Re: How to verify in a server that session cache resumption was used for a given connection
Hi thanks for getting back to me,
That's fine if it doesn't work in future releases, I will most likely stay on 3.0.0.
Unfortunately when trying to add this line to the dtls_server example I get:
error: dereferencing pointer to incomplete type 'mbedtls_ssl_handshake_params' {aka 'struct mbedtls_ssl_handshake_params'} int resumed = ssl.MBEDTLS_PRIVATE(handshake)->resume;
^~
my use case for this is to test a client's ability to connect to the server and use session caching, I want to essentially send messages to the server from a client, and have the server send a message back either 'session cache was used' or 'session cache was not used'.
Hi Eoin,
Mbed TLS accesses the session cache via callbacks set with mbedtls_ssl_conf_session_cache. You're probably passing mbedtls_ssl_cache_get as the get callback. You can pass a custom callback that calls mbedtls_ssl_cache_get and checks the return value. Success doesn't guarantee a succesful resumption, however, since the cached session may have incompatible parameters (e.g. different cipher suite). Is that enough, or do you need to be sure that the session was resumed in all scenarios?
mbed-tls@lists.trustedfirmware.org
-
Eoin McMahon -
Gilles Peskine