"Early callback" is a little ambiguous now that early data exists.
Perhaps "ClientHello callback"?
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4349)
SSL_CIPHER_find() returns a B<SSL_CIPHER> structure which has the cipher ID stored
in B<ptr>. The B<ptr> parameter is a two element array of B<char>, which stores the
two-byte TLS cipher ID (as allocated by IANA) in network byte order. This parameter
-is usually retrieved from a TLS packet by using functions like L<SSL_early_get0_ciphers(3)>.
-SSL_CIPHER_find() returns NULL if an error occurs or the indicated cipher is not found.
+is usually retrieved from a TLS packet by using functions like
+L<SSL_client_hello_get0_ciphers(3)>. SSL_CIPHER_find() returns NULL if an
+error occurs or the indicated cipher is not found.
SSL_CIPHER_get_id() returns the OpenSSL-specific ID of the given cipher B<c>. That ID is
not the same as the IANA-specific ID.
--- /dev/null
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_client_hello_cb, SSL_client_hello_cb_fn, SSL_client_hello_isv2, SSL_client_hello_get0_legacy_version, SSL_client_hello_get0_random, SSL_client_hello_get0_session_id, SSL_client_hello_get0_ciphers, SSL_client_hello_get0_compression_methods, SSL_client_hello_get1_extensions_present, SSL_client_hello_get0_ext - callback functions for early server-side ClientHello processing
+
+=head1 SYNOPSIS
+
+ typedef int (*SSL_client_hello_cb_fn)(SSL *s, int *al, void *arg);
+ void SSL_CTX_set_client_hello_cb(SSL_CTX *c, SSL_client_hello_cb_fn *f,
+ void *arg);
+ int SSL_client_hello_isv2(SSL *s);
+ unsigned int SSL_client_hello_get0_legacy_version(SSL *s);
+ size_t SSL_client_hello_get0_random(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_session_id(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_ciphers(SSL *s, const unsigned char **out);
+ size_t SSL_client_hello_get0_compression_methods(SSL *s,
+ const unsigned char **out);
+ int SSL_client_hello_get1_extensions_present(SSL *s, int **out,
+ size_t *outlen);
+ int SSL_client_hello_get0_ext(SSL *s, int type, const unsigned char **out,
+ size_t *outlen);
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_client_hello_cb() sets the callback function, which is automatically
+called during the early stages of ClientHello processing on the server.
+The argument supplied when setting the callback is passed back to the
+callback at runtime. A callback that returns failure (0) will cause the
+connection to terminate, and callbacks returning failure should indicate
+what alert value is to be sent in the B<al> parameter. A callback may
+also return a negative value to suspend the handshake, and the handshake
+function will return immediately. L<SSL_get_error(3)> will return
+SSL_ERROR_WANT_CLIENT_HELLO_CB to indicate that the handshake was suspended.
+It is the job of the ClientHello callback to store information about the state
+of the last call if needed to continue. On the next call into the handshake
+function, the ClientHello callback will be called again, and, if it returns
+success, normal handshake processing will continue from that point.
+
+SSL_client_hello_isv2() indicates whether the ClientHello was carried in a
+SSLv2 record and is in the SSLv2 format. The SSLv2 format has substantial
+differences from the normal SSLv3 format, including using three bytes per
+cipher suite, and not allowing extensions. Additionally, the SSLv2 format
+'challenge' field is exposed via SSL_client_hello_get0_random(), padded to
+SSL3_RANDOM_SIZE bytes with zeros if needed. For SSLv2 format ClientHellos,
+SSL_client_hello_get0_compression_methods() returns a dummy list that only includes
+the null compression method, since the SSLv2 format does not include a
+mechanism by which to negotiate compression.
+
+SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(),
+SSL_client_hello_get0_ciphers(), and
+SSL_client_hello_get0_compression_methods() provide access to the corresponding
+ClientHello fields, returning the field length and optionally setting an out
+pointer to the octets of that field.
+
+Similarly, SSL_client_hello_get0_ext() provides access to individual extensions
+from the ClientHello on a per-extension basis. For the provided wire
+protocol extension type value, the extension value and length are returned
+in the output parameters (if present).
+
+SSL_client_hello_get1_extensions_present() can be used prior to
+SSL_client_hello_get0_ext(), to determine which extensions are present in the
+ClientHello before querying for them. The B<out> and B<outlen> parameters are
+both required, and on success the caller must release the storage allocated for
+B<*out> using OPENSSL_free(). The contents of B<*out> is an array of integers
+holding the numerical value of the TLS extension types in the order they appear
+in the ClientHello. B<*outlen> contains the number of elements in the array.
+
+=head1 NOTES
+
+The ClientHello callback provides a vast window of possibilities for application
+code to affect the TLS handshake. A primary use of the callback is to
+allow the server to examine the server name indication extension provided
+by the client in order to select an appropriate certificate to present,
+and make other configuration adjustments relevant to that server name
+and its configuration. Such configuration changes can include swapping out
+the associated SSL_CTX pointer, modifying the server's list of permitted TLS
+versions, changing the server's cipher list in response to the client's
+cipher list, etc.
+
+It is also recommended that applications utilize a ClientHello callback and
+not use a servername callback, in order to avoid unexpected behavior that
+occurs due to the relative order of processing between things like session
+resumption and the historical servername callback.
+
+The SSL_client_hello_* family of functions may only be called from code executing
+within a ClientHello callback.
+
+=head1 RETURN VALUES
+
+The application's supplied ClientHello callback returns 1 on success, 0 on failure,
+and a negative value to suspend processing.
+
+SSL_client_hello_isv2() returns 1 for SSLv2-format ClientHellos and 0 otherwise.
