[openssl-users] New DTLS association from the same IP:port

Dmitry Sobinov dmitry at addlive.com
Mon May 2 05:56:27 UTC 2016


Is there any way in OpenSSL to detect new connections over the same IP:port
quartet on a server side? For example, when client reconnects from the same
local IP:port, but the server still thinks that the old client is still

RFC 6347 4.2.8 specifies that the server side should send Hello Verify
Request after receiving Client Hello on the existing association.

However, OpenSSL just returns WANT_READ after passing Client Hello to
SSL_read without actually sending back anything.

What is the proper way to fix this behaviour?

Dmitry Sobinov
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160502/e718ca29/attachment.html>

More information about the openssl-users mailing list