Question on DTLS patch availability

Hi, I was wondering which release(s) the patches for bug 3470, 3483, and 3489 are scheduled for? http://rt.openssl.org/Ticket/Display.html?id=3470 http://rt.openssl.org/Ticket/Display.html?id=3483 http://rt.openssl.org/Ticket/Display.html?id=3489 Internally, we have an arcane policy that prohib

RE: Possible to disable re-authentication?

that HelloRequest from servers is ignored, as well as ClientHello from clients. Thanks, Brian -Original Message- From: Brian Hassink [mailto:brian.hass...@oracle.com] Sent: Friday, August 22, 2014 6:28 PM To: 'openssl-users@openssl.org' Subject: Possible to disable re-authentic

Possible to disable re-authentication?

Hi, Another question for TLS/TCP and DTLS/SCTP... After initially successful authentication, is it possible to disable re-authentication such that HelloRequest/ClientHello messages are ignored? I've looked through the documentation, and tried to track down examples, but have not found anything

Question on SSL_set_bio()

SSL_set_bio() accepts both a read and write BIO. We have seen example programs that allocate one BIO and use it for both read and write, and others that allocate two BIOs. Under what circumstances would one approach be choosen over the other, or, what behavior results from choosing one over the

RE: SSL_MODE_ENABLE_PARTIAL_WRITE does not work in DTLS

z Castillo [mailto:i...@aliax.net] Sent: Friday, August 22, 2014 9:06 AM To: openssl-users@openssl.org Subject: Re: SSL_MODE_ENABLE_PARTIAL_WRITE does not work in DTLS   2014-08-22 14:43 GMT+02:00 Brian Hassink mailto:brian.hass...@oracle.com"brian.hass...@oracle.com>: > We see the s

RE: SSL_MODE_ENABLE_PARTIAL_WRITE does not work in DTLS

We see the same problem with DTLS over SCTP. In our application, there are messages as large as 60K, so we are interested in knowing if there is a way to send them over DTLS. -Brian -Original Message- From: Iñaki Baz Castillo [mailto:i...@aliax.net] Sent: Thursday, August 21, 2014 1:3

RE: DTLS aborts

Just got a reply on the RT about 10 minutes ago :) Looks like things are just slow. -Brian -Original Message- From: Salz, Rich [mailto:rs...@akamai.com] Sent: Tuesday, July 22, 2014 5:22 PM To: openssl-users@openssl.org Subject: RE: DTLS aborts > My guess (and its purely speculation) i

RE: DTLS aborts

Hi, I sent an email to HYPERLINK "mailto:r...@openssl.org"r...@openssl.org yesterday, shortly after receiving the reply below, but received nothing in return and did not see a forward on HYPERLINK "mailto:openssl-...@openssl.org"openssl-...@openssl.org. I sent another email to HYPERLINK

DTLS aborts

Hello all, We recently did some negative testing against OpenSSL 1.0.1e, with a focus on DTLS, and observed that the library, running on the peer, could be made to abort by simply disconnecting during the handshake process. The abort is due to a getsockopt() or setsockopt() call failing f