Topic: wolfSSL_get1_session returns NULL for ticket-resumed session (RFC5077)

Hi,

I am trying to use TLS session resumption with wolfSSL, but I encountered some issues when enabling RFC 5077 session tickets (wolfSSL_UseSessionTicket).

As shown in the cllient-tls-resume example (https://github.com/wolfSSL/wolfssl-exam … s-resume.c), I use wolfSSL_get1_session to get the session pointer (for now, I am relying on the internal session cache) before calling wolfSSL_shutdown on the ssl object.
Then, after creating a new ssl object with wolfSSL_new, I call wolfSSL_set_session to set the saved session to the ssl object.

This appears to work fine when I am not using ticket resumption. In such case, wolfSSL_get1_session always returns a non-NULL pointer, also for TLS connections which had been resumed from a previously saved session.

However, with ticket resumption enabled, wolfSSL_get1_session returns NULL for resumed sessions. That is:
1) no session saved, full handshake performed, ticket received from server. wolfSSL_get1_session returns a valid pointer
2) session resumed from the saved session, ticket sent to server, full handshake not performed, connection established. wolfSSL_get1_session returns NULL

It appears to be related to the session ID not really being used with RFC 5077 tickets (section 3.4) and wolfSSL using the session ID internally. Specifically, the NULL is returned because of the

    if (ssl->options.haveSessionId == 0)
        return NULL;

check in GetSession in https://raw.githubusercontent.com/wolfS … /src/ssl.c.

Am I doing something wrong, or is it a limitation of wolfSSL? And if it is a limitation of wolfSSL, are there any suggested workarounds?
I assume I could check for this condition, and if NULL is returned, use the previously stored pointer to resume the session next time. But in such case, I guess I would have to be quite careful about distinguishing this case from genuine errors when the session should be thrown away.

Thanks,
Martin

Share

Re: wolfSSL_get1_session returns NULL for ticket-resumed session (RFC5077)

Hi MartinH,

Can you tell us what it is you are working on?

We had made a fix last year to stop sending the session ID when session tickets were in use (change here: https://github.com/wolfSSL/wolfssl/pull/851/files) I am curious if this change is what is effecting your current use-case.

To clarify it sounds like you are trying to get the following flow of events working, please correct me if I am misunderstanding.

1) Connect to peer
2) Save session
3) Hangup
4) Load session
5) Resume session
6) Save session again
7) Hang up again
8) Load session again
9) Resume session again

Where things are going wrong for you are step 6 "Save session again" fails. Is my understanding correct?

Warm Regards,

Kaleb

Re: wolfSSL_get1_session returns NULL for ticket-resumed session (RFC5077)

Hi Kaleb,

I am working on an IoT device, and using TLS session resumption should help to reduce its data usage and energy consumption.

Yes, in step 6, wolfSSL_get1_session returns NULL. Since writing my original post, I checked again, and now I think that the workaround with using the session pointer stored previously is less risky than I originally thought.
Still, I think that wolfSSL_get1_session should not return NULL in such situation.

I don't think that the change made in https://github.com/wolfSSL/wolfssl/pull/851 is causing this behavior, because that change is in SendServerHello on the server side, and I am using openssl s_server as the test server and wolfSSL as client.

It could be related, though. RFC 5077, section 3.4 states

When presenting a ticket, the client MAY generate and include a Session ID in the TLS ClientHello.  If the server accepts the ticket and the Session ID is not empty, then it MUST respond with the same Session ID present in the ClientHello.

Maybe if the wolfSSL client sent its Session ID along with the ticket to the server and received the Session ID echoed by the server, wolfSSL_get1_session could start working. But I haven't checked if it wouldn't cause e.g. AddSession being called again, causing some other issues.

Best regards,
Martin

Share

4 (edited by MartinH 2018-07-26 06:28:28)

Re: wolfSSL_get1_session returns NULL for ticket-resumed session (RFC5077)

Hi Kaleb,

The test client I attached to https://www.wolfssl.com/forums/post4061.html#p4061 can also be used for reproducing this issue, just replace runTests.sh with runTests2.sh attached here (now the OpenSSL server is not restarted after each connection, so that resumption can really happen).
Edit: I attached the whole archive with fixed test client here, see below.

When running
runTests2.sh ticket
I get

INFO: UseSessionTicket requested
INFO: going to attempt connection
Session ID not reused; Successful resume.
Connected to server.
wolfSSL_get_chain_count returned: 1
wolfSSL_get1_session returned 0x7fc7dfcfb868
sizeOfExportedSession is 1284
INFO: going to attempt connection
INFO: session for resumption set to ssl
Session ID reused; Successful resume.
Connected to server.
wolfSSL_get_chain_count returned: 1
wolfSSL_get1_session returned (nil)
sizeOfExportedSession is -173
INFO: going to attempt connection
INFO: session for resumption set to ssl
Session ID reused; Successful resume.
Connected to server.
wolfSSL_get_chain_count returned: 1
wolfSSL_get1_session returned (nil)
sizeOfExportedSession is -173
...

So it looks like that when I use the previously stored pointer to the session, the session gets resumed (confirmed by observing the traffic in Wireshark), but something gets broken, and wolfSSL_i2d_SSL_SESSION stops working.

Edit: The negative values returned by wolfSSL_i2d_SSL_SESSION were due to an error in my code, I was calling wolfSSL_i2d_SSL_SESSION on the returned NULL pointer instead of on the previously strored pointer. After fixing this, the correct value is returned.
I updated the attachment with the fixed code. To reproduce this " wolfSSL_get1_session returns NULL" issue, run demo2.

Best regards,
Martin

Post's attachments

wolfSSL_demo2.tar.gz 7.05 kb, 4 downloads since 2018-07-26 

You don't have the permssions to download the attachments of this post.

Share

Re: wolfSSL_get1_session returns NULL for ticket-resumed session (RFC5077)

Martin,

So sorry for the delay. Your colleague has been in touch with Rod Weaver and we are tracking these items now in our support domain which will guarantee faster response times!

I'll be reviewing the examples you sent over today.

Warm Regards,

Kaleb

Re: wolfSSL_get1_session returns NULL for ticket-resumed session (RFC5077)

Hello,

For this one, we have applied a workaround, we stored the session pointer when a non-NULL was returned, and then used this stored pointer when NULL was returned.

I am not aware if the issue has been addressed on wolfSSL side, because the workaround was good enough for our use case.

Best regards,
Martin

Share