<div dir="ltr">Hi Michael,<div><br></div><div>I am using "Red Hat Enterprise Linux Server release 6.4 (Santiago)" and openssl version is 1.1.0.</div><div><br></div><div>SCTP version :</div><div><br></div><div><div>[root@localhost DIAMETER]# rpm -qa | grep -i "sctp"</div><div><b>lksctp-tools-1.0.10-5.el6.x86_64</b></div><div>[root@localhost DIAMETER]# rpm -qi lksctp-tools-1.0.10-5.el6.x86_64</div><div>Name : lksctp-tools Relocations: (not relocatable)</div><div>Version : 1.0.10 Vendor: Red Hat, Inc.</div><div>Release : 5.el6 <b>Build Date: Mon 22 Feb 2010 12:24:33 PM CET</b></div><div>Install Date: Wed 08 Feb 2017 10:08:12 AM CET Build Host: <a href="http://hs20-bc1-2.build.redhat.com">hs20-bc1-2.build.redhat.com</a></div><div>Group : System Environment/Libraries Source RPM: lksctp-tools-1.0.10-5.el6.src.rpm</div><div>Size : 203688 License: GPLv2 and GPLv2+ and LGPLv2 and BSD</div><div>Signature : RSA/8, Mon 16 Aug 2010 08:17:01 PM CEST, Key ID 199e2f91fd431d51</div><div>Packager : Red Hat, Inc. <<a href="http://bugzilla.redhat.com/bugzilla">http://bugzilla.redhat.com/bugzilla</a>></div><div>URL : <a href="http://lksctp.sourceforge.net">http://lksctp.sourceforge.net</a></div><div>Summary : User-space access to Linux Kernel SCTP</div><div>Description :</div><div>This is the lksctp-tools package for Linux Kernel SCTP (Stream Control</div><div>Transmission Protocol) Reference Implementation.</div></div><div><br></div><div><br></div><div><br></div><div>Thanks,</div><div>Mahesh G S</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Feb 22, 2017 at 8:33 PM, Michael Tuexen <span dir="ltr"><<a href="mailto:Michael.Tuexen@lurchi.franken.de" target="_blank">Michael.Tuexen@lurchi.franken.de</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">> On 22 Feb 2017, at 07:47, mahesh gs <<a href="mailto:mahesh116@gmail.com">mahesh116@gmail.com</a>> wrote:<br>
><br>
> Hi,<br>
><br>
</span><div><div class="h5">> Thank you for sharing the sample code.<br>
><br>
> I tried running SCTP DTLS Echo server and client. I am facing strange problem "ssl_connect" hangs on the client side, even the "ssl_accept" hangs on the server side.<br>
><br>
> Client side back trace<br>
><br>
> (gdb) bt<br>
> #0 0x0000003db4c0ea10 in __recvmsg_nocancel () from /lib64/libpthread.so.0<br>
> #1 0x00007ffff7a64dc5 in dgram_sctp_read (b=0x6223f0, out=0x629073 "\026\376\377", outl=17741) at bss_dgram.c:1178<br>
> #2 0x00007ffff7a597a9 in BIO_read (b=0x6223f0, out=0x629073, outl=17741) at bio_lib.c:210<br>
> #3 0x00007ffff7db80e4 in ssl3_read_n (s=0x622c70, n=13, max=17741, extend=<value optimized out>) at s3_pkt.c:258<br>
> #4 0x00007ffff7dcaf75 in dtls1_get_record (s=0x622c70) at d1_pkt.c:676<br>
> #5 0x00007ffff7dcb6b8 in dtls1_read_bytes (s=0x622c70, type=22, buf=0x7ffffffedfd0 "\006", len=12, peek=0) at d1_pkt.c:938<br>
> #6 0x00007ffff7dcdda5 in dtls1_get_message_fragment (s=0x622c70, st1=<value optimized out>, stn=4449, max=30, ok=0x7ffffffee09c)<br>
> at d1_both.c:908<br>
> #7 0x00007ffff7dce414 in dtls1_get_message (s=0x622c70, st1=4448, stn=4449, mt=14, max=30, ok=0x7ffffffee09c) at d1_both.c:512<br>
> #8 0x00007ffff7dacaf9 in ssl3_get_server_done (s=0x622c70) at s3_clnt.c:2458<br>
> #9 0x00007ffff7dc8467 in dtls1_connect (s=0x622c70) at d1_clnt.c:466<br>
> #10 0x0000000000402f75 in start_client(char*, char*, int, int, int) ()<br>
> #11 0x0000000000403573 in main ()<br>
><br>
><br>
> Server side back trace<br>
><br>
> (gdb) info threads<br>
> 2 Thread 0x7ffff793c700 (LWP 20161) 0x0000003db4c0ea2d in recvmsg () from /lib64/libpthread.so.0<br>
> * 1 Thread 0x7ffff793e720 (LWP 20155) 0x0000003db4c0e84d in accept () from /lib64/libpthread.so.0<br>
> (gdb) t 2<br>
> [Switching to thread 2 (Thread 0x7ffff793c700 (LWP 20161))]#0 0x0000003db4c0ea2d in recvmsg () from /lib64/libpthread.so.0<br>
