[Haskell-cafe] TLS 0.9.6, question about session resumption.

. ch.gosch at googlemail.com
Mon Jul 23 19:22:56 CEST 2012 

Thank you Vincent and Dominique,

I saw the session callbacks before, and guessed that I needed to store
the SessionData for all SessionIDs and return them on resumption
(correct me if that's wrong).
However, I could not find a module that exports these two data types, so
I figured maybe that's work in progress or something I am not meant to
fumble with ... or maybe I was just too blind to see where I get the
data types from. Can you help me out?

Maybe it helps if I post the configuration that I used:

initServerState :: IO ServerState
initServerState = do
  gen <- newGenIO :: IO SystemRandom
  cert <- fileReadCertificate "cacert.pem"
  pk <- fileReadPrivateKey "privatekey2.pem"
  -- sessionMap <- newTMVar M.empty
  let params = defaultParams { 
        pConnectVersion = TLS10 
        , pCiphers = ciphersuite_all
        , pLogging = TLSLogging { loggingPacketSent = noLog
                                , loggingPacketRecv = noLog 
                                , loggingIOSent = \_ -> return ()
                                , loggingIORecv = \_ _ -> return () } 
        , onHandshake = handshakeCallback
        , pUseSession = False -- FIXME: This should be True for session
resumption, but session resumption fails so far ...
                        -- The next two functions need SessionID and
SessionData as arguments, but these are not exported by any module.
        -- , onSessionEstablished = \_ _ -> sessionEst sessionMap
        -- , onSessionResumption = \_ -> sessionRes sessionMap
        , onCertificatesRecv = certRecv 
        , pCertificates = [(cert, Just pk)] }
  
  s <- listenOn (PortNumber 3000)


  -- ... and some more stuff down here having nothing to do with the   
  --     networking...


The client is a small Java program that just sends some data via a ssl
connection. It works with the pUseSession = False setting as above, and
it also works with an "openssl s_server".


Cheers,
Christian



On Mon, 2012-07-23 at 15:33 +0100, Vincent Hanquez wrote:
> On 07/21/2012 05:12 PM, C Gosch wrote:
> > Hi Cafe,
> >
> > and then the server says
> >   (AlertLevel_Fatal,UnexpectedMessage)
> >
> > I'm not sure whether the "ServerHelloDone" should happen when resuming.
> > Does anyone have a hint what may be going wrong?
> > I am using TLS10 and the tls package with version 0.9.6.
> Hi Christian,
> 
> Domique is right, a sucessful session resumption should have a Finished message 
> after ServerHello.
> 
> It's not really clear what's your setup (are you trying to use TLS on 
> server/client/both ?), and without some code, it's hard to debug your problem. 
> The only thing that come to my mind is, did you setup your session callbacks 
> correctly ?
>

More information about the Haskell-Cafe mailing list