program
tested with 0.9.8 (with FIPS) would work without any changes on 1.0.0.
--Nilesh.
> I am using DTLSv1_listen in non-blocking underly
Thanks Robin.
Just wanted to give additional information that I am not implementing
multi-threaded server as there can be thousands of connections. Having said
that I would have to use select for both the fds (one listen socket and many
connected sockets). With this model, do I still have to h
Hi,
I have just noticed that the word "distribution" was mispelled at
several places in the source code (you have "distr_u_bution" instead).
For the copyright notices, it is not very important, but it appears in
some X.509v3 output messages.
openssl-1.0.0d/crypto/bf/COPYRIGHT:copied and put un
Hi,
I'm interested to know if it is safe to upgrade our OpenSSL version from 0.9.8f
to 1.0.0c without any issues in compatibility? So in practice the
functionalities supported by the 0.9.8f should still be supported by the 1.0.0,
is this the case?
Also, what is the reason for keeping the o
Thanks, Rob; I have updated the Security Advisory at
http://www.openssl.org/news/secadv_20110208.txt.
Bodo
Hi Nilesh,
On Feb 9, 2011, at 4:05 AM, Nilesh Vaghela wrote:
> I am using DTLSv1_listen in non-blocking underlying socket layer. I am using
> openssl-0.9.8o and I looked at the implementation.
Don't use any 0.9.8 release if you want to work with DTLS. There are a *lot* of
bugs which are fixed
Bodo, some comments inline...
On Tuesday 08 Feb 2011 18:09:46 Bodo Moeller wrote:
> OpenSSL Security Advisory [8 February 2011]
>
> OCSP stapling vulnerability in OpenSSL
> Which applications are affected
> ---
>
> Applications are only affected if they act as a serv
I am using DTLSv1_listen in non-blocking underlying socket layer. I am using
openssl-0.9.8o and I looked at the implementation.
int dtls1_listen(SSL *s, struct sockaddr *client)
{
int ret;
SSL_set_options(s, SSL_OP_COOKIE_EXCHANGE);
s->d1->listen = 1;
ret = SSL_accept(s);
if (ret <= 0) r
11 matches
Mail list logo