2014-09-01 15:42 GMT+02:00 Salz, Rich :
> The size of your UDP packet depends on the MTU supported by everyone along
> the path. (BTW, that's what heartbeat was created.)
Yes, it is understood now. But, given that DTLS provides reliability
and message order, it makes sense IMHO that SSL_write(long size) would
produce chunks of the desired size (previously set somehow). I'm not
asking for it anyhow as the common usage of DLTS for carrying
encrypted application data usually involve their own message framing
and each datagram must contain a single or multiple (but entire)
frames.
> I suggest you get your program working "properly" for your definition of what
> properly means, without DTLS. Then add DTLS.
The fact is that I need DTLS in order to establish a secure UDP
channel for SRTP keys sharing (which is done in the DTLS handshake
with the "use_srtp" extension). This is done and working. Sending
encrypted application data using DTLS records is a future step that I
do not need right now (I was just testing that). Anyhow I fully
understand now that the application is responsible of detecting the
MTU and writing the correct size into SSL_write().
> And have you read the paper I pointed you to?
Yes, thanks a lot.
--
Iñaki Baz Castillo
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
