hi, we are using DTLS from OpenSSL to implement DTLS-SRTP in our product (Wire.com) .. The code and implementation works really well and is very robust. We are using OpenSSL version 1.0.2g
since our product is deployed globally on mobile data networks, we have quite variable latency and packetloss. The patch below shows my working code, it has an initial retransmit timeout of 400 ms which is incrementing by 10% for every re-trans. obviously this patch cannot make it into the official tree. but I would like to discuss with you guys the option to add some kind of API for: - Setting the initial RTO for DTLS (in milliseconds). - Setting the retransmit policy for DTLS, i.e. should it double or increment by X for every re-trans. in addition we have seen the code hit this assert in production: /*OPENSSL_assert(0);*/ /* XDTLS: want to see if we ever get here */ so I would say it should be safe to remove it. Best Regards, Alfred E. Heggestad Berlin -- diff -Naur openssl-1.0.2g/ssl/d1_lib.c openssl/ssl/d1_lib.c --- openssl-1.0.2g/ssl/d1_lib.c 2016-03-01 14:35:53.000000000 +0100 +++ openssl/ssl/d1_lib.c 2016-06-01 10:45:27.000000000 +0200 @@ -359,6 +359,8 @@ void dtls1_start_timer(SSL *s) { + struct timeval diff; + #ifndef OPENSSL_NO_SCTP /* Disable timer for SCTP */ if (BIO_dgram_is_sctp(SSL_get_wbio(s))) { @@ -369,14 +371,17 @@ /* If timer is not set, initialize duration with 1 second */ if (s->d1->next_timeout.tv_sec == 0 && s->d1->next_timeout.tv_usec == 0) { - s->d1->timeout_duration = 1; + s->d1->timeout_duration = 0.400; } /* Set timeout to current time */ get_current_time(&(s->d1->next_timeout)); /* Add duration to current time */ - s->d1->next_timeout.tv_sec += s->d1->timeout_duration; + diff.tv_sec = 0; + diff.tv_usec = 1000000*s->d1->timeout_duration; + timeradd(&s->d1->next_timeout, &diff, &s->d1->next_timeout); + BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0, &(s->d1->next_timeout)); } @@ -441,7 +446,7 @@ void dtls1_double_timeout(SSL *s) { - s->d1->timeout_duration *= 2; + s->d1->timeout_duration *= 1.10; if (s->d1->timeout_duration > 60) s->d1->timeout_duration = 60; dtls1_start_timer(s); diff -Naur openssl-1.0.2g/ssl/d1_pkt.c openssl/ssl/d1_pkt.c --- openssl-1.0.2g/ssl/d1_pkt.c 2016-03-01 14:35:53.000000000 +0100 +++ openssl/ssl/d1_pkt.c 2016-03-08 14:39:44.000000000 +0100 @@ -1502,7 +1502,7 @@ * will happen with non blocking IO */ if (s->s3->wbuf.left != 0) { - OPENSSL_assert(0); /* XDTLS: want to see if we ever get here */ + /*OPENSSL_assert(0);*/ /* XDTLS: want to see if we ever get here */ return (ssl3_write_pending(s, type, buf, len)); } diff -Naur openssl-1.0.2g/ssl/dtls1.h openssl/ssl/dtls1.h --- openssl-1.0.2g/ssl/dtls1.h 2016-03-01 14:35:53.000000000 +0100 +++ openssl/ssl/dtls1.h 2016-03-08 14:39:44.000000000 +0100 @@ -225,8 +225,8 @@ * Indicates when the last handshake msg or heartbeat sent will timeout */ struct timeval next_timeout; - /* Timeout duration */ - unsigned short timeout_duration; + /* Timeout duration in Seconds */ + double timeout_duration; /* * storage for Alert/Handshake protocol data received but not yet * processed by ssl3_read_bytes: -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev