On 01/10/2014 13:30, Nikos Mavrogiannopoulos wrote: > Interesting. There is the dtls-stress tool to reproduce that scenario > and I tried: > ./dtls-stress -full -shello 01234 -sfinished 01 -cfinished 01234 > CCertificate CKeyExchange CCertificateVerify CChangeCipherSpec > CFinished -d 6 > which filters the same packets as in your scenario, but everything goes well. > Weird. I'm not sure if that's relevant, but from what I understand, the proxy I used does a bit more than that, eg when the server resends its ServerHello flight, messages are reordered, and some of them are even "lost".
> The packets are filtered and retransmitted. Could you send me the full
> gnutls-cli log with -d 6 when the packets don't get send?
>
Sure, here it is (I hope attachments are ok for the list, otherwise I'll
resend). The client invocation was
gnutls-cli -u --insecure -p 5556 127.0.0.1 -d 6 > cli-d6.log 2>&1
The testing plaftorm is GNU/Linux.
Regards,
Manuel.
cli-d6.log.gz
Description: application/gzip
_______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
