Real MTU problems with BIO pair

Detlef Vollmann dv at
Thu Aug 20 19:44:05 UTC 2020


if I create a BIO pair with
   BIO_new_bio_pair(&int_bio, 0, &ext_bio_, 0);

then I tried to use SSL_set_mtu(), DTLS_set_link_mtu()
and SSL_CTX_set_max_send_fragment(ctx, 1000).
None of them gave me an error, but also none of them worked:
the ServerHello was still sent as a single packet (>1500 bytes).

If I create the BIO pair using
   BIO_new_bio_pair(&int_bio, 1000, &ext_bio_, 1000);
then the ServerHello is fragmented, but not into DTLS
handshake fragments, but just into separate UDP packets,
that neither s_client nor my own client can work with.

Is there any way to set the maximum fragment size for
DTLS handshake with a BIO pair?


More information about the openssl-users mailing list