[openssl-users] DTLS and packet loss

Matt Caswell matt at openssl.org
Mon Jun 1 09:39:10 UTC 2015

On 01/06/15 10:08, Alfred E. Heggestad wrote:
> Hi,
> we are using OpenSSL to deploy DTLS-SRTP, Ref:
> http://www.creytiv.com/doxygen/re-dox/html/tls__udp_8c.html
> it works really well, thanks for the good code.
> one scenario that does not work so well, is when DTLS
> is running in an environment with packet loss.
> for example, we get this error message:
> 140735307322128:error:1411B09F:SSL
> routines:ssl3_get_new_session_ticket:length mismatch:s3_clnt.c:2183:
> any hints of where I should start looking ?

Can you confirm which version of OpenSSL you are running?

Are you also running OpenSSL on the server side (and if so which version

The error message suggests that the NewSessionTicket message that has
been received by the client is incorrectly formatted.

A packet capture for a problem handshake might help diagnose the problem


More information about the openssl-users mailing list