I am working with Secure Transport for DTLS and I am facing an issue with packet loss. Our underlying transport is non-blocking. DTLS handshake works fine with normal network condition but mostly fails when I enable Very Bad Network using Network Link Conditioner on iOS devices.
So the question is how does Secure Transport handles packet loss and retransmission of the handshake packets? As of now we are calling 'SSLHandshake' and wait for the response from the server if we get the response then we call ' SSLHandshake' and repeat this until the handshake is successful.
But in case of packet loss I observe that sometimes when iOS receives 'Hello verify Req' from server it never calls 'Client Hello' again and handshake stalls. Do we need to keep on calling SSLHandshake to trigger the retransmission due to DTLS timer or it is taken care by Secure Transport? How shoule we use non-blocking transport in this case?
Thanks and regards!
Internally Secure Transport maintain a timeout for when it needs to retransmit (if you search the open source for
timeout_deadline you can see it there). Thus, if you call
SSLHandshake in a tight loop it’ll probably do the right thing. However, that’s clearly not feasible in a real product, and I don’t see any way for you to get this deadline from the context so that you know when is a good time to call
If no one else chimes in I recommend you open a DTS tech support incident and I’ll dig into it in that context.
Share and Enjoy
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"