ThreadedServerWorkflowExecutor with DTLS 1.2

[Smuul]

Title: ThreadedServerWorkflowExecutor with DTLS 1.2

Description:

I am trying to use the ThreadedServerWorkflowExecutor feature, but I'm encountering some issues when attempting to use it with DTLS 1.2.

Scenario:

I run TLS-Attacker using the following command:
java -jar apps/TLS-Server.jar -port 4433 -version DTLS12 -executor_type THREADED_SERVER -workflow_trace_type HANDSHAKE

This yields the output:

On the other hand, I execute an OpenSSL client like this:
openssl s_client -dtls1_2 -connect 127.0.0.1:4433

However, it appears that the DTLS server is not receiving any data, despite the Client Hello being sent, as illustrated below:

Observations:

Interestingly, if I use TLS 1.2 instead of DTLS 1.2, everything seems to work properly. When using TLS, the Client Hello and subsequent handshake messages are received and processed without issue, as shown here:
java -jar apps/TLS-Server.jar -port 4433 -version TLS12 -executor_type THREADED_SERVER -workflow_trace_type HANDSHAKE
openssl s_client -tls1_2 -connect 127.0.0.1:4433

Request for Assistance:

I'm reaching out to see if anyone has insights into what might be causing this problem. Specifically:

• Is ThreadedServerWorkflowExecutor fully implemented for DTLS 1.2?
• Could there be a misconfiguration or missing setting that I need to adjust?

Any guidance or support would be greatly appreciated. Thank you!

[mmaehren]

Hey,

unfortunately, we do not support the threaded executor for DTLS. For UDP, we cannot simply spawn a new socket for each connecting client using Java's API. Effectively, we would have to map incoming DTLS traffic to the correct execution thread ourselves. It is a planned feature but we will probably wait until we implement DTLS 1.3 and connection ID support.