Topic: UDP DTLS will not connect

Hi,

I have a problem that seems weird.  I wrote a client and server application using UDP and DTLS patterned from the example echo server and client.  If I run the client and server on the same machine there is not problem with the connection and the data transfer.  However, if I place the server and client on different machines, I keep getting an SSL_Connection error: Resource not available.  I was wondering if anyone had any ideas of what I should be looking for?  Any and all suggestions would be greatly appreciated.

Doug

Share

Re: UDP DTLS will not connect

Hi Doug,

We recently put together several simple wolfSSL examples - some of which included DTLS examples.  You can find them here:

https://github.com/wolfSSL/wolfssl-examples

Do you see the same problem when using the DTLS examples from there?

Thanks,
Chris

Re: UDP DTLS will not connect

Those DTLS samples are bit weird BTW. There are some rather weird comments/functionality there. For example, server-dtls-threaded stores received packet in args->b, does nothing with it, and then calls SSL_accept on the new fd + SSL_read later to write over it tongue

I would like to see one that is non-blocking, and really handles multiple clients in parallel. (The 'non-blocking' example server does not.)

The lack of DTLSv1_listen equivalent makes doing one rather awkward (I assume you have to start new SSL instances before cookie exchange completes, making it bit less DoS resistant).

P.S. The (default) DTLS cookie generation seems to be somewhat insecure too, as it uses only remote address, and no random material at all. Therefore, you can precompute the results and do DoS attacks if you know the remote implementation is wolfSSL embedded SSL.

Share