Real MTU problems with BIO pair
Detlef Vollmann
dv at vollmann.ch
Thu Aug 20 19:44:05 UTC 2020
Hello,
if I create a BIO pair with
BIO_new_bio_pair(&int_bio, 0, &ext_bio_, 0);
then I tried to use SSL_set_mtu(), DTLS_set_link_mtu()
and SSL_CTX_set_max_send_fragment(ctx, 1000).
None of them gave me an error, but also none of them worked:
the ServerHello was still sent as a single packet (>1500 bytes).
If I create the BIO pair using
BIO_new_bio_pair(&int_bio, 1000, &ext_bio_, 1000);
then the ServerHello is fragmented, but not into DTLS
handshake fragments, but just into separate UDP packets,
that neither s_client nor my own client can work with.
Is there any way to set the maximum fragment size for
DTLS handshake with a BIO pair?
Thanks,
Detlef
More information about the openssl-users
mailing list