+
+SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(),
+SSL_client_hello_get0_ciphers(), and
+SSL_client_hello_get0_compression_methods() return the length of the
+corresponding ClientHello fields. If zero is returned, the output pointer
+should not be assumed to be valid.
+
+SSL_client_hello_get0_ext() returns 1 if the extension of type 'type' is present, and
+0 otherwise.
+
+SSL_client_hello_get1_extensions_present() returns 1 on success and 0 on failure.
+
+=head1 SEE ALSO
+
+L<ssl(7)>, L<SSL_CTX_set_tlsext_servername_callback(3)>,
+L<SSL_bytes_to_cipher_list>
+
+=head1 HISTORY
+
+The SSL ClientHello callback, SSL_client_hello_isv2(),
+SSL_client_hello_get0_random(), SSL_client_hello_get0_session_id(),
+SSL_client_hello_get0_ciphers(), SSL_client_hello_get0_compression_methods(),
+SSL_client_hello_get0_ext(), and SSL_client_hello_get1_extensions_present()
+were added in OpenSSL 1.1.1.
+
+=head1 COPYRIGHT
+
+Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the OpenSSL license (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
+++ /dev/null
-=pod
-
-=head1 NAME
-
-SSL_CTX_set_early_cb, SSL_early_cb_fn, SSL_early_isv2, SSL_early_get0_legacy_version, SSL_early_get0_random, SSL_early_get0_session_id, SSL_early_get0_ciphers, SSL_early_get0_compression_methods, SSL_early_get1_extensions_present, SSL_early_get0_ext - callback functions for early server-side ClientHello processing
-
-=head1 SYNOPSIS
-
- typedef int (*SSL_early_cb_fn)(SSL *s, int *al, void *arg);
- void SSL_CTX_set_early_cb(SSL_CTX *c, SSL_early_cb_fn *f, void *arg);
- int SSL_early_isv2(SSL *s);
- unsigned int SSL_early_get0_legacy_version(SSL *s);
- size_t SSL_early_get0_random(SSL *s, const unsigned char **out);
- size_t SSL_early_get0_session_id(SSL *s, const unsigned char **out);
- size_t SSL_early_get0_ciphers(SSL *s, const unsigned char **out);
- size_t SSL_early_get0_compression_methods(SSL *s, const unsigned char **out);
- int SSL_early_get1_extensions_present(SSL *s, int **out, size_t *outlen);
- int SSL_early_get0_ext(SSL *s, int type, const unsigned char **out,
- size_t *outlen);
-
-=head1 DESCRIPTION
-
-SSL_CTX_set_early_cb() sets the callback function, which is automatically
-called during the early stages of ClientHello processing on the server.
-The argument supplied when setting the callback is passed back to the
-callback at runtime. A callback that returns failure (0) will cause the
-connection to terminate, and callbacks returning failure should indicate
-what alert value is to be sent in the B<al> parameter. A callback may
-also return a negative value to suspend the handshake, and the handshake
-function will return immediately. L<SSL_get_error(3)> will return
-SSL_ERROR_WANT_EARLY to indicate that the handshake was suspended.
-It is the job of the early callback to store information about the state
-of the last call if needed to continue. On the next call into the handshake
-function, the early callback will be called again, and, if it returns
-success, normal handshake processing will continue from that point.
-
-SSL_early_isv2() indicates whether the ClientHello was carried in a
-SSLv2 record and is in the SSLv2 format. The SSLv2 format has substantial
-differences from the normal SSLv3 format, including using three bytes per
-cipher suite, and not allowing extensions. Additionally, the SSLv2 format
-'challenge' field is exposed via SSL_early_get0_random(), padded to
-SSL3_RANDOM_SIZE bytes with zeros if needed. For SSLv2 format ClientHellos,
-SSL_early_get0_compression_methods() returns a dummy list that only includes
-the null compression method, since the SSLv2 format does not include a
-mechanism by which to negotiate compression.
-
-SSL_early_get0_random(), SSL_early_get0_session_id(), SSL_early_get0_ciphers(),
-and SSL_early_get0_compression_methods() provide access to the corresponding
-ClientHello fields, returning the field length and optionally setting an
-out pointer to the octets of that field.
-
-Similarly, SSL_early_get0_ext() provides access to individual extensions
-from the ClientHello on a per-extension basis. For the provided wire
-protocol extension type value, the extension value and length are returned
-in the output parameters (if present).
-
-SSL_early_get1_extensions_present() can be used prior to SSL_early_get0_ext(),
-to determine which extensions are present in the ClientHello before querying
-for them. The B<out> and B<outlen> parameters are both required, and on
-success the caller must release the storage allocated for B<*out> using
-OPENSSL_free(). The contents of B<*out> is an array of integers holding the
-numerical value of the TLS extension types in the order they appear in the
-ClientHello. B<*outlen> contains the number of elements in the array.
-
-=head1 NOTES
-
-The early callback provides a vast window of possibilities for application
-code to affect the TLS handshake. A primary use of the callback is to
-allow the server to examine the server name indication extension provided
-by the client in order to select an appropriate certificate to present,
-and make other configuration adjustments relevant to that server name
-and its configuration. Such configuration changes can include swapping out
-the associated SSL_CTX pointer, modifying the server's list of permitted TLS
-versions, changing the server's cipher list in response to the client's
-cipher list, etc.
-
-It is also recommended that applications utilize an early callback and
-not use a servername callback, in order to avoid unexpected behavior that
-occurs due to the relative order of processing between things like session
-resumption and the historical servername callback.
-
-The SSL_early_* family of functions may only be called from code executing
-within an early callback.
-
-=head1 RETURN VALUES
-
-The application's supplied early callback returns 1 on success, 0 on failure,
-and a negative value to suspend processing.
-
-SSL_early_isv2() returns 1 for SSLv2-format ClientHellos and 0 otherwise.
-
-SSL_early_get0_random(), SSL_early_get0_session_id(), SSL_early_get0_ciphers(),
-and SSL_early_get0_compression_methods() return the length of the corresponding
-ClientHello fields. If zero is returned, the output pointer should not be
-assumed to be valid.
-
-SSL_early_get0_ext() returns 1 if the extension of type 'type' is present, and
-0 otherwise.
-
-SSL_early_get1_extensions_present() returns 1 on success and 0 on failure.
-
-=head1 SEE ALSO
-
-L<ssl(7)>, L<SSL_CTX_set_tlsext_servername_callback(3)>,
-L<SSL_bytes_to_cipher_list>
-
-=head1 HISTORY
-
-The SSL early callback, SSL_early_isv2(), SSL_early_get0_random(),
-SSL_early_get0_session_id(), SSL_early_get0_ciphers(),
-SSL_early_get0_compression_methods(), SSL_early_get0_ext(), and
-SSL_early_get1_extensions_present() were added in OpenSSL 1.1.1.
-
-=head1 COPYRIGHT
-
-Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
-
-Licensed under the OpenSSL license (the "License"). You may not use
-this file except in compliance with the License. You can obtain a copy
-in the file LICENSE in the source distribution or at
-L<https://www.openssl.org/source/license.html>.
-
-=cut
=head1 DESCRIPTION
-The functionality provided by the servername callback is superseded by
-the early callback, which can be set using SSL_CTX_set_early_cb().
+The functionality provided by the servername callback is superseded by the
+ClientHello callback, which can be set using SSL_CTX_set_client_hello_cb().
The servername callback is retained for historical compatibility.
SSL_CTX_set_tlsext_servername_callback() sets the application callback B<cb>
=head1 NOTES
Several callbacks are executed during ClientHello processing, including
-the early, ALPN, and servername callbacks. The early callback is executed
-first, then the servername callback, followed by the ALPN callback.
+the ClientHello, ALPN, and servername callbacks. The ClientHello callback is
+executed first, then the servername callback, followed by the ALPN callback.
The SSL_set_tlsext_host_name() function should only be called on SSL objects
that will act as clients; otherwise the configured B<name> will be ignored.
=head1 SEE ALSO
L<ssl(7)>, L<SSL_CTX_set_alpn_select_cb(3)>,
-L<SSL_get0_alpn_selected(3)>, L<SSL_CTX_set_early_cb(3)>
+L<SSL_get0_alpn_selected(3)>, L<SSL_CTX_set_client_hello_cb(3)>
=head1 COPYRIGHT
operation after a currently executing asynchronous operation for the current
thread has completed.
-=item SSL_ERROR_WANT_EARLY
+=item SSL_ERROR_WANT_CLIENT_HELLO_CB
The operation did not complete because an application callback set by
-SSL_CTX_set_early_cb() has asked to be called again.
+SSL_CTX_set_client_hello_cb() has asked to be called again.
The TLS/SSL I/O function should be called again later.
Details depend on the application.
=head1 HISTORY
SSL_ERROR_WANT_ASYNC was added in OpenSSL 1.1.0.
-SSL_ERROR_WANT_EARLY was added in OpenSSL 1.1.1.
+SSL_ERROR_WANT_CLIENT_HELLO_CB was added in OpenSSL 1.1.1.
=head1 COPYRIGHT
=head1 NAME
SSL_want, SSL_want_nothing, SSL_want_read, SSL_want_write, SSL_want_x509_lookup,
-SSL_want_async, SSL_want_async_job, SSL_want_early - obtain state information
-TLS/SSL I/O operation
+SSL_want_async, SSL_want_async_job, SSL_want_client_hello_cb - obtain state
+information TLS/SSL I/O operation
=head1 SYNOPSIS
int SSL_want_x509_lookup(const SSL *ssl);
int SSL_want_async(const SSL *ssl);
int SSL_want_async_job(const SSL *ssl);
- int SSL_want_early(const SSL *ssl);
+ int SSL_want_client_hello_cb(const SSL *ssl);
=head1 DESCRIPTION
available in the pool (see ASYNC_init_thread(3)). A call to L<SSL_get_error(3)>
should return SSL_ERROR_WANT_ASYNC_JOB.
-=item SSL_EARLY_WORK
+=item SSL_CLIENT_HELLO_CB
The operation did not complete because an application callback set by
-SSL_CTX_set_early_cb() has asked to be called again.
+SSL_CTX_set_client_hello_cb() has asked to be called again.
A call to L<SSL_get_error(3)> should return
-SSL_ERROR_WANT_EARLY.
+SSL_ERROR_WANT_CLIENT_HELLO_CB.
=back
SSL_want_nothing(), SSL_want_read(), SSL_want_write(), SSL_want_x509_lookup(),
-SSL_want_async(), SSL_want_async_job(), and SSL_want_early() return 1, when
-the corresponding condition is true or 0 otherwise.
+SSL_want_async(), SSL_want_async_job(), and SSL_want_client_hello_cb() return
+1, when the corresponding condition is true or 0 otherwise.
=head1 SEE ALSO
=head1 HISTORY
-SSL_want_early() and SSL_EARLY_WORK were added in OpenSSL 1.1.1.
+SSL_want_client_hello_cb() and SSL_CLIENT_HELLO_CB were added in OpenSSL 1.1.1.
