openSSL TLSv1_3 session resumption

Question

I am using openssl 3.2.0 and I am creating a FTP-Client. Everything works fine when using only TLSv1_2, but the needed session-resumption does not work with TLSv1_3 when connecting with File-Zilla FTP Server. With my self written FTP-Server (using openssl 3.2.0) under Linux it works fine. The client I am developing is running on mingw64 under Windows.

Using TLSv1_2 the Cert returns a nice session, which I can reuse for the passive mode and everything works fine:

        SSL_CTX_set_options(uci->ssl_ctx_data, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_3 );
        SSL_CTX_set_cipher_list(uci->ssl_ctx_data, CIPHER_LIST);
        uci->ssl_data = SSL_new(uci->ssl_ctx_data);
        SSL_set_fd(uci->ssl_data,uci->sock_data);

        if ( infocallback ){
            sprintf(dummy,"(%s:%d) Trying TLS connection now...",file,line);
            infocallback(NULL,dummy);
        }
        if ( !SSL_set_session(uci->ssl_data,uci->ssl_session) ){
            sprintf(dummy,"TLS-Problem: Could not set SSL_SESSION!");
            if ( infocallback) infocallback(dummy,NULL);
        }
        ret = SSL_connect(uci->ssl_data);

There is an output like this from SSL_SESSION_print_fp:

