Regarding netinet/sctp.h inclusion in bss_dgram.c

Matt Caswell matt at
Tue Oct 15 09:49:42 UTC 2019

On 15/10/2019 10:32, Matt Caswell wrote:
> On 15/10/2019 07:51, Naveen Shivanna wrote:
>> Hi, 
>> After adding 'enable-sctp' compile option, OpenSSL (DTLS) can work with
>> SCTP as transport.
>> OpenSSL bss_dgram.c file includes the kernel /netinet/sctp.h.
>> We have our own custom SCTP implementation (also implements  custom BIO
>> METHODS, do not use the default methods), so we need to remove the
>> dependency of kernel sctp.h from bss_gram.c file. Our build environment
>> do not have the sctp.h and we are not supposed to install lksctp-tools.
>> Can we tailor the bss_gram.c with new compile macro or is there any
>> other better solution ?
> Hmm. There isn't really a "good" way to do this. I can think of two options:
> 1) Modify the OpenSSL source (perhaps in the way that you suggest with a
> compile time macro)
> or
> 2) Provide a "dummy" implementation of netinet/sctp.h. This would have
> to provide "stub" implementations of any SCTP related functions/macros
> used by bss_dgram.c. That would enable you to build unmodified OpenSSL
> source.

Thinking about this a little more, I think you may encounter other
problems with replacing the standard SCTP BIO with your own one. The
functions BIO_dgram_sctp_wait_for_dry() and BIO_dgram_sctp_msg_waiting()
spring to mind. They get called by libssl in certain scenarios, are
specific to the standard SCTP BIO, and are not replaceable via BIO_METHOD.

I think you would have to implement your own versions of those
functions, which implies that modifying the OpenSSL source is the only


More information about the openssl-users mailing list