Uploaded image for project: 'Erlang/OTP'
  1. Erlang/OTP
  2. ERL-1203

DTLS rehandshake not working

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: ssl
    • Labels:
      None

      Description

      Hi,

      I found that the DTLS re-handshake is not working, because the dtls_connection simply drops the handshake with old epochs:

      https://github.com/erlang/otp/blob/a868d29999c7e031f93fc21f0bd8614cbd4b7642/lib/ssl/src/dtls_connection.erl#L142

      But from the protocol definition it says DTLS servers should handle such scenarios by initiate a new handshake:

      https://tools.ietf.org/html/rfc6347#section-4.2.8

      I need this re-handshake capability because our devices may send a `client hello` message on a already established DTLS connection after reboot.

      I've read the code but I'm still not familiar with the dtls procedure for now..

      Could you help fix this issue or just give me a simple code example first, so I can fix and rebuild my own ssl application to make our dtls server work?

      //Regards

      Shawn

        Attachments

          Activity

            People

            Assignee:
            otp_team_ps Team PS
            Reporter:
            terry-xiaoyu terry-xiaoyu
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated: