PacketSender icon indicating copy to clipboard operation
PacketSender copied to clipboard

Published 20 hours ago verified publisher icon dannagle

Add DTLS (TLS over UDP) support

Open OrenShm opened this issue 4 years ago • 3 comments

What OS?

  • [x] Windows
  • [ ] Mac
  • [ ] Linux (Which distro?)

Description of issue

Currently the packet sender supports udp \ tcp \ ssl (TLS). It would be great if it could also support DTLS (Datagram TLS == "TLS over UDP").

It could be checked again OpenSSL \ mbedTLS.

Opening DTLS server using mbedTLS: ./programs/ssl/ssl_server2 ca_file=<ca_cert> crt_file=<server_cert> key_file=<key_file> server_addr=<hostname_ip> server_port=<server_port> auth_mode=required dtls=1

Opening DTLS server using OpenSSL: openssl s_server -accept <server_port> -auth -cert <server_cert> -key <server_key> -cert2 <server_cert> -key2 <server_key> -CAfile <ca_cert> -servername -Verify required -dtls1_2

An echo server of DTLS could be found here (It also requires openssl)- https://github.com/nplab/DTLS-Examples

OrenShm avatar Dec 16 '20 15:12 OrenShm

Very interesting idea. A few years back when I looked at this, I determined DTLS was not that stable with hard-to-find examples. It seems worth another look now.

dannagle avatar Dec 16 '20 15:12 dannagle

Sounds great, thanks 👍

OrenShm avatar Dec 17 '20 15:12 OrenShm

For a WebRTC application, the large DTLS (larger than MTU size) packet gets fragmented and reassembled. We've run into scenarios where firewalls are blocking large UPD.

danfoxley avatar Feb 28 '23 18:02 danfoxley