|
Hi,
We are using Scandium [1], and for now there is no way to do
that.
The StaleConnectionThreshold is the period of time of
inactivity (in seconds) after which a connection is considered
stale and can be evicted from the store if a new connection is to
be added to the store.
I opened a new issue about that :
https://github.com/eclipse/californium/issues/617
Simon
[1]:https://github.com/eclipse/californium
Le 24/04/2018 à 09:13, Andrei Baron a
écrit :
Hi,
I
have implemented a Leshan Server and a Leshan Client that
connects to the server using PSK mode.
I
see the original Client - Server handshake in Wireshark, but
after that the DTLS session seems to live forever.
After
checking the TLS 1.2 spec where it says: "An
upper limit of 24 hours is
suggested for session ID lifetimes, since an attacker who
obtains a master_secret may be able to impersonate the
compromised party until the corresponding session ID is
retired."
I
guess that after 24h, the DTLS session will expire and there
will be a new handshake made, but this was not what happened.
After 24h the DTLS session was still alive.
Setting StaleConnectionThreshold to
a lower value doesn't help, because this only makes a
connection stale, so it can be removed when there are new
connections that are waiting as there are a maxim active
connections set to 150000. Setting the Max
Connections to
a lower value is not a solution for me, because will limit the
number of parallel DTLS connections that the Leshan server
will managed.
How
can we find the Leshan Server DTLS session lifetime, and how
can we configured it?
Thanks,
Andrei Baron
_______________________________________________
leshan-dev mailing list
leshan-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/leshan-dev
|
