问题
With TCP it is pretty easy because is connection-based and once a connection is established you can set up the SSL object associated with that connection once and stream data...UDP however is connection-less, so does this mean I have to set up a new SSL object for each UDP packet I get from a client? Is there a way I could use the same SSL object for subsequent reads from the socket as long as I'm talking to the same client?
回答1:
Even with UDP you can still "bind" and "connect" a socket. If you are using OpenSSL then use DTLSv1_listen() to await a connection from a new client. When one arrives, create a new socket which is connected to the client's address/port and use a new SSL object for that socket. All subsequent DTLS packets to/from that client can use the same SSL object.
来源:https://stackoverflow.com/questions/43529927/when-using-dtls-with-udp-sockets-on-openssl-how-do-you-properly-handle-the-conn