DTLS server in OpenSSL 0.9.8

ed sandberg ed.sandberg at galois.com
Thu May 18 19:27:54 UTC 2023


I am unable to get openssl 0.9.8 to work with dtls. I am able to start a 
server with 1.1.1b like this:

./openssl-1.1.1b/apps/openssl s_server -key ./rsa2048_key.pem -cert 
./rsa2048_cert.pem -CAfile ./rsa2048_cert.pem -accept 30005 -dtls1 
-timeout -mtu 5000

it works as I expect it to. Both netstat and nmap show the port is bound 
and listening and the server responds to clients.

If I start the server the same way with 0.9.8 (I tried versions k and za):

$ ./openssl-0.9.8za/apps/openssl s_server -key ./rsa2048_key.pem -cert 
./rsa2048_cert.pem -CAfile ./rsa2048_cert.pem -accept 30005 -dtls1 
-timeout -mtu 5000

I get no error, the command continues to run as though it were waiting 
for connections but it is not actually listening. Nmap reports the port 
is closed and netstat does not list the port as bound:

$ netstat -n --udp --listen
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address State
udp        0      0 0.0.0.0:5353            0.0.0.0:*
udp        0      0 127.0.0.53:53           0.0.0.0:*
udp        0      0 0.0.0.0:41130           0.0.0.0:*
udp        0      0 0.0.0.0:631             0.0.0.0:*
udp6       0      0 :::5353                 :::*
udp6       0      0 :::58796                :::*
udp6       0      0 :::6666                 :::*

$ sudo nmap -sU -p30005 127.0.0.1
Starting Nmap 7.80 ( https://nmap.org ) at 2023-05-18 14:07 CDT
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000036s latency).

PORT      STATE  SERVICE
30005/udp closed unknown

Is my command incorrect for v0.9.8? If so can someone please provide a 
correct example?

Thanks!


More information about the openssl-users mailing list