• Registered: 2015-08-12
  • Posts: 13

Topic: Initialization of Ticket Buffer before using wolfSSL_get_SessionTicket

Hi,

I was trying to use on the server the function wolfSSL_get_SessionTicket to get the Client's Session ID.  After some debugging to determine why I was getting a  Bad function argument.  After this I looked at the ssl.c code and I noticed the problem:

WOLFSSL_API int wolfSSL_get_SessionTicket(WOLFSSL* ssl, byte* buf, word32* bufSz)
{
    if (ssl == NULL || buf == NULL || bufSz == NULL || *bufSz == 0)
        return BAD_FUNC_ARG;

    if (ssl->session.ticketLen <= *bufSz) {
        XMEMCPY(buf, ssl->session.ticket, ssl->session.ticketLen);
        *bufSz = ssl->session.ticketLen;
    }
    else
        *bufSz = 0;

    return SSL_SUCCESS;
}

This requires the Buffer not to be NULL and the size variable to be equal to the size of the buffer.  This makes little sense unless there is a initialization function for the Ticket buffer.  Suggest that the if Statement is changed to:
if ( ssl==NULL || *bufSz < ID_LEN)

cfarrin

Share

  • Jacob
  • Moderator
  • Offline
  • Registered: 2014-08-21
  • Posts: 79

Re: Initialization of Ticket Buffer before using wolfSSL_get_SessionTicket

Hi cfarrin,

If looking to get the clients session ID the function wolfSSL_get_sessionID(WOLFSSL_SESSION* session) could be used. As a note the session ID returned is always going to be 32 bytes long. And is going to be the session id that the server created to send over to the client.
If looking to do resumption using a clients ID an example of this can be found in examples/server/server.c . If invoked with -r a resumption connection is created.

Regards,
Jacob

Share