DTLS does not handle timeouts correctly, because the timeout counter is reset every time anything has been received, and not only after a full handshake flight. The reset should only be done when the retransmission timer is stopped, otherwise the maximum number of retransmission is never met in case a flight always arrives incomplete, so retransmissions continue and the connection is not terminated.
Additionally, the retransmission counter is not increased when the server retransmits its last flight, which is triggered by the retransmission of the client's last flight. This is a problem if the server's last flight exceeds the path MTU, for example. In this case the flight will never arrive at the client, because the server is not counting retransmissions and will not reduce its MTU, or simply give up when the maximum number of retransmissions is reached. Best regards Robin
dtls-timeout-handling-bug-1.0.0.patch
Description: Binary data
dtls-timeout-handling-bug-1.0.1.patch
Description: Binary data
dtls-timeout-handling-bug-0.9.8.patch
Description: Binary data
