Re: Why openssl is printing session ID where there is none sent by server, when using session ticket?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


On 15/01/2019 11:29, M K Saravanan wrote:
> Hi,
> 
> When I use openssl s_client to connect to a server which uses session
> ticket to resume a session (session ID is turned off), openssl is
> still printing a session ID where none is sent by the server (packet
> capture shows session ID length = zero in the Server Hello).


This is perhaps best explained by this comment in the client side code for
processing a new ticket from the server:

    /*
     * There are two ways to detect a resumed ticket session. One is to set
     * an appropriate session ID and then the server must return a match in
     * ServerHello. This allows the normal client session ID matching to work
     * and we know much earlier that the ticket has been accepted. The
     * other way is to set zero length session ID when the ticket is
     * presented and rely on the handshake to determine session resumption.
     * We choose the former approach because this fits in with assumptions
     * elsewhere in OpenSSL. The session ID is set to the SHA256 (or SHA1 is
     * SHA256 is disabled) hash of the ticket.
     */

So in other words, when the client receives a ticket from the server it assigns
it its own session id. This session id will be presented back to the server when
the client attempts to resume using the ticket - and the server MUST echo it
back if it accepts the ticket.

Matt




> 
> ==========
> New, TLSv1.2, Cipher is DHE-RSA-AES256-GCM-SHA384
> Server public key is 2048 bit
> Secure Renegotiation IS supported
> Compression: NONE
> Expansion: NONE
> No ALPN negotiated
> SSL-Session:
>     Protocol  : TLSv1.2
>     Cipher    : DHE-RSA-AES256-GCM-SHA384
>     Session-ID: 8C7B3863F4B599A10BB83258D0FCE0530CC3C858DC0E2561199599C4806D7457
>     Session-ID-ctx:
>     Master-Key:
> 226360F20D74DB3F5FED014C20AD897CF75C21D14FA358BE934BD50FAF4F1696CB9A05A45F6FACDD46D912CDAE060D0F
>     PSK identity: None
>     PSK identity hint: None
>     SRP username: None
>     TLS session ticket lifetime hint: 3600 (seconds)
>     TLS session ticket:
>     0000 - c9 c2 1a de f4 8f 59 1f-2a e1 58 b3 71 9f 9a 5f   ......Y.*.X.q.._
>     0010 - 2f eb 0f a6 4c 0a e4 11-d9 db 52 7f 12 f6 0e a6   /...L.....R.....
>     0020 - ec 2a c2 9b 3c d3 f5 b0-4e 93 b0 eb 44 12 3d 2b   .*..<...N...D.=+
>     0030 - 46 a1 16 4d 4b aa 0d e4-63 68 ae b9 b8 27 16 d5   F..MK...ch...'..
>     0040 - 1b d0 00 2c a5 48 5d b4-ba 44 3e 97 40 3e 74 ac   ...,.H]..D>.@>t.
>     0050 - 76 94 e4 ae 1b c5 bb 44-48 49 88 65 cc 3c fc 95   v......DHI.e.<..
>     0060 - 6e 92 ee 54 44 b1 f0 b1-7e 28 7d 5d 28 d1 00 1a   n..TD...~(}](...
>     0070 - 8e f3 53 34 bc d9 c7 7f-e5 21 1c 15 cf 19 21 4f   ..S4.....!....!O
>     0080 - 2b 51 b4 7c cf dd de 51-50 ce e2 b9 5f bd 65 55   +Q.|...QP..._.eU
>     0090 - c4 0d fc 0f 6f ee 40 08-ac 7c fa 2a fa 9c 07 1d   ....o.@..|.*....
>     00a0 - 60 97 19 fd f5 7f 3e 73-c0 24 0a 51 63 0d db 73   `.....>s.$.Qc..s
> 
>     Start Time: 1547551254
>     Timeout   : 7200 (sec)
>     Verify return code: 18 (self signed certificate)
>     Extended master secret: no
> ==========
> 
> OpenSSL version:
> 
> $ openssl version
> OpenSSL 1.1.1a  20 Nov 2018
> 
> OS version:
> $ lsb_release -a
> No LSB modules are available.
> Distributor ID: Ubuntu
> Description:    Ubuntu 18.04.1 LTS
> Release:        18.04
> Codename:       bionic
> ----------------------------------
> Is it a bug?
> 
> with regards,
> Saravanan
> 
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux