TLS 0.9.6, question about session resumption.
Hi Cafe, I am trying to use the TLS package from hackage, and it works fine so far -- except when a client wants to do session resumption (note I am not an expert in TLS, so it might be something quite simple). In that case, I get an alert, "unexpected message", during handshake. The handshake goes like this: ClientHello (with a SessionID) ServerHello (with the same SessionID) ServerHelloDone and then the server says (AlertLevel_Fatal,UnexpectedMessage) I'm not sure whether the "ServerHelloDone" should happen when resuming. Does anyone have a hint what may be going wrong? I am using TLS10 and the tls package with version 0.9.6. Thanks, Christian
Hi,
2012/7/21 C Gosch
I am trying to use the TLS package from hackage, and it works fine so far -- except when a client wants to do session resumption (note I am not an expert in TLS, so it might be something quite simple). In that case, I get an alert, "unexpected message", during handshake.
The handshake goes like this: ClientHello (with a SessionID) ServerHello (with the same SessionID) ServerHelloDone
Not an expert either, but section 7.4 of the TLS 1.2 spec (rfc 5246) does seem to say that this ServerHelloDone should be a Finished message instead.
and then the server says (AlertLevel_Fatal,UnexpectedMessage)
Do you mean that the client says this? If so, this may obviously be correct if the server sends the wrong message. Pehaps you can test with a different server implementation?
I'm not sure whether the "ServerHelloDone" should happen when resuming. Does anyone have a hint what may be going wrong? I am using TLS10 and the tls package with version 0.9.6.
Bye Dominique
On 07/21/2012 05:12 PM, C Gosch wrote:
Hi Cafe,
and then the server says (AlertLevel_Fatal,UnexpectedMessage)
I'm not sure whether the "ServerHelloDone" should happen when resuming. Does anyone have a hint what may be going wrong? I am using TLS10 and the tls package with version 0.9.6. Hi Christian,
Domique is right, a sucessful session resumption should have a Finished message after ServerHello. It's not really clear what's your setup (are you trying to use TLS on server/client/both ?), and without some code, it's hard to debug your problem. The only thing that come to my mind is, did you setup your session callbacks correctly ? -- Vincent
Thank you Vincent and Dominique, I saw the session callbacks before, and guessed that I needed to store the SessionData for all SessionIDs and return them on resumption (correct me if that's wrong). However, I could not find a module that exports these two data types, so I figured maybe that's work in progress or something I am not meant to fumble with ... or maybe I was just too blind to see where I get the data types from. Can you help me out? Maybe it helps if I post the configuration that I used: initServerState :: IO ServerState initServerState = do gen <- newGenIO :: IO SystemRandom cert <- fileReadCertificate "cacert.pem" pk <- fileReadPrivateKey "privatekey2.pem" -- sessionMap <- newTMVar M.empty let params = defaultParams { pConnectVersion = TLS10 , pCiphers = ciphersuite_all , pLogging = TLSLogging { loggingPacketSent = noLog , loggingPacketRecv = noLog , loggingIOSent = \_ -> return () , loggingIORecv = \_ _ -> return () } , onHandshake = handshakeCallback , pUseSession = False -- FIXME: This should be True for session resumption, but session resumption fails so far ... -- The next two functions need SessionID and SessionData as arguments, but these are not exported by any module. -- , onSessionEstablished = \_ _ -> sessionEst sessionMap -- , onSessionResumption = \_ -> sessionRes sessionMap , onCertificatesRecv = certRecv , pCertificates = [(cert, Just pk)] } s <- listenOn (PortNumber 3000) -- ... and some more stuff down here having nothing to do with the -- networking... The client is a small Java program that just sends some data via a ssl connection. It works with the pUseSession = False setting as above, and it also works with an "openssl s_server". Cheers, Christian On Mon, 2012-07-23 at 15:33 +0100, Vincent Hanquez wrote:
On 07/21/2012 05:12 PM, C Gosch wrote:
Hi Cafe,
and then the server says (AlertLevel_Fatal,UnexpectedMessage)
I'm not sure whether the "ServerHelloDone" should happen when resuming. Does anyone have a hint what may be going wrong? I am using TLS10 and the tls package with version 0.9.6. Hi Christian,
Domique is right, a sucessful session resumption should have a Finished message after ServerHello.
It's not really clear what's your setup (are you trying to use TLS on server/client/both ?), and without some code, it's hard to debug your problem. The only thing that come to my mind is, did you setup your session callbacks correctly ?
I just modified TLS locally on my system to export SessionID and SessionData, and set the session callbacks to storing/retrieving the session data from a Map. After that, the resumption appears to work :-D Thanks a lot for that hint! Is that the way it's meant to be? If yes, how do I get the data types the "official way"? Cheers, Christian On Mon, 2012-07-23 at 15:33 +0100, Vincent Hanquez wrote:
On 07/21/2012 05:12 PM, C Gosch wrote:
Hi Cafe,
and then the server says (AlertLevel_Fatal,UnexpectedMessage)
I'm not sure whether the "ServerHelloDone" should happen when resuming. Does anyone have a hint what may be going wrong? I am using TLS10 and the tls package with version 0.9.6. Hi Christian,
Domique is right, a sucessful session resumption should have a Finished message after ServerHello.
It's not really clear what's your setup (are you trying to use TLS on server/client/both ?), and without some code, it's hard to debug your problem. The only thing that come to my mind is, did you setup your session callbacks correctly ?
On 07/23/2012 06:54 PM, . wrote:
I just modified TLS locally on my system to export SessionID and SessionData, and set the session callbacks to storing/retrieving the session data from a Map. After that, the resumption appears to work :-D Thanks a lot for that hint! Is that the way it's meant to be? If yes, how do I get the data types the "official way"? Cool. this is indeed an omission, it should have been exported.
I realized and fixed it couple of weeks ago in the next branch (upcoming tls 1.0) when doing cleanup around session management, but forgot to check master (tls-0.9.x). I've fixed it now, and pushed tls-0.9.8. Thanks, -- Vincent
Nice, thanks!!
Christian
Am 23.07.2012 um 22:28 schrieb Vincent Hanquez
On 07/23/2012 06:54 PM, . wrote:
I just modified TLS locally on my system to export SessionID and SessionData, and set the session callbacks to storing/retrieving the session data from a Map. After that, the resumption appears to work :-D Thanks a lot for that hint! Is that the way it's meant to be? If yes, how do I get the data types the "official way"? Cool. this is indeed an omission, it should have been exported.
I realized and fixed it couple of weeks ago in the next branch (upcoming tls 1.0) when doing cleanup around session management, but forgot to check master (tls-0.9.x).
I've fixed it now, and pushed tls-0.9.8.
Thanks, -- Vincent
participants (4)
-
. -
C Gosch
-
Dominique Devriese -
Vincent Hanquez