I am trying to modify the dtls_server.c example to keep track of whether session caching was used for a given connection.
Ideally I would have an interget value i.e `session_resumed = #1 or 0`
One way I tried to do this was by reading the value of the mbedtls_ssl_context struct `ssl`: ``` /* * 5. Handshake */ do ret = mbedtls_ssl_handshake( &ssl ); while( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE );
if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ) { printf( " hello verification requested\n" ); ret = 0; goto reset; } else if( ret != 0 ) { printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret ); goto reset; } printf( " session cache status: %d\n", ssl.handshake.resume ); ```
The issue with this is that the ssl struct is set to private, so the code fails to compile with the error: 'struct mbedtls_ssl_context' has no member named 'handshake'
Can somebody help me with some example code that would make this possible?
Hi,
As a temporary workaround for the you can use:
ssl.MBEDTLS_PRIVATE(handshake).resume
But please be aware that this is something that could break with any future release, so should only be used as a very temporary workaround.
We made these members private in 3.0.0, and thus need to know if anyone's code paths have been broken as a result, so we can add accessors or new methods as required. Regarding this, may I enquire the reason for your needing to know if the session has been resumed - is this only a debug thing, or do you have a requirement in your codebase to know this?
Regards,
Paul.
On Mon, 2022-03-07 at 20:55 +0000, eoin.mcmahon.dev--- via mbed-tls wrote:
I am trying to modify the dtls_server.c example to keep track of whether session caching was used for a given connection.
Ideally I would have an interget value i.e `session_resumed = #1 or 0`
One way I tried to do this was by reading the value of the mbedtls_ssl_context struct `ssl`:
/* * 5. Handshake */ do ret = mbedtls_ssl_handshake( &ssl ); while( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ); if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ) { printf( " hello verification requested\n" ); ret = 0; goto reset; } else if( ret != 0 ) { printf( " failed\n ! mbedtls_ssl_handshake returned - 0x%x\n\n", (unsigned int) -ret ); goto reset; } printf( " session cache status: %d\n", ssl.handshake.resume );
The issue with this is that the ssl struct is set to private, so the code fails to compile with the error: 'struct mbedtls_ssl_context' has no member named 'handshake'
Can somebody help me with some example code that would make this possible?
Hi thanks for getting back to me,
That's fine if it doesn't work in future releases, I will most likely stay on 3.0.0.
Unfortunately when trying to add this line to the dtls_server example I get:
error: dereferencing pointer to incomplete type 'mbedtls_ssl_handshake_params' {aka 'struct mbedtls_ssl_handshake_params'} int resumed = ssl.MBEDTLS_PRIVATE(handshake)->resume;
^~ If I try to use .resume instead of ->resume it also complains because `handshake` is a pointer and I must use -> instead.
My use case for this is to test a client's ability to connect to the server and use session caching, I want to essentially send messages to the server from a client with session caching enabled, and have the server send a message back either 'session cache was used' or 'session cache was not used.
On Tue, 8 Mar 2022 at 18:02, Paul Elliott Paul.Elliott@arm.com wrote:
Hi,
As a temporary workaround for the you can use:
ssl.MBEDTLS_PRIVATE(handshake).resume
But please be aware that this is something that could break with any future release, so should only be used as a very temporary workaround.
We made these members private in 3.0.0, and thus need to know if anyone's code paths have been broken as a result, so we can add accessors or new methods as required. Regarding this, may I enquire the reason for your needing to know if the session has been resumed - is this only a debug thing, or do you have a requirement in your codebase to know this?
Regards,
Paul.
On Mon, 2022-03-07 at 20:55 +0000, eoin.mcmahon.dev--- via mbed-tls wrote:
I am trying to modify the dtls_server.c example to keep track of whether session caching was used for a given connection.
Ideally I would have an interget value i.e `session_resumed = #1 or 0`
One way I tried to do this was by reading the value of the mbedtls_ssl_context struct `ssl`:
/* * 5. Handshake */ do ret = mbedtls_ssl_handshake( &ssl ); while( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ); if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ) { printf( " hello verification requested\n" ); ret = 0; goto reset; } else if( ret != 0 ) { printf( " failed\n ! mbedtls_ssl_handshake returned - 0x%x\n\n", (unsigned int) -ret ); goto reset; } printf( " session cache status: %d\n", ssl.handshake.resume );
The issue with this is that the ssl struct is set to private, so the code fails to compile with the error: 'struct mbedtls_ssl_context' has no member named 'handshake'
Can somebody help me with some example code that would make this possible?
Hi, I wasn't able to get it to work in the end unfortunately. Is there anything else you could suggest?
On Thu, 10 Mar 2022 at 09:56, Eoin McMahon eoin.mcmahon.dev@gmail.com wrote:
Hi thanks for getting back to me,
That's fine if it doesn't work in future releases, I will most likely stay on 3.0.0.
Unfortunately when trying to add this line to the dtls_server example I get:
error: dereferencing pointer to incomplete type 'mbedtls_ssl_handshake_params' {aka 'struct mbedtls_ssl_handshake_params'} int resumed = ssl.MBEDTLS_PRIVATE(handshake)->resume;
^~ If I try to use .resume instead of ->resume it also complains because `handshake` is a pointer and I must use -> instead.
My use case for this is to test a client's ability to connect to the server and use session caching, I want to essentially send messages to the server from a client with session caching enabled, and have the server send a message back either 'session cache was used' or 'session cache was not used.
On Tue, 8 Mar 2022 at 18:02, Paul Elliott Paul.Elliott@arm.com wrote:
Hi,
As a temporary workaround for the you can use:
ssl.MBEDTLS_PRIVATE(handshake).resume
But please be aware that this is something that could break with any future release, so should only be used as a very temporary workaround.
We made these members private in 3.0.0, and thus need to know if anyone's code paths have been broken as a result, so we can add accessors or new methods as required. Regarding this, may I enquire the reason for your needing to know if the session has been resumed - is this only a debug thing, or do you have a requirement in your codebase to know this?
Regards,
Paul.
On Mon, 2022-03-07 at 20:55 +0000, eoin.mcmahon.dev--- via mbed-tls wrote:
I am trying to modify the dtls_server.c example to keep track of whether session caching was used for a given connection.
Ideally I would have an interget value i.e `session_resumed = #1 or 0`
One way I tried to do this was by reading the value of the mbedtls_ssl_context struct `ssl`:
/* * 5. Handshake */ do ret = mbedtls_ssl_handshake( &ssl ); while( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ); if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ) { printf( " hello verification requested\n" ); ret = 0; goto reset; } else if( ret != 0 ) { printf( " failed\n ! mbedtls_ssl_handshake returned - 0x%x\n\n", (unsigned int) -ret ); goto reset; } printf( " session cache status: %d\n", ssl.handshake.resume );
The issue with this is that the ssl struct is set to private, so the code fails to compile with the error: 'struct mbedtls_ssl_context' has no member named 'handshake'
Can somebody help me with some example code that would make this possible?
mbed-tls@lists.trustedfirmware.org