Need help understanding how the custom extension interacts with the SSL pointer, if at all

[Xavier Marchal]

Hello, 

In the context of a research project I need to add some extensions to the ClientHello during TLS handshake but I don't understand well some concepts of the custom extensions. 

I can successfully send custom extensions between my client and server thanks to the SSL_CTX_add_custom_ext function but I have a hard time to use these values. 

I currently define them like this on both sides: SSL_CTX_add_custom_ext(ssl_ctx, 101, SSL_EXT_CLIENT_HELLO, addScalar, freeScalar, NULL, parseScalar, NULL); 

What I want to do is to store the value of the extension in a structure linked with with each SSL sessions pointer I have but the callbacks are set at the context level so I don't think I can give pointers to my structures easily as they do no exist yet when the custom extension is defined. 

I think it may be possible to keep a global map with SSL session pointers as keys but I am not sure it is the way to do. 

Or maybe I can do a 1:1 with only a session per context but it looks suboptimal. 

In the same way, is it possible for a SSL client to set a specific value for a custom extension if it only has access to a SSL pointer? (in my case it would be better if I have only one SSL_CTX for all SSL clients) 

Is what I'm trying to do feasible? 

Regards, 

Xavier Marchal 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20231019/41da38e5/attachment.htm>