2014-09-01 15:42 GMT+02:00 Salz, Rich <rs...@akamai.com>: > The size of your UDP packet depends on the MTU supported by everyone along > the path. (BTW, that's what heartbeat was created.)
Yes, it is understood now. But, given that DTLS provides reliability and message order, it makes sense IMHO that SSL_write(long size) would produce chunks of the desired size (previously set somehow). I'm not asking for it anyhow as the common usage of DLTS for carrying encrypted application data usually involve their own message framing and each datagram must contain a single or multiple (but entire) frames. > I suggest you get your program working "properly" for your definition of what > properly means, without DTLS. Then add DTLS. The fact is that I need DTLS in order to establish a secure UDP channel for SRTP keys sharing (which is done in the DTLS handshake with the "use_srtp" extension). This is done and working. Sending encrypted application data using DTLS records is a future step that I do not need right now (I was just testing that). Anyhow I fully understand now that the application is responsible of detecting the MTU and writing the correct size into SSL_write(). > And have you read the paper I pointed you to? Yes, thanks a lot. -- Iñaki Baz Castillo <i...@aliax.net> ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
