[openssl-users] Why openssl is printing session ID where there is none sent by server, when using session ticket?
Matt Caswell
matt at openssl.org
Tue Jan 15 12:01:37 UTC 2019
On 15/01/2019 11:29, M K Saravanan wrote:
> Hi,
>
> When I use openssl s_client to connect to a server which uses session
> ticket to resume a session (session ID is turned off), openssl is
> still printing a session ID where none is sent by the server (packet
> capture shows session ID length = zero in the Server Hello).
This is perhaps best explained by this comment in the client side code for
processing a new ticket from the server:
/*
* There are two ways to detect a resumed ticket session. One is to set
* an appropriate session ID and then the server must return a match in
* ServerHello. This allows the normal client session ID matching to work
* and we know much earlier that the ticket has been accepted. The
* other way is to set zero length session ID when the ticket is
* presented and rely on the handshake to determine session resumption.
* We choose the former approach because this fits in with assumptions
* elsewhere in OpenSSL. The session ID is set to the SHA256 (or SHA1 is
* SHA256 is disabled) hash of the ticket.
*/
So in other words, when the client receives a ticket from the server it assigns
it its own session id. This session id will be presented back to the server when
the client attempts to resume using the ticket - and the server MUST echo it
back if it accepts the ticket.
Matt
>
> ==========
> New, TLSv1.2, Cipher is DHE-RSA-AES256-GCM-SHA384
> Server public key is 2048 bit
> Secure Renegotiation IS supported
> Compression: NONE
> Expansion: NONE
> No ALPN negotiated
> SSL-Session:
> Protocol : TLSv1.2
> Cipher : DHE-RSA-AES256-GCM-SHA384
> Session-ID: 8C7B3863F4B599A10BB83258D0FCE0530CC3C858DC0E2561199599C4806D7457
> Session-ID-ctx:
> Master-Key:
> 226360F20D74DB3F5FED014C20AD897CF75C21D14FA358BE934BD50FAF4F1696CB9A05A45F6FACDD46D912CDAE060D0F
> PSK identity: None
> PSK identity hint: None
> SRP username: None
> TLS session ticket lifetime hint: 3600 (seconds)
> TLS session ticket:
> 0000 - c9 c2 1a de f4 8f 59 1f-2a e1 58 b3 71 9f 9a 5f ......Y.*.X.q.._
> 0010 - 2f eb 0f a6 4c 0a e4 11-d9 db 52 7f 12 f6 0e a6 /...L.....R.....
> 0020 - ec 2a c2 9b 3c d3 f5 b0-4e 93 b0 eb 44 12 3d 2b .*..<...N...D.=+
> 0030 - 46 a1 16 4d 4b aa 0d e4-63 68 ae b9 b8 27 16 d5 F..MK...ch...'..
> 0040 - 1b d0 00 2c a5 48 5d b4-ba 44 3e 97 40 3e 74 ac ...,.H]..D>.@>t.
> 0050 - 76 94 e4 ae 1b c5 bb 44-48 49 88 65 cc 3c fc 95 v......DHI.e.<..
> 0060 - 6e 92 ee 54 44 b1 f0 b1-7e 28 7d 5d 28 d1 00 1a n..TD...~(}](...
> 0070 - 8e f3 53 34 bc d9 c7 7f-e5 21 1c 15 cf 19 21 4f ..S4.....!....!O
> 0080 - 2b 51 b4 7c cf dd de 51-50 ce e2 b9 5f bd 65 55 +Q.|...QP..._.eU
> 0090 - c4 0d fc 0f 6f ee 40 08-ac 7c fa 2a fa 9c 07 1d ....o. at ..|.*....
> 00a0 - 60 97 19 fd f5 7f 3e 73-c0 24 0a 51 63 0d db 73 `.....>s.$.Qc..s
>
> Start Time: 1547551254
> Timeout : 7200 (sec)
> Verify return code: 18 (self signed certificate)
> Extended master secret: no
> ==========
>
> OpenSSL version:
>
> $ openssl version
> OpenSSL 1.1.1a 20 Nov 2018
>
> OS version:
> $ lsb_release -a
> No LSB modules are available.
> Distributor ID: Ubuntu
> Description: Ubuntu 18.04.1 LTS
> Release: 18.04
> Codename: bionic
> ----------------------------------
> Is it a bug?
>
> with regards,
> Saravanan
>
More information about the openssl-users
mailing list