I'm using the DTLS example server provided with the wolfSSL 4.1.0 and I'm using an openSSL client. Client instances can use either DTLS 1.0 or 1.2. If I set both on the server and client the same DTLS version everything goes fine. If I set the server with 1.2 and the client with 1.0, the server does not accept the client connection. The openSSL server can be configured (option -dtls) to accept any client either 1.0 or 1.2. This seems not possible with wolfSSL.
In fact wolfSSL has the following server methods:
wolfDTLSv1_server_method
wolfDTLSv1_2_server_method
While openSSL has:
DTLS_server_method
DTLSv1_2_server_method
DTLSv1_server_method
So, it seems that wolfSSL does not provide a generic DTLS server method in case we would negotiate the version with the client.
Is there any specific setting to "force" the server to negotiate the version depending on the client dtls version (10 or 1.2)?
@alfonso,
There is no setting to force the server to negotiate the version in wolfSSLs' DTLS implementation. With TLS you can do a protocol negotiation with wolfSSLv23_server_method() but we do not have an equivalent yet for DTLS. If this is a feature enhancement you would like to see added you can send the wolfSSL development team a note at [email protected] to request the feature be considered.
Warm Regards,
K