[openssl-project] Proposed vote text for the SSL_CB_HANDSHAKE_START change

Matt Caswell matt at openssl.org
Wed Jan 30 10:22:25 UTC 2019

On 29/01/2019 17:31, Kurt Roeckx wrote:
> On Tue, Jan 29, 2019 at 02:07:09PM +0000, Matt Caswell wrote:
>> So I plan to start the vote soon for merging PR#8096 and backporting it to
>> 1.1.1. This is a breaking change as previously discussed.
>> My proposed vote text is as follows. Please let me know asap of any feedback.
>> Otherwise I will start the vote soon.
>> "master and 1.1.1 will be updated to use SSL_CB_POST_HANDSHAKE_START and
>> SSL_CB_POST_HANDSHAKE_END to signal the start and end of a post handshake
>> message exchange in the info callback (replacing SSL_CB_HANDSHAKE_START and
> This will only cover the key update currently? Does that come with
> some parameter telling which kind of handshake is happening? If
> not, is it more useful to just say that a key update is happening?

The info callback calls SSL_CB_POST_HANDSHAKE_START, followed by a series of
SSL_CB_LOOP events for each state change of the state machine, followed by
SSL_CB_POST_HANDSHAKE_END. It is possible to query the state machine to find out
what kind of message we are currently processing. That's the way the callback
works for all other "initial" handshake messages.

The new SSL_CB_POST_HANDSHAKE_* events apply to all post-handshake message
exchanges - not just key update.


More information about the openssl-project mailing list