[sr #107948] DTLS handshake deadlocks on packet loss

anonymous INVALID.NOREPLY at gnu.org
Thu Feb 9 00:40:42 CET 2012

Follow-up Comment #11, sr #107948 (project gnutls):

Now the server side of things works nicely with lost packets. Only dropping
three server hello flights still kills the handshake and forces the client to
time out, but that's fine. Similar result on the client side. Almost all is
well, only losing two ChangeCipherSpec packets is still fatal. The handshake
does not deadlock, it simply times out, so that is pretty much fine too. All
in all, the bug looks squashed for nonblocking.

For blocking, I still see deadlocks, but since can't reproduce, and mini-loss
runs fine, I must be doing something wrong there.

Judging from this new robustness against loss, packet reordering should be no
problem either. If you wish, I can test that thoroughly as well.

As for my test code: an update with client drop predicates is attached; if you
want to use it for the GnuTLS test suite, I'd be happy to rewrite it and grant
you whatever rights necessary.

(file #25032)

Additional Item Attachment:

File name: handshake-all.cpp              Size:6 KB


Reply to this item at:


  Message sent via/by Savannah

More information about the Gnutls-devel mailing list