Skip to content

Fix Lightway#203 DTLS13 retransmission issue #323

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
kp-mariappan-ramasamy merged 3 commits into from
Jan 20, 2026
Merged

Fix Lightway#203 DTLS13 retransmission issue #323

kp-mariappan-ramasamy merged 3 commits into from
Jan 20, 2026
+282 −0

Conversation

@kp-mariappan-ramasamy
Copy link
Contributor

@kp-mariappan-ramasamy kp-mariappan-ramasamy commented Jan 7, 2026
edited
Loading

Fix for expressvpn/lightway#203

Wolfssl DTLS restricts retransmission within 1 sec which break our logic to scale the timer by 1/10.

This patch fixes it, by allowing wolfssl to take the timer value in milli seconds

From this PR:
https://github.com/wolfSSL/wolfssl/pull/9623/changes

@kp-mariappan-ramasamy kp-mariappan-ramasamy requested a review from a team as a code owner January 7, 2026 12:00
@github-actions
Copy link

github-actions bot commented Jan 7, 2026
edited
Loading

Code coverage summary for 2c93868:

Filename                             Regions    Missed Regions     Cover   Functions  Missed Functions  Executed       Lines      Missed Lines     Cover    Branches   Missed Branches     Cover
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
wolfssl-sys/src/lib.rs                    25                 0   100.00%           2                 0   100.00%          13                 0   100.00%           0                 0         -
wolfssl/src/aes256.rs                    166                 8    95.18%          11                 0   100.00%         124                 4    96.77%           0                 0         -
wolfssl/src/chacha20_poly1305.rs          75                 2    97.33%           5                 0   100.00%          66                 2    96.97%           0                 0         -
wolfssl/src/context.rs                   401               173    56.86%          41                14    65.85%         286               110    61.54%           0                 0         -
wolfssl/src/error.rs                      45                13    71.11%           5                 1    80.00%          44                11    75.00%           0                 0         -
wolfssl/src/lib.rs                        81                15    81.48%          11                 1    90.91%          72                13    81.94%           0                 0         -
wolfssl/src/rng.rs                        72                10    86.11%           6                 0   100.00%          42                 3    92.86%           0                 0         -
wolfssl/src/ssl.rs                      1285               376    70.74%          84                25    70.24%         837               250    70.13%           0                 0         -
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
TOTAL                                   2150               597    72.23%         165                41    75.15%        1484               393    73.52%           0                 0         -

✅ Region coverage 72% passes
✅ Line coverage 73% passes

@kp-mariappan-ramasamy
wolfssl-sys: fix dtls13-rtx-timer.patch for wolfssl 5.8.4
5cfdc44 
Adjust patch context and line numbers to match actual wolfssl 5.8.4 source:
- test_dtls.c: File ends at line 2259, not 2489. Updated context to match
  test_dtls_memio_wolfio_stateless instead of test_dtls_mtu_split_messages
- test_dtls.h: Fixed function declaration order and line numbers
@kp-mariappan-ramasamy
wolfssl-sys: Set DTLS13_MIN_RTX_INTERVAL as 100 ms
c8fe800 
I ran three iterations of Lightway client and observe the packet
capture before and after the configuration:

BEFORE (1000ms RTX)

| Run | Intervals (ms)                 |
|-----|--------------------------------|
| 1   | 101 → 1403 → 1601 → 3200       |
| 2   | 100 → 202 → 1203 → 1602 → 3202 |
| 3   | 101 → 602 → 801 → 1602 → 3202  |

---
AFTER (100ms RTX)

| Run | Intervals (ms)                      |
|-----|-------------------------------------|
| 1   | 102 → 201 → 401 → 801 → 1602 → 3201 |
| 2   | 101 → 201 → 401 → 801 → 1601 → 3201 |
| 3   | 100 → 201 → 401 → 801 → 1601 → 3201 |

- Consistent exponential backoff: 100ms → 200ms → 400ms → 800ms → 1600ms → 3200ms
- All 3 runs show identical behavior

The retransmission timing now follows the expected exponential backoff
pattern consistently across all test runs.
@kp-mariappan-ramasamy kp-mariappan-ramasamy merged commit 32f5df7 into main Jan 20, 2026
20 checks passed
@kp-mariappan-ramasamy kp-mariappan-ramasamy deleted the fix-rtx branch January 20, 2026 04:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kp-thomas-yau kp-thomas-yau kp-thomas-yau approved these changes

@xv-thomas-leong xv-thomas-leong xv-thomas-leong left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@kp-mariappan-ramasamy @xv-thomas-leong @kp-thomas-yau