# 
# [D] --> [(usocket.c:885) Trying TLS connection now...]
# [D] --> [(usocket.c:701) >> [NOOP] (10 Seconds)]
# [D] --> [(usocket.c:701) << [200 Noop ok.]]
# [D] --> [(usocket.c:885) TLS-Handshake successfull! (UCI->SESISON: 0x025B86F0)]
# [D] --> [SSL-Session:]
# [D] --> [    Protocol  : TLSv1.2]
# [D] --> [    Cipher    : ECDHE-ECDSA-AES256-GCM-SHA384]
# [D] --> [    Session-ID: 14A0BE87C88DA530E4382FDC0E33FB962CCA6086140D0DB421E45C76EF7DF9EF]
# [D] --> [    Session-ID-ctx: ]
# [D] --> [    Master-Key: FF025669309957811B0E4A49622EED3AF369A7BAA1DF155E88117DC1E7B4490E6FC7B9EF84BDB37129326DD84B1BDBA2]
# [D] --> [    PSK identity: None]
# [D] --> [    PSK identity hint: None]
# [D] --> [    SRP username: None]
# [D] --> [    TLS session ticket lifetime hint: 604800 (seconds)]
# [D] --> [    TLS session ticket:]
# [D] --> [    0000 - 75 81 47 14 55 0e 4a 06-1f b2 99 32 97 dd 9b fc   u.G.U.J....2....]
# [D] --> [    0010 - 61 b7 c5 6a c4 d5 7c c6-02 61 d5 8b 11 bd 52 00   a..j..|..a....R.]
# [D] --> [    0020 - 01 50 95 06 8f 51 b8 e9-0e b1 9d fd bf 6e 85 d1   .P...Q.......n..]
# [D] --> [    0030 - 2d 74 8c be 19 a7 cd 0a-a7 93 e1 e4 99 8f bb 7b   -t.............{]
# [D] --> [    0040 - 30 1b 9b da 72 9d 54 08-38 a3 36 75 fd 30 1a 93   0...r.T.8.6u.0..]
# [D] --> [    0050 - cb 3f ac 23 be 9c d8 ed-a0 71 6e ec e5 b5 77 35   .?.#.....qn...w5]
# [D] --> [    0060 - 65 8f b3 13 20 bd 30 9e-b2 8b f9 1e 3e 98 b7 f6   e... .0.....>...]
# [D] --> [    0070 - 5e 98 cd 09 11 39 f1 03-fe 3b ed 4f 89 13 3f a9   ^....9...;.O..?.]
# [D] --> [    0080 - 13 67 ca 11 89 c5 88 c8-02 a7 cd 40 5a 83 13 a5   .g.........@Z...]
# [D] --> [    0090 - b8 b5 f0 49 65 31 fa 82-85 d4 15 42 b8 7f f5 20   ...Ie1.....B... ]
# [D] --> [    00a0 - 57 ea ac 2a 90 25 d3 99-40 87 d5 13 dd 59 36 00   W..*.%[email protected].]
# [D] --> [    00b0 - 37 cc 9a 6d a2 dc d0 fb-88 11 58 80 7a e9 de 72   7..m......X.z..r]
# [D] --> [    00c0 - 81 ad 41 85 5d 63 90 97-50 6d 21 95 87 a4 3c 84   ..A.]c..Pm!...<.]
# [D] --> [    00d0 - 49 14 bf e2 f1 14 6d 2d-42 3f 9c 3c db e1 5e 00   I.....m-B?.<..^.]
# [D] --> [    00e0 - 1a a8 b8 72 11 f6 ae 21-56 ba 33 c4 e1 aa 6f f9   ...r...!V.3...o.]
# [D] --> [    00f0 - 59 1c a7 8c 53 e5 9f 15-47 ed ef 16 a9 5e a6 a3   Y...S...G....^..]
# [D] --> [    0100 - a0 13 00 4b 5d ed 8a 77-73 19 2d 75 60 4c 2e 99   ...K]..ws.-u`L..]
# [D] --> [    0110 - 4b 4f c3 41 6c 81 27 c9-37 d4 f6 4b 75 1a 03 c6   KO.Al.'.7..Ku...]
# [D] --> [    0120 - 81 1a a1 07 a5 b5 29 9e-96 30 6b 80 f6 d6 c5 ad   ......)..0k.....]
# [D] --> [    0130 - ee 70 42 94 aa e5 b8 95-96 ba eb 07 5c 02 7c 49   .pB.........\.|I]
# [D] --> [    0140 - 39 1d 49 a5 21 76 d1 62-3a b8 c1 61 a6 01 1d 12   9.I.!v.b:..a....]
# [D] --> [    0150 - aa c3 03 e6 cc 36 bf a2-6b b4 34 1e 80 5d 3f 96   .....6..k.4..]?.]
# [D] --> [    0160 - 9a f4 cc 4e 68 ed ae 00-98 8f 12 87 66 9e 53 0f   ...Nh.......f.S.]
# [D] --> [    0170 - 9a 70 7d 24 bc 98 9f 83-96 34 c1 8d 02 69 4c b2   .p}$.....4...iL.]
# [D] --> [    0180 - 97 bd 1e 46 52 af                                 ...FR.]
# [D] --> []
# [D] --> [    Start Time: 1705660812]
# [D] --> [    Timeout   : 7200 (sec)]
# [D] --> [    Verify return code: 18 (self-signed certificate)]
# [D] --> [    Extended master secret: yes]
# PRINT-IP: [::1] --> [::1]
# [D] --> [(usocket.c:894) >> [USER XXX] (10 Seconds)]
# [D] --> [(usocket.c:894) << [331 Please, specify the password.]]
# RET: 331, RESPONSE: [331 Please, specify the password.]
# [D] --> [(usocket.c:897) >> [PASS XXX] (10 Seconds)]
# [D] --> [(usocket.c:897) << [230 Login successful.]]
# RET: 230, RESPONSE: [230 Login successful.]
