Hi Michael, thanks for quick response. i had one more question, is it possible to do decoupling of ssl object and socket fd to avoid rehandshake? (i am thinking to create socketfd only for active clients, if it is inactive for sometime then close the connection/socket and for inactive clients keep the ssl object cached, whenever inactive clients send data create new fd and associate with old ssl object, similar to http://net-snmp.sourceforge.net/dev/agent/snmpDTLSUDPDomain_8c_source.html). is it possible?
if i look at DTLSv1_listen, i am thinking i can not distinguish between active/inactive client? is it possible based on error value from DTLSv1_listen to tell if i received hello message or invalid message or invalid hello message/wrong cookie. thanks, manish On Wed, Jan 25, 2012 at 3:24 PM, Michael Tuexen < [email protected]> wrote: > On Jan 25, 2012, at 7:08 AM, Manish Yadav wrote: > > > Hi all, > > > > could you please confirm if dtls timers are implemented at client side > only and not on server side (only client retries/attempts to establish > connection) or why they should be implemented on server side also. > You need timers on the server side also. However, > DTLSv1_get_timeout/DTLSv1_handle_timeout is only necessary if you use > select. > > > > > > after looking at : http://crypto.stanford.edu/~nagendra/papers/dtls.pdf > > > > i understood that i need to call > DTLSv1_get_timeout/DTLSv1_handle_timeout incase of non-blocking socket. but > after looking at example available on net "dtls_udp_echo2.c", i see only > client side take care of this. i feel only client side should try to > reconnect, why server should try to resend message to client. > Not sure about dtls_udp_echo2.c. You might want to take a look at the > examples available at > http://sctp.fh-muenster.de/dtls-samples.html > > > > please share if you know any example on this. > Maybe Robin has more examples... > > Best regards > Michael > > > > thanks, > > manish > > > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List [email protected] > Automated List Manager [email protected] >
