• Registered: 2019-05-01
  • Posts: 3

Topic: DTLS example, server did not received second message

Hi Guys,
I tried DTLS example from https://github.com/wolfSSL/wolfssl-exam … ster/dtls, I ran dtls-server and dtls-client.
1. client sent "msg1" to server, server received "msg1" and send back to client, that worked well
2. client sent another message "msg2" to server, server did not received this second message any more
I want to test ping-pong to send/receive multiple request between client and server, how can I do that?
Thanks for your help.

Share

  • From: Bozeman
  • Registered: 2014-05-09
  • Posts: 777

Re: DTLS example, server did not received second message

Hi @programervn,

You could just add a nested loop around the wolfSSL_read call, starting on line 191 of the example, and close the loop after the write on line 215 of the example server. This will prevent the server from cleaning up and looping back to wait for a new client after the first message. You might want to add an abort condition such as if the client sends the message "shutdown" then exit the infinite nested read/write loop.

Warm Regards,

K

Kaleb J. Himes's Website

Share

  • Registered: 2019-05-01
  • Posts: 3

Re: DTLS example, server did not received second message

Thanks Mr Kaleb J. Himes,
It works,
But now the second client can not establish connection to server, due to server in while loop for the first client.
Can you share me your experience to work around this issue?
Thanks for your help.
programervn.

Kaleb J. Himes wrote:

Hi @programervn,

You could just add a nested loop around the wolfSSL_read call, starting on line 191 of the example, and close the loop after the write on line 215 of the example server. This will prevent the server from cleaning up and looping back to wait for a new client after the first message. You might want to add an abort condition such as if the client sends the message "shutdown" then exit the infinite nested read/write loop.

Warm Regards,

K

Share

  • From: Bozeman
  • Registered: 2014-05-09
  • Posts: 777

Re: DTLS example, server did not received second message

@programervn,

The use case you've just inquired about is quite complex with DTLS. Remember with UDP Datagrams all arrive on the same port on the server side unlike TLS which uses a tuple to guide traffic to a unique destination port on the server. Because of this the only way to handle many clients in parallel is do the following setup:

1) Configure the underlying I/O to be nonblocking (nonblocking sockets)
2) Implement a database or table for storing SSL object references
3) Peek at the header information in arriving datagrams and get the IP/port number of the client (will be unique based on IP/port combination). Parse your table/database, if no SSL object exists for the IP/port combination then create a new SSL object and register an entry in your table/database associating the IP/port with the ssl object reference.
4) For any IP/port combination registered with an SSL object in the lookup table/database return that SSL object for handling that datagram.
5) Make sure to clear out entries when the connection terminates.

The complexity of this setup is significant, if you have any issues and need assistance we do provide consulting services to assist with complex setups of this nature. If you need further assistance or are interested in our engineering services shoot an email to support@wolfssl.com for more help.

Warmest Regards,

K

Kaleb J. Himes's Website

Share

  • Registered: 2019-05-01
  • Posts: 3

Re: DTLS example, server did not received second message

Thanks Mr Kaleb,
I'll contact your support by email
programervn,

Kaleb J. Himes wrote:

@programervn,

The use case you've just inquired about is quite complex with DTLS. Remember with UDP Datagrams all arrive on the same port on the server side unlike TLS which uses a tuple to guide traffic to a unique destination port on the server. Because of this the only way to handle many clients in parallel is do the following setup:

1) Configure the underlying I/O to be nonblocking (nonblocking sockets)
2) Implement a database or table for storing SSL object references
3) Peek at the header information in arriving datagrams and get the IP/port number of the client (will be unique based on IP/port combination). Parse your table/database, if no SSL object exists for the IP/port combination then create a new SSL object and register an entry in your table/database associating the IP/port with the ssl object reference.
4) For any IP/port combination registered with an SSL object in the lookup table/database return that SSL object for handling that datagram.
5) Make sure to clear out entries when the connection terminates.

The complexity of this setup is significant, if you have any issues and need assistance we do provide consulting services to assist with complex setups of this nature. If you need further assistance or are interested in our engineering services shoot an email to support@wolfssl.com for more help.

Warmest Regards,

K

Share