On Mar 6, 2012, at 7:29 PM, Stephen Henson via RT wrote: >> [seggelm...@fh-muenster.de - Mon Mar 05 15:26:38 2012]: >> >> The DTLS implementation does not lower the assumed MTU after >> unsuccessful retransmissions, which results in a failing handshake in >> case fragmentation is necessary. >> >> With this patch the MTU is reduced to a "safe" value of 576 - 20 - 8 >> for IPv4 and 1280 - 40 - 8 for IPv6, respectively, after 2 >> retransmissions. >> > > Should this be applied to OpenSSL 0.9.8? The patch seems to work (with > some complaints) but it wont compile.
I forgot to add a patch for 0.9.8. The issue is that DTLS in 0.9.8 has no IPv6 support, so the sockaddr structures are different. That's why it doesn't compile. Is there any reason why the IPv6 patch was never applied? Since only IPv4 is possible, the attached version of the patch for 0.9.8 simply always returns the value for IPv4. Best regards Robin > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List openssl-dev@openssl.org > Automated List Manager majord...@openssl.org
dtls-timer-mtu-bug-0.9.8.patch
Description: Binary data