[openssl-users] DTLS over UDP

[Nivedita]

Hi All,

I am trying to establish  DTLS over UDP connection  by using DTLSv1_listen
method .

I have followed the below steps -
1. Created  a server  socket  and using this socket created bio and ssl
object.
      bio = BIO_new_dgram(VI_sock,BIO_NOCLOSE))
      SSL_set_bio(ssl,VP_bio,VP_bio);

2. Enable cookie exchange on SSL object.
     SSL_set_options(ssl, SSL_OP_COOKIE_EXCHANGE);

3. Then started listening using dtlsv1_listen  for the new client
connections. Once dtlsv1_listen is successful and i got the peer address.

4. Once i got the peer address , i am creating one more socket

5. With the new socket i tried to connect to peer address.

6. Then i am trying to do ssl_accept on the new socket by calling
bio_set_fd.

 BIO_set_fd(SSL_get_rbio(ssl),VI_new_sock_id,BIO_NOCLOSE);
 BIO_ctrl(SSL_get_rbio(VP_ssl),BIO_CTRL_DGRAM_SET_CONNECTED, 0,
&client_addr);
 SSL_set_fd(ssl,VI_newsock_id);

  VI_res = SSL_accept(ssl);

But ssl_accept will always return error code 2 [ i.e want read or want
write]

But if i am doing ssl_accept without doing the step no 6 it it will be
successful.

Could someone please let us know how to switch to newly created socket, so
that it can start using newly created socket for further read and write
operations and original server socket  will keep on listening for new
connections.


Regards,
Nivedita
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180213/9cd387e8/attachment.html>