[gnutls-help] DTLS retransmission issue with gnutls-cli
Manuel Pégourié-Gonnard
mpg at polarssl.org
Wed Oct 1 14:03:09 CEST 2014
On 01/10/2014 13:30, Nikos Mavrogiannopoulos wrote:
> Interesting. There is the dtls-stress tool to reproduce that scenario
> and I tried:
> ./dtls-stress -full -shello 01234 -sfinished 01 -cfinished 01234
> CCertificate CKeyExchange CCertificateVerify CChangeCipherSpec
> CFinished -d 6
> which filters the same packets as in your scenario, but everything goes well.
>
Weird. I'm not sure if that's relevant, but from what I understand, the proxy I
used does a bit more than that, eg when the server resends its ServerHello
flight, messages are reordered, and some of them are even "lost".
> The packets are filtered and retransmitted. Could you send me the full
> gnutls-cli log with -d 6 when the packets don't get send?
>
Sure, here it is (I hope attachments are ok for the list, otherwise I'll
resend). The client invocation was
gnutls-cli -u --insecure -p 5556 127.0.0.1 -d 6 > cli-d6.log 2>&1
The testing plaftorm is GNU/Linux.
Regards,
Manuel.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cli-d6.log.gz
Type: application/gzip
Size: 3049 bytes
Desc: not available
URL: </pipermail/attachments/20141001/bd7e2357/attachment.bin>
More information about the Gnutls-help
mailing list