Manuel Pégourié-Gonnard
Manuel Pégourié-Gonnard
Closing this issue as the problem was fixed in 3.6.1 and while it has not been resolved for 4.0 yet, that part is already tracked by #6640 which has now...
Fragmentation is supposed to be supported with DTLS. @gilles-peskine-arm I think you might be confusing with TLS where we indeed have not even attempted to receiving fragmented messages so far....
Ok, I think there are two things here. First, unlike other functions that parse a handshake message, `ssl_parse_client_hello()` does not call `mbedtls_ssl_read_record()` (which unlike the name suggests, also takes care...
I installed OpenSSL 3.1.0 on my linux machine and running `openssl s_client -connect 127.0.0.1:4433 -dtls1_2` against `dtls_server` works like a charm. The initial ClientHello is 247 bytes and the second...
Thanks! However, I'm not seeing anything here suggesting that the handshake failed due to the ClientHello being fragmented. At a high level, what I see is that the server receives...
Thank you! This time indeed I can confirm that the second ClientHello (with the cookie) is fragmented: its header is `01 00 00 d4 00 01 00 00 00 00...
One thought: it might be that the first time OpenSSL sends its ClientHello-with-cookie, the packet gets lost somehow, and then it starts fragmenting when re-transmitting. This wouldn't show in the...
Thank you! > One thought: it might be that the first time OpenSSL sends its ClientHello-with-cookie, the packet gets lost somehow, and then it starts fragmenting when re-transmitting. This wouldn't...
Note: the wireshark trace also shows that the first fragment (203 bytes) results in an UDP datagram of 236 bytes and an IPv4 packets of 256 bytes. Since this is...
Thanks for the info. This is indeed an important interoperability problem, and we'll be looking into this. > In my project we're thinking of working around this problem by simply...