=head1 COPYRIGHT
# define SSL_X509_LOOKUP 4
# define SSL_ASYNC_PAUSED 5
# define SSL_ASYNC_NO_JOBS 6
-# define SSL_EARLY_WORK 7
+# define SSL_CLIENT_HELLO_CB 7
/* These will only be used when doing non-blocking IO */
-# define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING)
-# define SSL_want_read(s) (SSL_want(s) == SSL_READING)
-# define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
-# define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
-# define SSL_want_async(s) (SSL_want(s) == SSL_ASYNC_PAUSED)
-# define SSL_want_async_job(s) (SSL_want(s) == SSL_ASYNC_NO_JOBS)
-# define SSL_want_early(s) (SSL_want(s) == SSL_EARLY_WORK)
+# define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING)
+# define SSL_want_read(s) (SSL_want(s) == SSL_READING)
+# define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
+# define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
+# define SSL_want_async(s) (SSL_want(s) == SSL_ASYNC_PAUSED)
+# define SSL_want_async_job(s) (SSL_want(s) == SSL_ASYNC_NO_JOBS)
+# define SSL_want_client_hello_cb(s) (SSL_want(s) == SSL_CLIENT_HELLO_CB)
# define SSL_MAC_FLAG_READ_MAC_STREAM 1
# define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
# define SSL_ERROR_WANT_ACCEPT 8
# define SSL_ERROR_WANT_ASYNC 9
# define SSL_ERROR_WANT_ASYNC_JOB 10
-# define SSL_ERROR_WANT_EARLY 11
+# define SSL_ERROR_WANT_CLIENT_HELLO_CB 11
# define SSL_CTRL_SET_TMP_DH 3
# define SSL_CTRL_SET_TMP_ECDH 4
# define SSL_CTRL_SET_TMP_DH_CB 6
# endif
/*
- * Early callback and helpers.
+ * ClientHello callback and helpers.
*/
-typedef int (*SSL_early_cb_fn) (SSL *s, int *al, void *arg);
-void SSL_CTX_set_early_cb(SSL_CTX *c, SSL_early_cb_fn cb, void *arg);
-int SSL_early_isv2(SSL *s);
-unsigned int SSL_early_get0_legacy_version(SSL *s);
-size_t SSL_early_get0_random(SSL *s, const unsigned char **out);
-size_t SSL_early_get0_session_id(SSL *s, const unsigned char **out);
-size_t SSL_early_get0_ciphers(SSL *s, const unsigned char **out);
-size_t SSL_early_get0_compression_methods(SSL *s, const unsigned char **out);
-int SSL_early_get1_extensions_present(SSL *s, int **out, size_t *outlen);
-int SSL_early_get0_ext(SSL *s, unsigned int type, const unsigned char **out,
- size_t *outlen);
+typedef int (*SSL_client_hello_cb_fn) (SSL *s, int *al, void *arg);
+void SSL_CTX_set_client_hello_cb(SSL_CTX *c, SSL_client_hello_cb_fn cb,
+ void *arg);
+int SSL_client_hello_isv2(SSL *s);
+unsigned int SSL_client_hello_get0_legacy_version(SSL *s);
+size_t SSL_client_hello_get0_random(SSL *s, const unsigned char **out);
+size_t SSL_client_hello_get0_session_id(SSL *s, const unsigned char **out);
+size_t SSL_client_hello_get0_ciphers(SSL *s, const unsigned char **out);
+size_t SSL_client_hello_get0_compression_methods(SSL *s,
+ const unsigned char **out);
+int SSL_client_hello_get1_extensions_present(SSL *s, int **out, size_t *outlen);
+int SSL_client_hello_get0_ext(SSL *s, unsigned int type,
+ const unsigned char **out, size_t *outlen);
void SSL_certs_clear(SSL *s);
void SSL_free(SSL *ssl);
return SSL_ERROR_WANT_ASYNC;
if (SSL_want_async_job(s))
return SSL_ERROR_WANT_ASYNC_JOB;
- if (SSL_want_early(s))
- return SSL_ERROR_WANT_EARLY;
+ if (SSL_want_client_hello_cb(s))
+ return SSL_ERROR_WANT_CLIENT_HELLO_CB;
if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
(s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
#endif /* OPENSSL_NO_CT */
-void SSL_CTX_set_early_cb(SSL_CTX *c, SSL_early_cb_fn cb, void *arg)
+void SSL_CTX_set_client_hello_cb(SSL_CTX *c, SSL_client_hello_cb_fn cb,
+ void *arg)
{
- c->early_cb = cb;
- c->early_cb_arg = arg;
+ c->client_hello_cb = cb;
+ c->client_hello_cb_arg = arg;
}
-int SSL_early_isv2(SSL *s)
+int SSL_client_hello_isv2(SSL *s)
{
if (s->clienthello == NULL)
return 0;
return s->clienthello->isv2;
}
-unsigned int SSL_early_get0_legacy_version(SSL *s)
+unsigned int SSL_client_hello_get0_legacy_version(SSL *s)
{
if (s->clienthello == NULL)
return 0;
return s->clienthello->legacy_version;
}
-size_t SSL_early_get0_random(SSL *s, const unsigned char **out)
+size_t SSL_client_hello_get0_random(SSL *s, const unsigned char **out)
{
if (s->clienthello == NULL)
return 0;
return SSL3_RANDOM_SIZE;
}
-size_t SSL_early_get0_session_id(SSL *s, const unsigned char **out)
+size_t SSL_client_hello_get0_session_id(SSL *s, const unsigned char **out)
{
if (s->clienthello == NULL)
return 0;
return s->clienthello->session_id_len;
}
-size_t SSL_early_get0_ciphers(SSL *s, const unsigned char **out)
+size_t SSL_client_hello_get0_ciphers(SSL *s, const unsigned char **out)
{
if (s->clienthello == NULL)
return 0;
return PACKET_remaining(&s->clienthello->ciphersuites);
}
-size_t SSL_early_get0_compression_methods(SSL *s, const unsigned char **out)
+size_t SSL_client_hello_get0_compression_methods(SSL *s, const unsigned char **out)
{
if (s->clienthello == NULL)
return 0;
return s->clienthello->compressions_len;
}
-int SSL_early_get1_extensions_present(SSL *s, int **out, size_t *outlen)
+int SSL_client_hello_get1_extensions_present(SSL *s, int **out, size_t *outlen)
{
RAW_EXTENSION *ext;
int *present;
return 0;
}
-int SSL_early_get0_ext(SSL *s, unsigned int type, const unsigned char **out,
+int SSL_client_hello_get0_ext(SSL *s, unsigned int type, const unsigned char **out,
size_t *outlen)
{
size_t i;
ENGINE *client_cert_engine;
# endif
- /* Early callback. Mostly for extensions, but not entirely. */
- SSL_early_cb_fn early_cb;
- void *early_cb_arg;
+ /* ClientHello callback. Mostly for extensions, but not entirely. */
+ SSL_client_hello_cb_fn client_hello_cb;
+ void *client_hello_cb_arg;
/* TLS extensions. */
struct {
size_t tls13_cookie_len;
} ext;
- /* Parsed form of the ClientHello, kept around across early_cb calls. */
+ /*
+ * Parsed form of the ClientHello, kept around across client_hello_cb
+ * calls.
