Thank you Vincent and Dominique, I saw the session callbacks before, and guessed that I needed to store the SessionData for all SessionIDs and return them on resumption (correct me if that's wrong). However, I could not find a module that exports these two data types, so I figured maybe that's work in progress or something I am not meant to fumble with ... or maybe I was just too blind to see where I get the data types from. Can you help me out? Maybe it helps if I post the configuration that I used: initServerState :: IO ServerState initServerState = do gen <- newGenIO :: IO SystemRandom cert <- fileReadCertificate "cacert.pem" pk <- fileReadPrivateKey "privatekey2.pem" -- sessionMap <- newTMVar M.empty let params = defaultParams { pConnectVersion = TLS10 , pCiphers = ciphersuite_all , pLogging = TLSLogging { loggingPacketSent = noLog , loggingPacketRecv = noLog , loggingIOSent = \_ -> return () , loggingIORecv = \_ _ -> return () } , onHandshake = handshakeCallback , pUseSession = False -- FIXME: This should be True for session resumption, but session resumption fails so far ... -- The next two functions need SessionID and SessionData as arguments, but these are not exported by any module. -- , onSessionEstablished = \_ _ -> sessionEst sessionMap -- , onSessionResumption = \_ -> sessionRes sessionMap , onCertificatesRecv = certRecv , pCertificates = [(cert, Just pk)] } s <- listenOn (PortNumber 3000) -- ... and some more stuff down here having nothing to do with the -- networking... The client is a small Java program that just sends some data via a ssl connection. It works with the pUseSession = False setting as above, and it also works with an "openssl s_server". Cheers, Christian On Mon, 2012-07-23 at 15:33 +0100, Vincent Hanquez wrote:
On 07/21/2012 05:12 PM, C Gosch wrote:
Hi Cafe,
and then the server says (AlertLevel_Fatal,UnexpectedMessage)
I'm not sure whether the "ServerHelloDone" should happen when resuming. Does anyone have a hint what may be going wrong? I am using TLS10 and the tls package with version 0.9.6. Hi Christian,
Domique is right, a sucessful session resumption should have a Finished message after ServerHello.
It's not really clear what's your setup (are you trying to use TLS on server/client/both ?), and without some code, it's hard to debug your problem. The only thing that come to my mind is, did you setup your session callbacks correctly ?