TLS 1.3 Early data
Dirk Menstermann
noadsplease at web.de
Sat Nov 12 10:18:40 UTC 2022
Hi Benjamin,
thanks for your response. I updated to 111s and replaced the SNI callback with
the ClientHello callback as suggested, but still no luck. So far FF does not
send early data if it was not configured before the handshake started.
Do you have another idea?
Best,
Jens
On 05/11/2022 21:12, Benjamin Kaduk wrote:
> On Sat, Nov 05, 2022 at 11:50:18AM +0100, Dirk Menstermann wrote:
>> Hello,
>>
>> I did few experiments with early data but was not successful in solving my
>> exotic use case: "Using early data dependent on the SNI"
>>
>> I control the server (linux, supports http2) based on OpenSSL 111q and use a
>> recent firefox as client:
>>
>> 1) Setting SSL_CTX_set_max_early_data in the SSL_CTX* works (FF sends early data)
>> 2) Setting SSL_set_max_early_data on the just created SSL* works (FF sends early
>> data)
>> 3) Setting SSL_set_max_early_data in the SNI callback during the handshake does
>> not work (FF does not send early data)
>>
>> I guess there is a dirty way to "peek" into the client hello and parse it
>> without OpenSSL, extracting the SNI and make it then like in 2), but I wonder if
>> there is a better way.
>>
>> Any idea?
>
> The SNI callback runs far too late for this purpose (and, to be honest, a lot of
> other purposes). You should be able to use the client_hello callback for it,
> though (https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_client_hello_cb.html).
>
> Note that SSL_get_servername() does not provide something useful within the
> client hello callback execution and you'll have to do something like
> https://github.com/openssl/openssl/blob/master/test/helpers/handshake.c#L146-L198
> in order to access the provided SNI value from the client.
>
> -Ben
More information about the openssl-users
mailing list