Hi,
I am trying to perform DTLS handshake with web browsers. At this moment connecting with Firefox works well but I have a small problem with Google Chrome.
The flow is as follows.
Chrome sends ClientHello
My server receives ClientHello and passes it to SSL_do_handshake.
SSL_do_handshake generates ServerHello.
SSL_do_handshake generates ServerHello.
I try to send ServerHello but because I use ICE my connection is not ready to send yet and the process fails.
Chrome doesn't see a response for its ClientHello so it performs retransmission of ClientHello.
My server receives retransmitted ClientHello and passes it to SSL_do_handshake.
In the meantime ICE is ready to send messages to Chrome.
SSL_do_handshake receives retransmitted ClientHello but this time it doesn't generate ServerHello.
The situation continues to happen and finally after passing ClientHello for the 3rd or 4th time SSL_do_handshake generates once again ServerHello which now I can send to Chrome.
My question is: should I cache the ServerHello generated at first time and then after receiving retransmission of ClientHello just send cached ServerHello or I should pass retransmitted ClientHello to SSL_do_handshake (as I am doing it now) and hope it will generate ServerHello once again? Is it expected behaviour that SSL_do_handshake after receiving exactly the same ClientHello doesn't generate ServerHello once again?
Best regards,
Michał