+ */
CLIENTHELLO_MSG *clienthello;
/*-
DOWNGRADE dgrd = DOWNGRADE_NONE;
/* Finished parsing the ClientHello, now we can start processing it */
- /* Give the early callback a crack at things */
- if (s->ctx->early_cb != NULL) {
+ /* Give the ClientHello callback a crack at things */
+ if (s->ctx->client_hello_cb != NULL) {
int code;
- /* A failure in the early callback terminates the connection. */
- code = s->ctx->early_cb(s, &al, s->ctx->early_cb_arg);
+ /* A failure in the ClientHello callback terminates the connection. */
+ code = s->ctx->client_hello_cb(s, &al, s->ctx->client_hello_cb_arg);
if (code == 0)
goto err;
if (code < 0) {
- s->rwstate = SSL_EARLY_WORK;
+ s->rwstate = SSL_CLIENT_HELLO_CB;
return code;
}
}
}
}
-static int early_select_server_ctx(SSL *s, void *arg, int ignore)
+static int client_hello_select_server_ctx(SSL *s, void *arg, int ignore)
{
const char *servername;
const unsigned char *p;
* The server_name extension was given too much extensibility when it
* was written, so parsing the normal case is a bit complex.
*/
- if (!SSL_early_get0_ext(s, TLSEXT_TYPE_server_name, &p, &remaining) ||
+ if (!SSL_client_hello_get0_ext(s, TLSEXT_TYPE_server_name, &p,
+ &remaining) ||
remaining <= 2)
return 0;
/* Extract the length of the supplied list of names. */
return select_server_ctx(s, arg, 0);
}
-static int early_ignore_cb(SSL *s, int *al, void *arg)
+static int client_hello_ignore_cb(SSL *s, int *al, void *arg)
{
- if (!early_select_server_ctx(s, arg, 1)) {
+ if (!client_hello_select_server_ctx(s, arg, 1)) {
*al = SSL_AD_UNRECOGNIZED_NAME;
return 0;
}
return 1;
}
-static int early_reject_cb(SSL *s, int *al, void *arg)
+static int client_hello_reject_cb(SSL *s, int *al, void *arg)
{
- if (!early_select_server_ctx(s, arg, 0)) {
+ if (!client_hello_select_server_ctx(s, arg, 0)) {
*al = SSL_AD_UNRECOGNIZED_NAME;
return 0;
}
return 1;
}
-static int early_nov12_cb(SSL *s, int *al, void *arg)
+static int client_hello_nov12_cb(SSL *s, int *al, void *arg)
{
int ret;
unsigned int v;
const unsigned char *p;
- v = SSL_early_get0_legacy_version(s);
+ v = SSL_client_hello_get0_legacy_version(s);
if (v > TLS1_2_VERSION || v < SSL3_VERSION) {
*al = SSL_AD_PROTOCOL_VERSION;
return 0;
}
- (void)SSL_early_get0_session_id(s, &p);
+ (void)SSL_client_hello_get0_session_id(s, &p);
if (p == NULL ||
- SSL_early_get0_random(s, &p) == 0 ||
- SSL_early_get0_ciphers(s, &p) == 0 ||
- SSL_early_get0_compression_methods(s, &p) == 0) {
+ SSL_client_hello_get0_random(s, &p) == 0 ||
+ SSL_client_hello_get0_ciphers(s, &p) == 0 ||
+ SSL_client_hello_get0_compression_methods(s, &p) == 0) {
*al = SSL_AD_INTERNAL_ERROR;
return 0;
}
- ret = early_select_server_ctx(s, arg, 0);
+ ret = client_hello_select_server_ctx(s, arg, 0);
SSL_set_max_proto_version(s, TLS1_1_VERSION);
if (!ret)
*al = SSL_AD_UNRECOGNIZED_NAME;
/*
* Link the two contexts for SNI purposes.
- * Also do early callbacks here, as setting both early and SNI is bad.
+ * Also do ClientHello callbacks here, as setting both ClientHello and SNI
+ * is bad.