# [D] --> [(usocket.c:905) >> [MODE S] (10 Seconds)]
# [D] --> [(usocket.c:905) << [200 MODE set to S]]
# RET: 200, RESPONSE: [200 MODE set to S]
# [D] --> [(usocket.c:447) >> [PROT P] (10 Seconds)]
# [D] --> [(usocket.c:447) << [200 Protection level set to P]]
# [D] --> [(usocket.c:453) >> [EPSV] (10 Seconds)]
# [D] --> [(usocket.c:453) << [229 Entering Extended Passive Mode (|||56079|)]]
# [D] --> [PASSIVE IP: [::1], PASSIVE PORT: [56079], PASSIVE ADDR_FAMILY: [AF_INET6]]
# [D] --> [Successfully connected to: ::1:56079 (DATA)]
# [D] --> [(usocket.c:912) >> [LIST] (10 Seconds)]
# [D] --> [(usocket.c:804) CALLED UPASSIVE_INIT UCI-MODE: [SSL]]
# [D] --> [(usocket.c:804) Trying TLS connection now...]
# [D] --> [(usocket.c:804) TLS-Handshake successfull! (REUSED: 1)]
# [D] --> [SSL-Session:]
# [D] --> [    Protocol  : TLSv1.2]
# [D] --> [    Cipher    : ECDHE-ECDSA-AES256-GCM-SHA384]
# [D] --> [    Session-ID: 14A0BE87C88DA530E4382FDC0E33FB962CCA6086140D0DB421E45C76EF7DF9EF]
# [D] --> [    Session-ID-ctx: ]
# [D] --> [    Master-Key: FF025669309957811B0E4A49622EED3AF369A7BAA1DF155E88117DC1E7B4490E6FC7B9EF84BDB37129326DD84B1BDBA2]
# [D] --> [    PSK identity: None]
# [D] --> [    PSK identity hint: None]
# [D] --> [    SRP username: None]
# [D] --> [    TLS session ticket lifetime hint: 604800 (seconds)]
# [D] --> [    TLS session ticket:]
# [D] --> [    0000 - 75 81 47 14 55 0e 4a 06-1f b2 99 32 97 dd 9b fc   u.G.U.J....2....]
# [D] --> [    0010 - 61 b7 c5 6a c4 d5 7c c6-02 61 d5 8b 11 bd 52 00   a..j..|..a....R.]
# [D] --> [    0020 - 01 50 95 06 8f 51 b8 e9-0e b1 9d fd bf 6e 85 d1   .P...Q.......n..]
# [D] --> [    0030 - 2d 74 8c be 19 a7 cd 0a-a7 93 e1 e4 99 8f bb 7b   -t.............{]
# [D] --> [    0040 - 30 1b 9b da 72 9d 54 08-38 a3 36 75 fd 30 1a 93   0...r.T.8.6u.0..]
# [D] --> [    0050 - cb 3f ac 23 be 9c d8 ed-a0 71 6e ec e5 b5 77 35   .?.#.....qn...w5]
# [D] --> [    0060 - 65 8f b3 13 20 bd 30 9e-b2 8b f9 1e 3e 98 b7 f6   e... .0.....>...]
# [D] --> [    0070 - 5e 98 cd 09 11 39 f1 03-fe 3b ed 4f 89 13 3f a9   ^....9...;.O..?.]
# [D] --> [    0080 - 13 67 ca 11 89 c5 88 c8-02 a7 cd 40 5a 83 13 a5   .g.........@Z...]
# [D] --> [    0090 - b8 b5 f0 49 65 31 fa 82-85 d4 15 42 b8 7f f5 20   ...Ie1.....B... ]
# [D] --> [    00a0 - 57 ea ac 2a 90 25 d3 99-40 87 d5 13 dd 59 36 00   W..*.%[email protected].]
# [D] --> [    00b0 - 37 cc 9a 6d a2 dc d0 fb-88 11 58 80 7a e9 de 72   7..m......X.z..r]
# [D] --> [    00c0 - 81 ad 41 85 5d 63 90 97-50 6d 21 95 87 a4 3c 84   ..A.]c..Pm!...<.]
# [D] --> [    00d0 - 49 14 bf e2 f1 14 6d 2d-42 3f 9c 3c db e1 5e 00   I.....m-B?.<..^.]
# [D] --> [    00e0 - 1a a8 b8 72 11 f6 ae 21-56 ba 33 c4 e1 aa 6f f9   ...r...!V.3...o.]
# [D] --> [    00f0 - 59 1c a7 8c 53 e5 9f 15-47 ed ef 16 a9 5e a6 a3   Y...S...G....^..]
# [D] --> [    0100 - a0 13 00 4b 5d ed 8a 77-73 19 2d 75 60 4c 2e 99   ...K]..ws.-u`L..]
# [D] --> [    0110 - 4b 4f c3 41 6c 81 27 c9-37 d4 f6 4b 75 1a 03 c6   KO.Al.'.7..Ku...]
# [D] --> [    0120 - 81 1a a1 07 a5 b5 29 9e-96 30 6b 80 f6 d6 c5 ad   ......)..0k.....]
# [D] --> [    0130 - ee 70 42 94 aa e5 b8 95-96 ba eb 07 5c 02 7c 49   .pB.........\.|I]
# [D] --> [    0140 - 39 1d 49 a5 21 76 d1 62-3a b8 c1 61 a6 01 1d 12   9.I.!v.b:..a....]
# [D] --> [    0150 - aa c3 03 e6 cc 36 bf a2-6b b4 34 1e 80 5d 3f 96   .....6..k.4..]?.]
# [D] --> [    0160 - 9a f4 cc 4e 68 ed ae 00-98 8f 12 87 66 9e 53 0f   ...Nh.......f.S.]
# [D] --> [    0170 - 9a 70 7d 24 bc 98 9f 83-96 34 c1 8d 02 69 4c b2   .p}$.....4...iL.]
# [D] --> [    0180 - 97 bd 1e 46 52 af                                 ...FR.]
# [D] --> []
# [D] --> [    Start Time: 1705660812]
# [D] --> [    Timeout   : 7200 (sec)]
# [D] --> [    Verify return code: 18 (self-signed certificate)]
# [D] --> [    Extended master secret: yes]
# [D] --> [(usocket.c:912) << [150 Starting data transfer.]]
# RET: 150, RESPONSE: [150 Starting data transfer.]
# # =*

