Why was early data rejected?

classic Classic list List threaded Threaded
10 messages Options
Reply | Threaded
Open this post in threaded view
|

Why was early data rejected?

John Jiang
I just build OpenSSL 1.1.1 on MacOSX.
Tried 0-RTT, and the commands like the followings,
openssl s_server -cert server.cer -key server.key -tls1_3 -early_data -accept 9443
...
openssl s_client -CAfile ca.cer -tls1_3 -sess_in openssl.sess -early_data data -connect localhost:9443

s_client reported
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
...
Early data was rejected
Verify return code: 0 (ok)

What's wrong with my testing?

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Why was early data rejected?

Matt Caswell-2


On 12/09/18 08:07, John Jiang wrote:

> I just build OpenSSL 1.1.1 on MacOSX.
> Tried 0-RTT, and the commands like the followings,
> openssl s_server -cert server.cer -key server.key -tls1_3 -early_data
> -accept 9443
> ...
> openssl s_client -CAfile ca.cer -tls1_3 -sess_in openssl.sess
> -early_data data -connect localhost:9443
>
> s_client reported
> New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384

The "New" here means that the resumption attempt failed. Successful
resumption is a pre-requisite for early data. How did you create
"openssl.sess"?

Matt


> ...
> Early data was rejected
> Verify return code: 0 (ok)
>
> What's wrong with my testing?
>
>
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Why was early data rejected?

John Jiang


Matt Caswell <[hidden email]> 于2018年9月12日周三 下午4:16写道:


On 12/09/18 08:07, John Jiang wrote:
> I just build OpenSSL 1.1.1 on MacOSX.
> Tried 0-RTT, and the commands like the followings,
> openssl s_server -cert server.cer -key server.key -tls1_3 -early_data
> -accept 9443
> ...
> openssl s_client -CAfile ca.cer -tls1_3 -sess_in openssl.sess
> -early_data data -connect localhost:9443
>
> s_client reported
> New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384

The "New" here means that the resumption attempt failed. Successful
resumption is a pre-requisite for early data. How did you create
"openssl.sess"?
openssl s_client -CAfile ca.cer -tls1_3 -sess_out openssl.sess -connect localhost:9443
 
I just re-tried my test case.
Re-started s_server and did two connection. The second connection reported:
Reused, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 256 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was rejected
Verify return code: 0 (ok)

It looks the session was resumed, but early data still was rejected.


Matt


> ...
> Early data was rejected
> Verify return code: 0 (ok)
>
> What's wrong with my testing?
>
>
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Why was early data rejected?

Matt Caswell-2


On 12/09/18 09:34, John Jiang wrote:
>
> It looks the session was resumed, but early data still was rejected.

Hmm. Strange. I just tried the exact same sequence of commands and it
was accepted.

One thing to try is to recompile OpenSSL with the "enable-ssl-trace"
config option. Then you can add the "-trace" option to s_client and/or
s_server which might give a better clue as to why it is rejected.

Matt

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Why was early data rejected?

John Jiang
Could you please take a look at the attached s_client.log?
It was outputted by s_client with options -trace and -state in the second connection.

Matt Caswell <[hidden email]> 于2018年9月12日周三 下午4:48写道:


On 12/09/18 09:34, John Jiang wrote:
>
> It looks the session was resumed, but early data still was rejected.

Hmm. Strange. I just tried the exact same sequence of commands and it
was accepted.

One thing to try is to recompile OpenSSL with the "enable-ssl-trace"
config option. Then you can add the "-trace" option to s_client and/or
s_server which might give a better clue as to why it is rejected.

Matt

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

s_client.log (8K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Why was early data rejected?

Matt Caswell-2
Nothing particularly unexpected in there. Could you send me the s_server
log including *both* connections, i.e. the original connection attempt
to create the session, followed by the subsequent resume.

Thanks

Matt


On 12/09/18 11:50, John Jiang wrote:

> Could you please take a look at the attached s_client.log?
> It was outputted by s_client with options -trace and -state in the
> second connection.
>
> Matt Caswell <[hidden email] <mailto:[hidden email]>> 于2018年9月12
> 日周三 下午4:48写道:
>
>
>
>     On 12/09/18 09:34, John Jiang wrote:
>     >
>     > It looks the session was resumed, but early data still was rejected.
>
>     Hmm. Strange. I just tried the exact same sequence of commands and it
>     was accepted.
>
>     One thing to try is to recompile OpenSSL with the "enable-ssl-trace"
>     config option. Then you can add the "-trace" option to s_client and/or
>     s_server which might give a better clue as to why it is rejected.
>
>     Matt
>
>     --
>     openssl-users mailing list
>     To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
>
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Why was early data rejected?

John Jiang
Very strange. I re-tried the same case, but the resumption failed.
The attached logs contain the full outputs in the both connections on server and client sides.

On Wed, Sep 12, 2018 at 7:09 PM Matt Caswell <[hidden email]> wrote:
Nothing particularly unexpected in there. Could you send me the s_server
log including *both* connections, i.e. the original connection attempt
to create the session, followed by the subsequent resume.

Thanks

Matt


On 12/09/18 11:50, John Jiang wrote:
> Could you please take a look at the attached s_client.log?
> It was outputted by s_client with options -trace and -state in the
> second connection.
>
> Matt Caswell <[hidden email] <mailto:[hidden email]>> 于2018年9月12
> 日周三 下午4:48写道:
>
>
>
>     On 12/09/18 09:34, John Jiang wrote:
>     >
>     > It looks the session was resumed, but early data still was rejected.
>
>     Hmm. Strange. I just tried the exact same sequence of commands and it
>     was accepted.
>
>     One thing to try is to recompile OpenSSL with the "enable-ssl-trace"
>     config option. Then you can add the "-trace" option to s_client and/or
>     s_server which might give a better clue as to why it is rejected.
>
>     Matt
>
>     --
>     openssl-users mailing list
>     To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
>
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

s_server.log (23K) Download Attachment
s_client.log (23K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Why was early data rejected?

Matt Caswell-2
Were you using the -www option to s_server before? You didn't mention it
in your original email, but in this log it shows you using it.

Try without that option.

Matt


On 12/09/18 12:25, John Jiang wrote:

> Very strange. I re-tried the same case, but the resumption failed.
> The attached logs contain the full outputs in the both connections on
> server and client sides.
>
> On Wed, Sep 12, 2018 at 7:09 PM Matt Caswell <[hidden email]
> <mailto:[hidden email]>> wrote:
>
>     Nothing particularly unexpected in there. Could you send me the s_server
>     log including *both* connections, i.e. the original connection attempt
>     to create the session, followed by the subsequent resume.
>
>     Thanks
>
>     Matt
>
>
>     On 12/09/18 11:50, John Jiang wrote:
>     > Could you please take a look at the attached s_client.log?
>     > It was outputted by s_client with options -trace and -state in the
>     > second connection.
>     >
>     > Matt Caswell <[hidden email] <mailto:[hidden email]>
>     <mailto:[hidden email] <mailto:[hidden email]>>> 于2018年9月12
>     > 日周三 下午4:48写道:
>     >
>     >
>     >
>     >     On 12/09/18 09:34, John Jiang wrote:
>     >     >
>     >     > It looks the session was resumed, but early data still was
>     rejected.
>     >
>     >     Hmm. Strange. I just tried the exact same sequence of commands
>     and it
>     >     was accepted.
>     >
>     >     One thing to try is to recompile OpenSSL with the
>     "enable-ssl-trace"
>     >     config option. Then you can add the "-trace" option to
>     s_client and/or
>     >     s_server which might give a better clue as to why it is rejected.
>     >
>     >     Matt
>     >
>     >     --
>     >     openssl-users mailing list
>     >     To unsubscribe:
>     https://mta.openssl.org/mailman/listinfo/openssl-users
>     >
>     >
>     >
>     --
>     openssl-users mailing list
>     To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
>
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Why was early data rejected?

John Jiang
I got the points!
1. should not use -www option on server side
2. Possibly, no session ticket was saved in the first connection with the below command,
echo "M" | openssl s_client -trace -state -CAfile ca.cer -tls1_3 -sess_out openssl.sess -connect localhost:9443
The client exited so quickly that didn't receive sever's session ticket.

On Wed, Sep 12, 2018 at 8:16 PM Matt Caswell <[hidden email]> wrote:
Were you using the -www option to s_server before? You didn't mention it
in your original email, but in this log it shows you using it.

Try without that option.

