Closed TempoTian closed 2 months ago
Hello, as mentioned in the specification, it's the server responsibility to generate a session ID, therefore, you shouldn't generate a random session ID on client side but use the one provided to you by the server.
Allowing the generation of session IDs on client side would generate a security issue since the cryptographic strength of those session IDs would vary depending on the client.
Client generate random session ID and use it to communicate with server Test with other server success, but fail on this server.
Setup command like belowing:
Server report:
As spec show that
I think need memorize client session ID and build a map between client session ID and server session ID.