How does Secure Transport DTLS handles packet loss?

Hi,


I am working with Secure Transport for DTLS and I am facing an issue with packet loss. Our underlying transport is non-blocking. DTLS handshake works fine with normal network condition but mostly fails when I enable Very Bad Network using Network Link Conditioner on iOS devices.


So the question is how does Secure Transport handles packet loss and retransmission of the handshake packets? As of now we are calling 'SSLHandshake' and wait for the response from the server if we get the response then we call ' SSLHandshake' and repeat this until the handshake is successful.


But in case of packet loss I observe that sometimes when iOS receives 'Hello verify Req' from server it never calls 'Client Hello' again and handshake stalls. Do we need to keep on calling SSLHandshake to trigger the retransmission due to DTLS timer or it is taken care by Secure Transport? How shoule we use non-blocking transport in this case?


Thanks and regards!

Up vote post of sanaw Down vote post of sanaw
1.1k views
Posted by
sanaw
Reply
Add a Comment

Replies

Internally Secure Transport maintain a timeout for when it needs to retransmit (if you search the open source for 

timeout_deadline
you can see it there). Thus, if you call 
SSLHandshake
in a tight loop it’ll probably do the right thing. However, that’s clearly not feasible in a real product, and I don’t see any way for you to get this deadline from the context so that you know when is a good time to call 
SSLHandshake
.

If no one else chimes in I recommend you open a DTS tech support incident and I’ll dig into it in that context.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment