-
-
Notifications
You must be signed in to change notification settings - Fork 381
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DTLSListener gets stuck in accept when DTLS Handshake fails #614
Comments
Unfortunately we are facing the same problem. Sometimes connecting our NB-IoT devices via a CoAP Library fails due to packet loss. Afterwards no new handshakes are possible and we are forced to restart the server. The mentioned library uses webrtc-rs for DTLS handshakes too |
The @rainliu could you comment on this line? What was the plan here? |
I'm not sure if this is intentional or not but the problem is in essence that
DTLSConn::new()
has no timeout within theaccept()
function.So whenever a handshake fails for various reasons, accept will not be able to return any new connection.
This happens for example with my laptop, which has wifi and ethernet ports.
Opening a DTLSListener on this device on
0.0.0.0:4242
accepts connections via WIFI and Ethernet (two separate ips), howeverthe Ethernet port is preferred leading to response messages being sent only via the Ethernet port.
Connecting to the WIFI IP leads to
self.parent.accept().await?
returning successfully, however theDTLSConn::new()
call blocks indefinitely since the Handshake fails. Thereforeaccept
never returns, which leaves theDTLSListener
in a broken state.the attached image illustrates the problem: 192.168.178.189 is the wifi port on the laptop and 192.168.178.172 is the ethernet port.
The Client Hello is sent to the WIFI port but the Helly Verify Request is received from the ethernet port. The last five lines show the (unsuccessful) attempt of connecting to the Ethernet IP.
Server log with log messages for the
self.parent.accept()
and DTLSCon::new()` calls:The text was updated successfully, but these errors were encountered: