You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello, I'm trying to intercept data between slow IoT DTLS device (server) and phone app. I used mitmproxy for it, but the server never responds to the 2nd client hello (it does to the 1st). I then used socat to troubleshoot and found out that by default it doesn't even work with socat, unless I add rcvtimeo=1 option. That option retransmits clienthello after 1 second and then everything works.
My assumption is that the device is just very slow and misses the 2nd clienthello. I ran wireshark and from phone it takes ~10ms, while mitmproxy does it in under 1ms. The next message after the 2nd clienthello is supposed to be serverhello.
Is there any way to either slow down mitmproxy dtls negotiation, so that the device can have a chance to process the negotiation packets, or have mitmproxy re-send the clienthello if there is no response from the server? Like rcvtimeo=1 in socat.
Thanks.
Just a note: running openssl s_client -dtls1_2 -connect :8899 -noservername -cipher ECDHE-RSA-AES128-GCM-SHA256 -mtu 1200 -timeout works.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Hello, I'm trying to intercept data between slow IoT DTLS device (server) and phone app. I used mitmproxy for it, but the server never responds to the 2nd client hello (it does to the 1st). I then used socat to troubleshoot and found out that by default it doesn't even work with socat, unless I add rcvtimeo=1 option. That option retransmits clienthello after 1 second and then everything works.
My assumption is that the device is just very slow and misses the 2nd clienthello. I ran wireshark and from phone it takes ~10ms, while mitmproxy does it in under 1ms. The next message after the 2nd clienthello is supposed to be serverhello.
Is there any way to either slow down mitmproxy dtls negotiation, so that the device can have a chance to process the negotiation packets, or have mitmproxy re-send the clienthello if there is no response from the server? Like rcvtimeo=1 in socat.
Thanks.
Just a note: running openssl s_client -dtls1_2 -connect :8899 -noservername -cipher ECDHE-RSA-AES128-GCM-SHA256 -mtu 1200 -timeout works.
Beta Was this translation helpful? Give feedback.
All reactions