| When does the DTLS session expires in an Leshan Server? [message #1784552] |
Thu, 29 March 2018 05:53  |
Eclipse User |
|
|
|
I have implemented a Leshan Server and a Leshan Client that connects to the server using PSK mode.
I see the original Client - Server handshake in Wireshark, but after that the DTLS session seems to live forever.
After checking the TLS 1.2 spec where it says: "An upper limit of 24 hours is suggested for session ID lifetimes, since an attacker who obtains a master_secret may be able to impersonate the compromised party until the corresponding session ID is retired."
I guess that after 24h, the DTLS session will expire and there will be a new handshake made, but this was not what happened. After 24h the DTLS session was still alive.
Setting StaleConnectionThreshold to a lower value doesn't help, because this only makes a connection stale, so it can be removed when there are new connections that are waiting as there are a maxim active connections set to 150000. Setting the Max Connections to a lower value is not a solution for me, because will limit the number of parallel DTLS connections that the Leshan server will managed.
How can we find the Leshan Server DTLS session lifetime, and how can we configured it?
Thanks
|
|
|
|
Powered by
FUDForum. Page generated in 0.07492 seconds
Home