This problem occurs when using the file-zilla FTP Server only!

But, when I remove the NO_TLSv1_3 from the CTX options, than it looks like this (ONLY WHEN CONNECTING TO FILEZILLA FTP-SERVER):

[D] --> [(usocket.c:885) TLS-Handshake successfull! (UCI->SESISON: 0x02638550)]
[D] --> [SSL-Session:]
[D] --> [    Protocol  : TLSv1.3]
[D] --> [    Cipher    : TLS_AES_256_GCM_SHA384]
[D] --> [    Session-ID: ]
[D] --> [    Session-ID-ctx: ]
[D] --> [    Resumption PSK: ]
[D] --> [    PSK identity: None]
[D] --> [    PSK identity hint: None]
[D] --> [    SRP username: None]
[D] --> [    Start Time: 1705661185]
[D] --> [    Timeout   : 7200 (sec)]
[D] --> [    Verify return code: 18 (self-signed certificate)]
[D] --> [    Extended master secret: no]
[D] --> [    Max Early Data: 0]
PRINT-IP: [::1] --> [::1]
[D] --> [(usocket.c:894) >> [USER XXX] (10 Seconds)]
[D] --> [(usocket.c:894) << [331 Please, specify the password.]]
RET: 331, RESPONSE: [331 Please, specify the password.]
[D] --> [(usocket.c:897) >> [PASS XXX] (10 Seconds)]
[D] --> [(usocket.c:897) << [230 Login successful.]]
RET: 230, RESPONSE: [230 Login successful.]
[D] --> [(usocket.c:905) >> [MODE S] (10 Seconds)]
[D] --> [(usocket.c:905) << [200 MODE set to S]]
RET: 200, RESPONSE: [200 MODE set to S]
[D] --> [(usocket.c:447) >> [PROT P] (10 Seconds)]
[D] --> [(usocket.c:447) << [200 Protection level set to P]]
[D] --> [(usocket.c:453) >> [EPSV] (10 Seconds)]
[D] --> [(usocket.c:453) << [229 Entering Extended Passive Mode (|||56106|)]]
[D] --> [PASSIVE IP: [::1], PASSIVE PORT: [56106], PASSIVE ADDR_FAMILY: [AF_INET6]]
[D] --> [Successfully connected to: ::1:56106 (DATA)]
[D] --> [(usocket.c:912) >> [LIST] (10 Seconds)]
[D] --> [(usocket.c:804) CALLED UPASSIVE_INIT UCI-MODE: [SSL]]
[D] --> [(usocket.c:804) Trying TLS connection now...]
[D] --> [(usocket.c:804) TLS-Handshake successfull! (REUSED: 0)]
[D] --> [SSL-Session:]
[D] --> [    Protocol  : TLSv1.3]
[D] --> [    Cipher    : TLS_AES_256_GCM_SHA384]
[D] --> [    Session-ID: ]
[D] --> [    Session-ID-ctx: ]
[D] --> [    Resumption PSK: ]
[D] --> [    PSK identity: None]
[D] --> [    PSK identity hint: None]
[D] --> [    SRP username: None]
[D] --> [    Start Time: 1705661185]
[D] --> [    Timeout   : 7200 (sec)]
[D] --> [    Verify return code: 18 (self-signed certificate)]
[D] --> [    Extended master secret: no]
[D] --> [    Max Early Data: 0]
[D] --> [(usocket.c:912) << [150 Starting data transfer.]]
RET: 150, RESPONSE: [150 Starting data transfer.]
====================================================================
[I] --> [RECV FAILED ON SOCKET (CLOSED BY REMOTE)]

Of course it fails in passive mode, because File-Zilla requires session resumption. As mentioned before, with other FTP-Servers this problem with TLSv1_3 does not occur...

Best regards

Andy

I have tried several versions of openSSL, all with the same result. Also running over IPv4 or IPv6 makes no difference...

Answer 1

It looks like there is no Session-ID in the second log:

[D] --> [    Protocol  : TLSv1.3]
[D] --> [    Cipher    : TLS_AES_256_GCM_SHA384]
[D] --> [    Session-ID: ]
[D] --> [    Session-ID-ctx: ]

Did you set SSL_SESS_CACHE_CLIENT for the SSL_CTX?

You can also check whether the ssl session can be used for resumption using the SSL_SESSION_is_resumable() function.