*/
switch (extra->server.servername_callback) {
case SSL_TEST_SERVERNAME_IGNORE_MISMATCH:
break;
case SSL_TEST_SERVERNAME_CB_NONE:
break;
- case SSL_TEST_SERVERNAME_EARLY_IGNORE_MISMATCH:
- SSL_CTX_set_early_cb(server_ctx, early_ignore_cb, server2_ctx);
+ case SSL_TEST_SERVERNAME_CLIENT_HELLO_IGNORE_MISMATCH:
+ SSL_CTX_set_client_hello_cb(server_ctx, client_hello_ignore_cb, server2_ctx);
break;
- case SSL_TEST_SERVERNAME_EARLY_REJECT_MISMATCH:
- SSL_CTX_set_early_cb(server_ctx, early_reject_cb, server2_ctx);
+ case SSL_TEST_SERVERNAME_CLIENT_HELLO_REJECT_MISMATCH:
+ SSL_CTX_set_client_hello_cb(server_ctx, client_hello_reject_cb, server2_ctx);
break;
- case SSL_TEST_SERVERNAME_EARLY_NO_V12:
- SSL_CTX_set_early_cb(server_ctx, early_nov12_cb, server2_ctx);
+ case SSL_TEST_SERVERNAME_CLIENT_HELLO_NO_V12:
+ SSL_CTX_set_client_hello_cb(server_ctx, client_hello_nov12_cb, server2_ctx);
}
if (extra->server.cert_status != SSL_TEST_CERT_STATUS_NONE) {
test-3 = 3-SNI-no-client-support
test-4 = 4-SNI-bad-sni-ignore-mismatch
test-5 = 5-SNI-bad-sni-reject-mismatch
-test-6 = 6-SNI-bad-early-sni-ignore-mismatch
-test-7 = 7-SNI-bad-early-sni-reject-mismatch
-test-8 = 8-SNI-early-disable-v12
+test-6 = 6-SNI-bad-clienthello-sni-ignore-mismatch
+test-7 = 7-SNI-bad-clienthello-sni-reject-mismatch
+test-8 = 8-SNI-clienthello-disable-v12
# ===========================================================
[0-SNI-switch-context]
# ===========================================================
-[6-SNI-bad-early-sni-ignore-mismatch]
-ssl_conf = 6-SNI-bad-early-sni-ignore-mismatch-ssl
+[6-SNI-bad-clienthello-sni-ignore-mismatch]
+ssl_conf = 6-SNI-bad-clienthello-sni-ignore-mismatch-ssl
-[6-SNI-bad-early-sni-ignore-mismatch-ssl]
-server = 6-SNI-bad-early-sni-ignore-mismatch-server
-client = 6-SNI-bad-early-sni-ignore-mismatch-client
-server2 = 6-SNI-bad-early-sni-ignore-mismatch-server
+[6-SNI-bad-clienthello-sni-ignore-mismatch-ssl]
+server = 6-SNI-bad-clienthello-sni-ignore-mismatch-server
+client = 6-SNI-bad-clienthello-sni-ignore-mismatch-client
+server2 = 6-SNI-bad-clienthello-sni-ignore-mismatch-server
-[6-SNI-bad-early-sni-ignore-mismatch-server]
+[6-SNI-bad-clienthello-sni-ignore-mismatch-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[6-SNI-bad-early-sni-ignore-mismatch-client]
+[6-SNI-bad-clienthello-sni-ignore-mismatch-client]
CipherString = DEFAULT
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-6]
ExpectedResult = Success
ExpectedServerName = server1
-server = 6-SNI-bad-early-sni-ignore-mismatch-server-extra
-server2 = 6-SNI-bad-early-sni-ignore-mismatch-server-extra
-client = 6-SNI-bad-early-sni-ignore-mismatch-client-extra
+server = 6-SNI-bad-clienthello-sni-ignore-mismatch-server-extra
+server2 = 6-SNI-bad-clienthello-sni-ignore-mismatch-server-extra
+client = 6-SNI-bad-clienthello-sni-ignore-mismatch-client-extra
-[6-SNI-bad-early-sni-ignore-mismatch-server-extra]
-ServerNameCallback = EarlyIgnoreMismatch
+[6-SNI-bad-clienthello-sni-ignore-mismatch-server-extra]
+ServerNameCallback = ClientHelloIgnoreMismatch
-[6-SNI-bad-early-sni-ignore-mismatch-client-extra]
+[6-SNI-bad-clienthello-sni-ignore-mismatch-client-extra]
ServerName = invalid
# ===========================================================
-[7-SNI-bad-early-sni-reject-mismatch]
-ssl_conf = 7-SNI-bad-early-sni-reject-mismatch-ssl
+[7-SNI-bad-clienthello-sni-reject-mismatch]
+ssl_conf = 7-SNI-bad-clienthello-sni-reject-mismatch-ssl
-[7-SNI-bad-early-sni-reject-mismatch-ssl]
-server = 7-SNI-bad-early-sni-reject-mismatch-server
-client = 7-SNI-bad-early-sni-reject-mismatch-client
-server2 = 7-SNI-bad-early-sni-reject-mismatch-server
+[7-SNI-bad-clienthello-sni-reject-mismatch-ssl]
+server = 7-SNI-bad-clienthello-sni-reject-mismatch-server
+client = 7-SNI-bad-clienthello-sni-reject-mismatch-client
+server2 = 7-SNI-bad-clienthello-sni-reject-mismatch-server
-[7-SNI-bad-early-sni-reject-mismatch-server]
+[7-SNI-bad-clienthello-sni-reject-mismatch-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[7-SNI-bad-early-sni-reject-mismatch-client]
+[7-SNI-bad-clienthello-sni-reject-mismatch-client]
CipherString = DEFAULT
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-7]
ExpectedResult = ServerFail
ExpectedServerAlert = UnrecognizedName
-server = 7-SNI-bad-early-sni-reject-mismatch-server-extra
-server2 = 7-SNI-bad-early-sni-reject-mismatch-server-extra
-client = 7-SNI-bad-early-sni-reject-mismatch-client-extra
+server = 7-SNI-bad-clienthello-sni-reject-mismatch-server-extra
+server2 = 7-SNI-bad-clienthello-sni-reject-mismatch-server-extra
+client = 7-SNI-bad-clienthello-sni-reject-mismatch-client-extra
-[7-SNI-bad-early-sni-reject-mismatch-server-extra]
-ServerNameCallback = EarlyRejectMismatch
+[7-SNI-bad-clienthello-sni-reject-mismatch-server-extra]
+ServerNameCallback = ClientHelloRejectMismatch
-[7-SNI-bad-early-sni-reject-mismatch-client-extra]
+[7-SNI-bad-clienthello-sni-reject-mismatch-client-extra]
ServerName = invalid
