We are trying to use TLS (or, more specifically, DTLS) over UDP. In order to do this we create an input-port?/output-port? pair via make-pipe and then run the pair through ports->ssl-ports. The handshake this causes is failing and therefore the whole process hangs and the ports don't get converted. We have a couple questions:
1) Does the Racket openssl library (i.e. (require openssl)) implement DTLS?
2) What might be causing the failure? (Hopefully) minimal code is below; we have been banging our heads on it and could use some advice.
; Pseudo code, simplified from live code and not tested
(define server-ctx (ssl-make-server-context 'tls12))
(ssl-load-certificate-chain! server-ctx pem)
(ssl-load-private-key! server-ctx pem)
(ssl-server-context-enable-ecdhe! server-ctx 'secp521r1)
(define client-ctx (ssl-make-client-context 'tls12))
(ssl-set-ciphers! client-ctx "ECDHE-RSA-AES128-SHA256")
(define rx-in-ch (make-async-channel))
(define sock (udp-open-socket))
(udp-bind! sock ...)
(define-values (rx-in1 rx-out1) (make-pipe size))
(define-values (tx-in1 tx-out1) (make-pipe size))
(define-values (rx-in tx-out)
(ports->ssl-ports rx-in1 tx-out1
#:mode 'accept
#:context server-ctx
#:close-original? #t
#:shutdown-on-close? #t))
; the 'connect version is elided for brevity
;;; Rx
; sync on the UDP socket. When data is received, async-channel-put it onto rx-in-ch.
; sync on rx-in-ch. When data is received, write it onto rx-out port from make-pipe
; sync on rx-in port from make-pipe. When data is received it will be processed by a handler function
;;; Tx
; the handler function writes to tx-out
; sync on tx-in. When data is received, a handler will udp-send-to onto the UDP socket