Matt


On 12/09/18 12:25, John Jiang wrote:
> Very strange. I re-tried the same case, but the resumption failed.
> The attached logs contain the full outputs in the both connections on
> server and client sides.
>
> On Wed, Sep 12, 2018 at 7:09 PM Matt Caswell <[hidden email]
> <mailto:[hidden email]>> wrote:
>
>     Nothing particularly unexpected in there. Could you send me the s_server
>     log including *both* connections, i.e. the original connection attempt
>     to create the session, followed by the subsequent resume.
>
>     Thanks
>
>     Matt
>
>
>     On 12/09/18 11:50, John Jiang wrote:
>     > Could you please take a look at the attached s_client.log?
>     > It was outputted by s_client with options -trace and -state in the
>     > second connection.
>     >
>     > Matt Caswell <[hidden email] <mailto:[hidden email]>
>     <mailto:[hidden email] <mailto:[hidden email]>>> 于2018年9月12
>     > 日周三 下午4:48写道:
>     >
>     >
>     >
>     >     On 12/09/18 09:34, John Jiang wrote:
>     >     >
>     >     > It looks the session was resumed, but early data still was
>     rejected.
>     >
>     >     Hmm. Strange. I just tried the exact same sequence of commands
>     and it
>     >     was accepted.
>     >
>     >     One thing to try is to recompile OpenSSL with the
>     "enable-ssl-trace"
>     >     config option. Then you can add the "-trace" option to
>     s_client and/or
>     >     s_server which might give a better clue as to why it is rejected.
>     >
>     >     Matt
>     >
>     >     --
>     >     openssl-users mailing list
>     >     To unsubscribe:
>     https://mta.openssl.org/mailman/listinfo/openssl-users
>     >
>     >
>     >
>     --
>     openssl-users mailing list
>     To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
>
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Why was early data rejected?

Matt Caswell-2


On 12/09/18 14:04, John Jiang wrote:
> I got the points!
> 1. should not use -www option on server side

Right - we should probably error out if you attempt to use those two
options in combination.


> 2. Possibly, no session ticket was saved in the first connection with
> the below command,
> echo "M" | openssl s_client -trace -state -CAfile ca.cer -tls1_3
> -sess_out openssl.sess -connect localhost:9443
> The client exited so quickly that didn't receive sever's session ticket.

Ahh! Makes sense!

Matt

>
> On Wed, Sep 12, 2018 at 8:16 PM Matt Caswell <[hidden email]
> <mailto:[hidden email]>> wrote:
>
>     Were you using the -www option to s_server before? You didn't mention it
>     in your original email, but in this log it shows you using it.
>
>     Try without that option.
>
>     Matt
>
>
>     On 12/09/18 12:25, John Jiang wrote:
>     > Very strange. I re-tried the same case, but the resumption failed.
>     > The attached logs contain the full outputs in the both connections on
>     > server and client sides.
>     >
>     > On Wed, Sep 12, 2018 at 7:09 PM Matt Caswell <[hidden email]
>     <mailto:[hidden email]>
>     > <mailto:[hidden email] <mailto:[hidden email]>>> wrote:
>     >
>     >     Nothing particularly unexpected in there. Could you send me
>     the s_server
>     >     log including *both* connections, i.e. the original connection
>     attempt
>     >     to create the session, followed by the subsequent resume.
>     >
>     >     Thanks
>     >
>     >     Matt
>     >
>     >
>     >     On 12/09/18 11:50, John Jiang wrote:
>     >     > Could you please take a look at the attached s_client.log?
>     >     > It was outputted by s_client with options -trace and -state
>     in the
>     >     > second connection.
>     >     >
>     >     > Matt Caswell <[hidden email] <mailto:[hidden email]>
>     <mailto:[hidden email] <mailto:[hidden email]>>
>     >     <mailto:[hidden email] <mailto:[hidden email]>
>     <mailto:[hidden email] <mailto:[hidden email]>>>> 于2018年9月12
>     >     > 日周三 下午4:48写道:
>     >     >
>     >     >
>     >     >
>     >     >     On 12/09/18 09:34, John Jiang wrote:
>     >     >     >
>     >     >     > It looks the session was resumed, but early data still was
>     >     rejected.
>     >     >
>     >     >     Hmm. Strange. I just tried the exact same sequence of
>     commands
>     >     and it
>     >     >     was accepted.
>     >     >
>     >     >     One thing to try is to recompile OpenSSL with the
>     >     "enable-ssl-trace"
>     >     >     config option. Then you can add the "-trace" option to
>     >     s_client and/or
>     >     >     s_server which might give a better clue as to why it is
>     rejected.
>     >     >
>     >     >     Matt
>     >     >
>     >     >     --
>     >     >     openssl-users mailing list
>     >     >     To unsubscribe:
>     >     https://mta.openssl.org/mailman/listinfo/openssl-users
>     >     >
>     >     >
>     >     >
>     >     --
>     >     openssl-users mailing list
>     >     To unsubscribe:
>     https://mta.openssl.org/mailman/listinfo/openssl-users
>     >
>     >
>     >
>     --
>     openssl-users mailing list
>     To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
>
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users