# ===========================================================
-[8-SNI-early-disable-v12]
-ssl_conf = 8-SNI-early-disable-v12-ssl
+[8-SNI-clienthello-disable-v12]
+ssl_conf = 8-SNI-clienthello-disable-v12-ssl
-[8-SNI-early-disable-v12-ssl]
-server = 8-SNI-early-disable-v12-server
-client = 8-SNI-early-disable-v12-client
-server2 = 8-SNI-early-disable-v12-server
+[8-SNI-clienthello-disable-v12-ssl]
+server = 8-SNI-clienthello-disable-v12-server
+client = 8-SNI-clienthello-disable-v12-client
+server2 = 8-SNI-clienthello-disable-v12-server
-[8-SNI-early-disable-v12-server]
+[8-SNI-clienthello-disable-v12-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[8-SNI-early-disable-v12-client]
+[8-SNI-clienthello-disable-v12-client]
CipherString = DEFAULT
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-8]
ExpectedProtocol = TLSv1.1
ExpectedServerName = server2
-server = 8-SNI-early-disable-v12-server-extra
-server2 = 8-SNI-early-disable-v12-server-extra
-client = 8-SNI-early-disable-v12-client-extra
+server = 8-SNI-clienthello-disable-v12-server-extra
+server2 = 8-SNI-clienthello-disable-v12-server-extra
+client = 8-SNI-clienthello-disable-v12-client-extra
-[8-SNI-early-disable-v12-server-extra]
-ServerNameCallback = EarlyNoV12
+[8-SNI-clienthello-disable-v12-server-extra]
+ServerNameCallback = ClientHelloNoV12
-[8-SNI-early-disable-v12-client-extra]
+[8-SNI-clienthello-disable-v12-client-extra]
ServerName = server2
},
},
{
- name => "SNI-bad-early-sni-ignore-mismatch",
+ name => "SNI-bad-clienthello-sni-ignore-mismatch",
server => {
extra => {
- "ServerNameCallback" => "EarlyIgnoreMismatch",
+ "ServerNameCallback" => "ClientHelloIgnoreMismatch",
},
},
client => {
},
},
{
- name => "SNI-bad-early-sni-reject-mismatch",
+ name => "SNI-bad-clienthello-sni-reject-mismatch",
server => {
extra => {
- "ServerNameCallback" => "EarlyRejectMismatch",
+ "ServerNameCallback" => "ClientHelloRejectMismatch",
},
},
client => {
our @tests_tls_1_1 = (
{
- name => "SNI-early-disable-v12",
+ name => "SNI-clienthello-disable-v12",
server => {
extra => {
- "ServerNameCallback" => "EarlyNoV12",
+ "ServerNameCallback" => "ClientHelloNoV12",
},
},
client => {
{"None", SSL_TEST_SERVERNAME_CB_NONE},
{"IgnoreMismatch", SSL_TEST_SERVERNAME_IGNORE_MISMATCH},
{"RejectMismatch", SSL_TEST_SERVERNAME_REJECT_MISMATCH},
- {"EarlyIgnoreMismatch", SSL_TEST_SERVERNAME_EARLY_IGNORE_MISMATCH},
- {"EarlyRejectMismatch", SSL_TEST_SERVERNAME_EARLY_REJECT_MISMATCH},
- {"EarlyNoV12", SSL_TEST_SERVERNAME_EARLY_NO_V12},
+ {"ClientHelloIgnoreMismatch",
+ SSL_TEST_SERVERNAME_CLIENT_HELLO_IGNORE_MISMATCH},
+ {"ClientHelloRejectMismatch",
+ SSL_TEST_SERVERNAME_CLIENT_HELLO_REJECT_MISMATCH},
+ {"ClientHelloNoV12", SSL_TEST_SERVERNAME_CLIENT_HELLO_NO_V12},
};
__owur static int parse_servername_callback(SSL_TEST_SERVER_CONF *server_conf,
SSL_TEST_SERVERNAME_CB_NONE = 0, /* Default */
SSL_TEST_SERVERNAME_IGNORE_MISMATCH,
SSL_TEST_SERVERNAME_REJECT_MISMATCH,
- SSL_TEST_SERVERNAME_EARLY_IGNORE_MISMATCH,
- SSL_TEST_SERVERNAME_EARLY_REJECT_MISMATCH,
- SSL_TEST_SERVERNAME_EARLY_NO_V12
+ SSL_TEST_SERVERNAME_CLIENT_HELLO_IGNORE_MISMATCH,
+ SSL_TEST_SERVERNAME_CLIENT_HELLO_REJECT_MISMATCH,
+ SSL_TEST_SERVERNAME_CLIENT_HELLO_NO_V12
} ssl_servername_callback_t;
typedef enum {
#endif
#ifndef OPENSSL_NO_TLS1_2
-static int full_early_callback(SSL *s, int *al, void *arg)
+static int full_client_hello_callback(SSL *s, int *al, void *arg)
{
int *ctr = arg;
const unsigned char *p;
if ((*ctr)++ == 0)
return -1;
- len = SSL_early_get0_ciphers(s, &p);
+ len = SSL_client_hello_get0_ciphers(s, &p);
if (!TEST_mem_eq(p, len, expected_ciphers, sizeof(expected_ciphers))
- || !TEST_size_t_eq(SSL_early_get0_compression_methods(s, &p), 1)
+ || !TEST_size_t_eq(
+ SSL_client_hello_get0_compression_methods(s, &p), 1)
|| !TEST_int_eq(*p, 0))
return 0;
- if (!SSL_early_get1_extensions_present(s, &exts, &len))
+ if (!SSL_client_hello_get1_extensions_present(s, &exts, &len))
return 0;
if (len != OSSL_NELEM(expected_extensions) ||
memcmp(exts, expected_extensions, len * sizeof(*exts)) != 0) {
- printf("Early callback expected ClientHello extensions mismatch\n");
+ printf("ClientHello callback expected extensions mismatch\n");
OPENSSL_free(exts);
return 0;
}
return 1;
}
-static int test_early_cb(void)
+static int test_client_hello_cb(void)
{
SSL_CTX *cctx = NULL, *sctx = NULL;
SSL *clientssl = NULL, *serverssl = NULL;
TLS_client_method(), &sctx,
&cctx, cert, privkey)))
goto end;
- SSL_CTX_set_early_cb(sctx, full_early_callback, &testctr);
+ SSL_CTX_set_client_hello_cb(sctx, full_client_hello_callback, &testctr);
/* The gimpy cipher list we configure can't do TLS 1.3. */
SSL_CTX_set_max_proto_version(cctx, TLS1_2_VERSION);
|| !TEST_true(create_ssl_objects(sctx, cctx, &serverssl,
&clientssl, NULL, NULL))
|| !TEST_false(create_ssl_connection(serverssl, clientssl,
- SSL_ERROR_WANT_EARLY))
+ SSL_ERROR_WANT_CLIENT_HELLO_CB))
/*
* Passing a -1 literal is a hack since
* the real value was lost.
