On 2020-08-21 19:48, Benjamin Kaduk wrote:
On Fri, Aug 21, 2020 at 05:05:51PM +0200, Detlef Vollmann wrote:
On 2020-08-20 21:44, Detlef Vollmann wrote:
Is there any way to set the maximum fragment size for
DTLS handshake with a BIO pair?
One solution is to set the MTU and the int_bio size to
No comments on my question? Should there not be a way to know if an
EVP_PKEY is valid for verification besides attempting the verify
operation and getting a weird error code? Doesn't seem like too much to
expect since we already have EVP_PKEY_can_sign().
I'm happy to implement EVP_PKEY_can_veri
On Fri, Aug 21, 2020 at 05:05:51PM +0200, Detlef Vollmann wrote:
> On 2020-08-20 21:44, Detlef Vollmann wrote:
> >
> > Is there any way to set the maximum fragment size for
> > DTLS handshake with a BIO pair?
> One solution is to set the MTU and the int_bio size to
> exactly the same value.
> Anot
On 2020-08-20 21:44, Detlef Vollmann wrote:
if I create a BIO pair with
BIO_new_bio_pair(&int_bio, 0, &ext_bio_, 0);
then I tried to use SSL_set_mtu(), DTLS_set_link_mtu()
and SSL_CTX_set_max_send_fragment(ctx, 1000).
None of them gave me an error, but also none of them worked:
the ServerHell
On Thu, Aug 20, 2020 at 11:56:45PM +0200, David von Oheimb wrote:
> OpenSSL has one function, namely BIO_lookup_ex(), that uses DNS lookup
> functions. Since commit 28a0841bf58e3813b2e07ad22f19484308e2f70a of
> 02 Feb 2016 it uses getaddrinfo().
Right, but even this is not "DNS lookup". It is h
