Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[leshan-dev] When does the DTLS session expires in an Leshan Server?

Hi,

I have implemented a Leshan Server and a Leshan Client that connects to the server using PSK mode.

I see the original Client - Server handshake in Wireshark, but after that the DTLS session seems to live forever.

After checking the TLS 1.2 spec where it says: "An upper limit of 24 hours is suggested for session ID lifetimes, since an attacker who obtains a master_secret may be able to impersonate the compromised party until the corresponding session ID is retired."

I guess that after 24h, the DTLS session will expire and there will be a new handshake made, but this was not what happened. After 24h the DTLS session was still alive.

Setting StaleConnectionThreshold to a lower value doesn't help, because this only makes a connection stale, so it can be removed when there are new connections that are waiting as there are a maxim active connections set to 150000. Setting the Max Connections to a lower value is not a solution for me, because will limit the number of parallel DTLS connections that the Leshan server will managed.

How can we find the Leshan Server DTLS session lifetime, and how can we configured it?

Thanks,
Andrei Baron

Back to the top