On Apr 22, 2011, at 2:56 PM, N. J. wrote: > Thanks for the reply Andy, > > Please find hereafter the full description. I hope it is more clear. > > 1. What are you doing exactly: > N> > I am testing the session resumption feature available with OpenSSL using > "s_client". My setup has a machine running "s_client and another one running > "s_server". I am using OpenSSL 1.0.0a. > I am testing with both, TLS and DTLS, and I uses the "-reconnect" handler to > test the session resumption feature. For example: > openssl s_client -connect 10.1.1.1:4443 -dtls1 -reconnect > " -reconnect - Drop and re-make the connection with the same Session-ID" > > 3. What do you expect to see. > N> > I expect to see the following in accordance to the documentation of OpenSSL: > "The client reconnects to the same server 5 times using the same session ID" > > 2. What do you see. > N> > With TLS all good, I can see the session getting resumed as per the OpenSSL's > documentaton. I can see the client sending the session resumption hellos and > the server replying back and both finishing the session resumption cycle > multiple times. > > When I use DTLS instead, with the "-dtls1" handler, I can see the client and > server getting initially connected. However, when the client tries to > reconnect by sending a session resumption client hello, the server never > respond. Dear all,
Robin Seggelmann and myself have verified that there is some issue using DTLS. He will look into this as soon as time permits... Best regards Michael > > > Thanks, > Nadhem > From: Andrey Kulikov <[email protected]> > To: [email protected] > Sent: Fri, April 22, 2011 3:26:56 PM > Subject: Re: s_client -reconnect with DTLS > > Hello, > > I'm sure you'll get help faster, if you describe: > 1. What are you doing exactly. > 2. What do you see. > 3. What do you expect to see. > > This is absolutelly necessary steps, as all telepathist is on vacation now. > > On 22 April 2011 15:50, N. J. <[email protected]> wrote: > Hi again, > > > I am not sure if someone can help confirming that the "-reconnect" option is > broken with the dtls implementation? Please refer to my email below. > Looking forward for your support. > > Regards, > Nadhem > > Hi there, > > I have been trying to get the s_client "-reconnect" option working with my > s_server but had no luck when using DTLS, "-dtls1". > I could not find any information why it is not working so I wonder if this is > broken in openssl 1.0.0a. If so, is there any fix? > > Thanks in advance, > Nadhem > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
