DTLS is in openssl 0.9.8a. There are some bugs in it and it doesn't exactly
comply with the DTLS draft (the change cipherspec is incorrectly encoded).
I am still waiting for patches to fix the problems. I didn't actually code
anything with the openssl APIs. I only used the sample client/server apps
for interop testing with a DTLS SDK I created for the company I work for.
Take a look at the sample apps and you should be able to figure out most of
the details for how to add it to your own app.
One thing to remember is that DTLS does not ensure that your application
data is delivered reliably. Datagrams may be lost or arrive out of order.
That is something you will have to deal with yourself. DTLS only ensures
that the handshake protocol can be reliably negotiated, through a
combination of message fragmentation and re-transmission timers. Alerts and
application datagrams are never re-transmitted and may not be delivered in
the same order they were sent by the peer. If you already have an
application running over UDP then you probably already have a way for
dealing with these issues or you maybe don't need to care. If you are moving
an application from TCP w/TLS to UDP w/DTLS then you will have to implement
some mechanism to handle these issues for your application data. I believe
the openssl sample apps simply ignore these issues.
hope this helps
rob
From: Pjothi <[EMAIL PROTECTED]>
Reply-To: openssl-users@openssl.org
To: openssl-users@openssl.org
Subject: Does OpenSSL has DTLS support
Date: Sat, 28 Jan 2006 20:14:47 +0100
Dear all,
Does OpenSSL has DTLS support ? If yes, from which version is DTLS
supported
? Are there any tutorials /briefs avaiable for adding DTLS support for
applications?
It would be very helpful if any of you can give me some information
regarding this,
I thank you one and all,
regards,
Pjothi
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
