used with no explanation. Some of this was introduced as part of RT#1929. The
value 28 is the length of the IP header (20 bytes) plus the UDP header (8
bytes). However use of this constant is incorrect because there may be
instances where a different value is needed, e.g. an IPv4 header is 20 bytes
but an IPv6 header is 40. Similarly you may not be using UDP (e.g. SCTP).
This commit introduces a new BIO_CTRL that provides the value to be used for
this mtu "overhead". It will be used by subsequent commits.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Don't attempt to access msg structure if recvmsg returns an error.

PR#3483
Reviewed-by: NStephen Henson <steve@openssl.org>
Reviewed-by: NTim Hudson <tjh@openssl.org>

Problem with #ifdef in the BIO_CTRL_DGRAM_MTU_DISCOVER case that
is different from the BIO_CTRL_DGRAM_QUERY_MTU one which seems
correct.
Reviewed-by: NMatt Caswell <matt@openssl.org>

Signed-off-by: NKurt Roeckx <kurt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

Undo unapproved commit that removed DJGPP and WATT32

DJGPP is no longer a supported platform.  Remove all #ifdef, etc.,
cases that refer to it.  DJGPP also #define'd WATT32, so that
is now removed as well.

PR: 3327

Submitted by: Roumen Petrov

PR: 2809

DTLS/SCTP requires DATA and FORWARD-TSN chunks to be protected with
SCTP-AUTH.  It is checked if this has been activated successfully for
the local and remote peer. Due to a bug, however, the
gauth_number_of_chunks field of the authchunks struct is missing on
FreeBSD, and was therefore not considered in the OpenSSL implementation.
This patch sets the corresponding pointer for the check correctly
whether or not this bug is present.
(cherry picked from commit f596e3c491035fe80db5fc0c3ff6b647662b0003)

Submitted by: Pierre Delaage

contemporary SDK.

PR: 2830
Submitted by: Robin Seggelmann

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Reduce MTU after failed transmissions.

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Add SCTP support for DTLS (RFC 6083).

Submitted by: "Mauro H. Leggieri" <mxmauro@caiman.com.ar>
Reviewed by: steve

Stop warnings if OPENSSL_NO_DGRAM is defined.

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS socket error bug

Submitted by: Michael Bergandi <mbergandi@gmail.com>
Reviewed by: steve

Fix typo in crypto/bio/bss_dgram.c

PR: 2114
Submitted by: Robin Seggelmann

not to mention that first sockaddr_storage had __ss_family, not ss_family.
In other words it makes more sense to avoid sockaddr_storage...

PR: 2110

from b_sock.c, don't assume that caller always passes pointer to buffer
large enough to hold sockaddr_storage.
PR: 2069

Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org

IPv6 support for DTLS.

Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org

Fix handling of ENOTCONN and EMSGSIZE for dgram BIOs.

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Fix DTLS cookie management bugs.

Submitted by: steve@openssl.org

Some systems have broken IPv6 headers and/or implementations. If
OPENSSL_USE_IPV6 is set to 0 IPv6 is not used, if it is set to 1 it is used
and if undefined an attempt is made to detect at compile time by checking
if AF_INET6 is set and excluding known problem platforms.

Update from 0.9.8-stable

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS MTU bug.

make sure that BOTH instances of said code get the VMS modification.