Missing close_notify
Status: Alpha
Brought to you by:
obgm
I play with tinyDTLS my use case is : a device A (tinydtls) which starts a DTLS session with a server B (scandium). They exchange some application data then A close the DTLS session with close_notify. B MUST send a close_notify to A. Later B start a handshake with A to exchange some other application data. It works but as alert are not retransmitted by DTLS and so may be lost over an unreliable network.(https://tools.ietf.org/html/rfc6012#section-5.5) In the case where A don't receive a close_notify from B it seems when B start the handshake it failed with **Sep 12 18:45:01 ALRT No security context for epoch: 0** I suppose because the peer was not removed waiting a server close_notify which will never arrived because it was lost. (see dtls_handle_message)
I guess there should be a timeout for close_notify, and when nothing has arrived by then, the session state is removed.
In the spec, they say "A transport sender (DTLS client) MAY choose to not wait for the transport receiver's close_notify alert and simply close the DTLS connection"
Maybe this is the simplest solution.