* */
- || !TEST_int_eq(SSL_get_error(serverssl, -1), SSL_ERROR_WANT_EARLY)
+ || !TEST_int_eq(SSL_get_error(serverssl, -1),
+ SSL_ERROR_WANT_CLIENT_HELLO_CB)
|| !TEST_true(create_ssl_connection(serverssl, clientssl,
SSL_ERROR_NONE)))
goto end;
ADD_TEST(test_keylog_no_master_key);
#endif
#ifndef OPENSSL_NO_TLS1_2
- ADD_TEST(test_early_cb);
+ ADD_TEST(test_client_hello_cb);
#endif
#ifndef OPENSSL_NO_TLS1_3
ADD_ALL_TESTS(test_early_data_read_write, 3);
SSL_key_update 417 1_1_1 EXIST::FUNCTION:
SSL_get_key_update_type 418 1_1_1 EXIST::FUNCTION:
SSL_bytes_to_cipher_list 419 1_1_1 EXIST::FUNCTION:
-SSL_early_get0_compression_methods 420 1_1_1 EXIST::FUNCTION:
-SSL_early_get0_ciphers 421 1_1_1 EXIST::FUNCTION:
-SSL_early_get0_ext 422 1_1_1 EXIST::FUNCTION:
-SSL_early_get0_session_id 423 1_1_1 EXIST::FUNCTION:
-SSL_early_get0_random 424 1_1_1 EXIST::FUNCTION:
-SSL_CTX_set_early_cb 425 1_1_1 EXIST::FUNCTION:
-SSL_early_get0_legacy_version 426 1_1_1 EXIST::FUNCTION:
-SSL_early_isv2 427 1_1_1 EXIST::FUNCTION:
+SSL_client_hello_get0_compression_methods 420 1_1_1 EXIST::FUNCTION:
+SSL_client_hello_get0_ciphers 421 1_1_1 EXIST::FUNCTION:
+SSL_client_hello_get0_ext 422 1_1_1 EXIST::FUNCTION:
+SSL_client_hello_get0_session_id 423 1_1_1 EXIST::FUNCTION:
+SSL_client_hello_get0_random 424 1_1_1 EXIST::FUNCTION:
+SSL_CTX_set_client_hello_cb 425 1_1_1 EXIST::FUNCTION:
+SSL_client_hello_get0_legacy_version 426 1_1_1 EXIST::FUNCTION:
+SSL_client_hello_isv2 427 1_1_1 EXIST::FUNCTION:
SSL_set_max_early_data 428 1_1_1 EXIST::FUNCTION:
SSL_CTX_set_max_early_data 429 1_1_1 EXIST::FUNCTION:
SSL_get_max_early_data 430 1_1_1 EXIST::FUNCTION:
SSL_set_record_padding_callback_arg 451 1_1_1 EXIST::FUNCTION:
SSL_CTX_set_record_padding_callback_arg 452 1_1_1 EXIST::FUNCTION:
SSL_CTX_use_serverinfo_ex 453 1_1_1 EXIST::FUNCTION:
-SSL_early_get1_extensions_present 454 1_1_1 EXIST::FUNCTION:
+SSL_client_hello_get1_extensions_present 454 1_1_1 EXIST::FUNCTION:
SSL_set_psk_find_session_callback 455 1_1_1 EXIST::FUNCTION:
SSL_set_psk_use_session_callback 456 1_1_1 EXIST::FUNCTION:
SSL_CTX_set_psk_use_session_callback 457 1_1_1 EXIST::FUNCTION:
OSSL_STORE_post_process_info_fn datatype
RAND_poll_cb datatype
SSL_CTX_keylog_cb_func datatype
-SSL_early_cb_fn datatype
+SSL_client_hello_cb_fn datatype
SSL_psk_client_cb_func datatype
SSL_psk_find_session_cb_func datatype
SSL_psk_server_cb_func datatype
SSL_set_tmp_dh define
SSL_want_async define
SSL_want_async_job define
-SSL_want_early define
+SSL_want_client_hello_cb define
SSL_want_nothing define
SSL_want_read define
SSL_want_write define
projects / oweals / openssl.git / commitdiff