Hello,
if I create a BIO pair with
BIO_new_bio_pair(&int_bio, 0, &ext_bio_, 0);
then I tried to use SSL_set_mtu(), DTLS_set_link_mtu()
and SSL_CTX_set_max_send_fragment(ctx, 1000).
None of them gave me an error, but also none of them worked:
the ServerHello was still sent as a single packet (>
Hello,
if I do:
// ctx is setup with certificate, key and cookie callbacks
BIO *bio = BIO_new_dgram(sock, BIO_NOCLOSE);
SSL *ssl = SSL_new(ctx);
SSL_set_bio(ssl, bio, bio.get());
DTLS_set_link_mtu(ssl, 1000);
SSL_set_options(ssl, SSL_OP_COOKIE_EXCHANGE);
SSL_set_accept
On Thu, Aug 20, 2020 at 11:59:01AM +0300, Dmitry Belyavsky wrote:
> OpenSSL uses gethostbyname/gethostbyaddr
Also getaddrinfo(3), I hope in preference to the obsolete interfaces.
There is no explicit use of DNS in OpenSSL, and many OpenSSL
applications open their own TCP connections, and then as
On 19/08/2020 20:35, Alex Rousskov wrote:
> Does this clarify what I meant? Do you agree that OpenSSL async API is
> not suitable for callbacks that _require_ ASYNC_pause_job() to return
> control to the application?
Yes, it clarifies what you meant. And, yes, its true that strictly
speaking th
OpenSSL uses gethostbyname/gethostbyaddr
grep -r gethost . will give you some clues
On Wed, Aug 19, 2020 at 11:51 PM SIMON BABY wrote:
> I was looking at the openssl 1.0.2j code and trying to find how it
> resolves the dns domain name IP address from name.
>
> 1. Does it use the OS supported ut
