Thanks for the reply Andy, Please find hereafter the full description. I hope it is more clear.
1. What are you doing exactly: N> I am testing the session resumption feature available with OpenSSL using "s_client". My setup has a machine running "s_client and another one running "s_server". I am using OpenSSL 1.0.0a. I am testing with both, TLS and DTLS, and I uses the "-reconnect" handler to test the session resumption feature. For example: openssl s_client -connect 10.1.1.1:4443 -dtls1 -reconnect " -reconnect - Drop and re-make the connection with the same Session-ID" 3. What do you expect to see. N> I expect to see the following in accordance to the documentation of OpenSSL: "The client reconnects to the same server 5 times using the same session ID" 2. What do you see. N> With TLS all good, I can see the session getting resumed as per the OpenSSL's documentaton. I can see the client sending the session resumption hellos and the server replying back and both finishing the session resumption cycle multiple times. When I use DTLS instead, with the "-dtls1" handler, I can see the client and server getting initially connected. However, when the client tries to reconnect by sending a session resumption client hello, the server never respond. Thanks, Nadhem ________________________________ From: Andrey Kulikov <[email protected]> To: [email protected] Sent: Fri, April 22, 2011 3:26:56 PM Subject: Re: s_client -reconnect with DTLS Hello, I'm sure you'll get help faster, if you describe: 1. What are you doing exactly. 2. What do you see. 3. What do you expect to see. This is absolutelly necessary steps, as all telepathist is on vacation now. On 22 April 2011 15:50, N. J. <[email protected]> wrote: Hi again, > > > > >I am not sure if someone can help confirming that the "-reconnect" option is >broken with the dtls implementation? Please refer to my email below. >Looking forward for your support. > > >Regards, >Nadhem > > > ________________________________ >Hi there, > > >I have been trying to get the s_client "-reconnect" option working with my >s_server but had no luck when using DTLS, "-dtls1". >I could not find any information why it is not working so I wonder if this is >broken in openssl 1.0.0a. If so, is there any fix? > > >Thanks in advance, >Nadhem