> (gdb) bt<br>
> #0 0x0000003db4c0ea2d in recvmsg () from /lib64/libpthread.so.0<br>
> #1 0x00007ffff7a633a6 in BIO_dgram_sctp_wait_for_dry (b=0x7ffff0001930) at bss_dgram.c:1803<br>
> #2 0x00007ffff7dc7830 in dtls1_accept (s=0x7ffff00008c0) at d1_srvr.c:403<br>
> #3 0x00000000004021ee in connection_handle(void*) ()<br>
> #4 0x0000003db4c07851 in start_thread () from /lib64/libpthread.so.0<br>
> #5 0x0000003db48e890d in clone () from /lib64/libc.so.6<br>
> (gdb)<br>
><br>
><br>
> I am also attaching the wireshark trace (port 4443) and a server key for decoding wireshark.<br>
><br>
> Command used on server side: ./dtls_sctp_echo -L 16.181.38.161 -p 4443<br>
><br>
> Command used on client side : ./dtls_sctp_echo -L 16.181.38.161 -p 4443 -l 50 -n 5 16.181.38.161<br>
><br>
> Thanks in advance for your valuable input<br>
</div></div>I've CCed Irene, who did some testing recently on FreeBSD, where the implementation works.<br>
The server is waiting for a sender dry event which it should get.<br>
<br>
Which version of OpenSSL are you using and which OS are you using?<br>
<br>
Best regards<br>
Michael<br>
<span class="">><br>
> Regards,<br>
> Mahesh G S<br>
><br>
><br>
><br>
> On Tue, Feb 21, 2017 at 2:28 PM, Michael Tuexen <<a href="mailto:Michael.Tuexen@lurchi.franken.de">Michael.Tuexen@lurchi.<wbr>franken.de</a>> wrote:<br>
> > On 21 Feb 2017, at 09:53, mahesh gs <<a href="mailto:mahesh116@gmail.com">mahesh116@gmail.com</a>> wrote:<br>
> ><br>
> > Hi,<br>
> ><br>
> > We have a client, server applications that is using SCTP as a transport protocol. We have to secure the connections using DTLS. I am using openssl version 1.0.2 which supports DTLS. But the problem i am facing is usage of DTLS SCTP related API's. Openssl documentation does not clearly explain all the SCTP related API's and usage sequence.<br>
> ><br>
> > I have tried going though internet and found most of the sites redirect to one link for SCTP DTLS sample code. But this link is not working.<br>
> ><br>
> > <a href="http://sctp.fh-muenster.de/dtls-samples.html" rel="noreferrer" target="_blank">http://sctp.fh-muenster.de/<wbr>dtls-samples.html</a><br>
> Try<br>
> <a href="http://web.archive.org/web/20150617012520/http://sctp.fh-muenster.de/dtls-samples.html" rel="noreferrer" target="_blank">http://web.archive.org/web/<wbr>20150617012520/http://sctp.fh-<wbr>muenster.de/dtls-samples.html</a><br>
> and yes, we need to bring the machine up again.<br>
><br>
> Best regards<br>
> Michael<br>
> ><br>
> > If any of you has an sample code of DTLS adaptation for SCTP. It would immensely help me for my work.<br>
> ><br>
> > Looking forward to your valuable inputs.<br>
> ><br>
> > Thanks,<br>
> > Mahesh G S<br>
> > --<br>
> > openssl-users mailing list<br>
> > To unsubscribe: <a href="https://mta.openssl.org/mailman/listinfo/openssl-users" rel="noreferrer" target="_blank">https://mta.openssl.org/<wbr>mailman/listinfo/openssl-users</a><br>
><br>
> --<br>
> openssl-users mailing list<br>
> To unsubscribe: <a href="https://mta.openssl.org/mailman/listinfo/openssl-users" rel="noreferrer" target="_blank">https://mta.openssl.org/<wbr>mailman/listinfo/openssl-users</a><br>
><br>
</span>> <log.pcap><server.key.pem>--<br>
<div class="HOEnZb"><div class="h5">> openssl-users mailing list<br>
> To unsubscribe: <a href="https://mta.openssl.org/mailman/listinfo/openssl-users" rel="noreferrer" target="_blank">https://mta.openssl.org/<wbr>mailman/listinfo/openssl-users</a><br>
<br>
--<br>
openssl-users mailing list<br>
To unsubscribe: <a href="https://mta.openssl.org/mailman/listinfo/openssl-users" rel="noreferrer" target="_blank">https://mta.openssl.org/<wbr>mailman/listinfo/openssl-users</a><br>
</div></div></blockquote></div><br></div>