URGENT: Parsing DTLS Alerts in OpenSSL

NJ jain61 at gmail.com
Mon Apr 15 21:23:02 UTC 2019


I am facing issue while trying to parse the Alert received from client.
I could see the Alert on wireshark  as "Alert(21) Handshake Failure" but
while trying to parse it from below code doesn't work.

I want to parse this error and try to re-initiate the handshake from my
server code. 

ctx_info_callback( const SSL *s, int where, int ret )
    const char *str;
    int w;

    if( w & SSL_ST_ACCEPT) // I only have server implemented
         str = "SSL_accept"  

    if( where & SSL_CB_LOOP)
        // printed state string
    }else if (where & SSL_CB_ALERT)
        // printed alert type
    }else if ( where & SSL_CB_EXIT )
        // checked ret type   --> Run time only shows "SSL_accept : error in
SSLv3 read client hello B"

I could not complete SSL_do_handshake (in certain cases like network
connection failure) completed and my server gets stuck in read message.
I am trying to understand what might be causing this issue but meanwhile the
client is keep on re-initializing and sending Alert messages.

Any insight on as why I keep on getting this "read client hello B" message
will be helpful. I am using non-blocking sockets so based on documentation
it is correct behavior and for most of the cases I see the sever completes
handshake after certain tries and gets out of this loop.

Only for few cases it gets stuck like when the network connection is lost
but I think if the network connection re-initializes I should be able to
recover it if I could parse these Alerts ?

In order to re-initialize connection I am completely resetting all CTX,SSL,
and socket objects so there is no stale SSL object which might be causing


Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html

More information about the openssl-users mailing list