Moving SSL connections between processes (was: Question)
Viktor Dukhovni
openssl-users at dukhovni.org
Thu Aug 10 15:02:56 UTC 2023
> On 10 Aug 2023, at 10:49 am, Tomas Mraz <tomas at openssl.org> wrote:
>
> I assume, if these server processes work in sequence, i.e. one does its
> work and only then it hands over the processing to the second process
> it should be possible to do it actually.
>
> You would use two separate SSL connections over the same socket - that
> is possible. You could also use the SSL_SESSION object from the first
> SSL connection within the second process to avoid another full
> handshake as SSL_SESSIONs can be serialized.
Or derive an explicit (non-resumption) PSK over the first connection,
and require its use in the second. A sort of authenticated mandatory
resumption that "channel-binds" the two handshakes.
> The first SSL connection must be cleanly terminated by the client/first
> server before you can proceed establishing the second SSL connection.
Right, and the underlying second can be moved via file-descriptor passing
after the full two-way TLS shutdown.
Without channel binding the two SSL handshakes, in principle an MiTM could
take over the TCP connection right after the bidectional shutdown, and
perform a handshake that "takes over" the rest of the communication.
The second SSL handshake still needs some sort of authentication or
channel-binding.
Of course this does mean that the client has to expect and participate in
the connection transfer.
--
Viktor.
More information about the openssl-users
mailing list