[openssl-users] How to handle DTLS Certificate Reassembly Error

Chad Phillips chad at apartmentlines.com
Sun Sep 18 00:01:43 UTC 2016

On Sat, Sep 17, 2016 at 3:43 PM, Matt Caswell <matt at openssl.org> wrote:

There is an OpenSSL API which is intended to resolve this issue:
> DTLSv1_handle_timeout()
> The application is expected to call this periodically during the
> handshake if no other data has been sent or received. The causes
> OpenSSL to check its timer and do any retransmits if necessary. If
> licode doesn’t call this, then its plausible that this is the cause of the
> issue.

“grep -r DTLSv1_handle_timeout .” in the Licode source directory returns
nothing, so we may have our culprit!

Curious what versions of openssl support the DTLSv1_handle_timeout()
approach? I know the Licode guys run 1.0.1g, it would be great if a single
solution could be committed that was backwards compatible.

Is there anything special I should know about how to use
DTLSv1_handle_timeout()? Just have it run on a timer until the handshake
completes? I guess I’m asking for some pre-documentation ;)

Thanks again for your help, this is definitely the most clear progress I’ve
made on this problem, and it’s been haunting me for months!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160917/f81762da/attachment.html>

More information about the openssl-users mailing list