#7 Complete handshake when association already exists

[Olaf Bergmann]

When a client reboots and it obtains the same IP address and happens to use the same hard coded source port, it is unable to connect to server as the server disagrees on epoch. This seems to be related to Ticket #3.

The RFC says:

--
In
cases where a server believes it has an existing association on a
given host/port quartet and it receives an epoch=0 ClientHello, it
SHOULD proceed with a new handshake but MUST NOT destroy the existing
association until the client has demonstrated reachability either by
completing a cookie exchange or by completing a complete handshake
including delivering a verifiable Finished message.
--

(This assessment was provided by Teemu Savolainen.)

[Sachin]

We had also identified this issue in our setup few days ago. We updated dtls.c to detect if decrypt_verify fails due to epoch mis-match and if epoch is also 0, we allow tinyDTLS to respond with HelloVerifyRequest. When Server receives the CH again (with cookie) which demonstrates the reachability....it deletes the old HS key material. We can send you the patch if you are interested.

Thanks
Sachin
Intel Corporation

[Sachin]

Hi Teemu,

I am attaching here the patch which resolves above issue. We have also added a new command in dtls-client.c which exercises this issue by creating a new 'dtls-context' without deleting the old context. This command can be exercised by providing client:rehandshake to dtls-client application.

Let me know if you run into any issues while testing.

Thanks
Sachin
Intel Corp

[Teemu Savolainen]

Hi Sachin,

I finally managed to test your patch. It works most of the time, but when doing lots of reboots for the client, sometimes the server gets to state where it does not respond to Client Hello. I haven't yet pinpointed what causes that.. I'll let you know if I find something odd.

Thank you!

Teemu