Home Explore Help
Sign In
OWEALs
/
openssl
mirror of git://git.openssl.org/openssl.git
2
0
Fork 0
Files Issues 1 Wiki
Tree: 606e0426a1
Branches Tags
openssl
/
doc
/
man3
/
SSL_CTX_set_tlsext_servername_callback.pod

SSL_CTX_set_tlsext_servername_callback.pod 6.8 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179 
  1. =pod
    2. 

  2. 

  3. =head1 NAME
    4. 

  4. 

  5. SSL_CTX_set_tlsext_servername_callback, SSL_CTX_set_tlsext_servername_arg,
    6. 

  6. SSL_get_servername_type, SSL_get_servername,
    7. 

  7. SSL_set_tlsext_host_name - handle server name indication (SNI)
    8. 

  8. 

  9. =head1 SYNOPSIS
    10. 

  10. 

  11.  #include <openssl/ssl.h>
    12. 

  12. 

  13.  long SSL_CTX_set_tlsext_servername_callback(SSL_CTX *ctx,
    14. 

  14.                                    int (*cb)(SSL *s, int *al, void *arg));
    15. 

  15.  long SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg);
    16. 

  16. 

  17.  const char *SSL_get_servername(const SSL *s, const int type);
    18. 

  18.  int SSL_get_servername_type(const SSL *s);
    19. 

  19. 

  20.  int SSL_set_tlsext_host_name(const SSL *s, const char *name);
    21. 

  21. 

  22. =head1 DESCRIPTION
    23. 

  23. 

  24. The functionality provided by the servername callback is mostly superseded by
    25. 

  25. the ClientHello callback, which can be set using SSL_CTX_set_client_hello_cb().
    26. 

  26. However, even where the ClientHello callback is used, the servername callback is
    27. 

  27. still necessary in order to acknowledge the servername requested by the client.
    28. 

  28. 

  29. SSL_CTX_set_tlsext_servername_callback() sets the application callback B<cb>
    30. 

  30. used by a server to perform any actions or configuration required based on
    31. 

  31. the servername extension received in the incoming connection. When B<cb>
    32. 

  32. is NULL, SNI is not used.
    33. 

  33. 

  34. The servername callback should return one of the following values:
    35. 

  35. 

  36. =over 4
    37. 

  37. 

  38. =item SSL_TLSEXT_ERR_OK
    39. 

  39. 

  40. This is used to indicate that the servername requested by the client has been
    41. 

  41. accepted. Typically a server will call SSL_set_SSL_CTX() in the callback to set
    42. 

  42. up a different configuration for the selected servername in this case.
    43. 

  43. 

  44. =item SSL_TLSEXT_ERR_ALERT_FATAL
    45. 

  45. 

  46. In this case the servername requested by the client is not accepted and the
    47. 

  47. handshake will be aborted. The value of the alert to be used should be stored in
    48. 

  48. the location pointed to by the B<al> parameter to the callback. By default this
    49. 

  49. value is initialised to SSL_AD_UNRECOGNIZED_NAME.
    50. 

  50. 

  51. =item SSL_TLSEXT_ERR_ALERT_WARNING
    52. 

  52. 

  53. If this value is returned then the servername is not accepted by the server.
    54. 

  54. However, the handshake will continue and send a warning alert instead. The value
    55. 

  55. of the alert should be stored in the location pointed to by the B<al> parameter
    56. 

  56. as for SSL_TLSEXT_ERR_ALERT_FATAL above. Note that TLSv1.3 does not support
    57. 

  57. warning alerts, so if TLSv1.3 has been negotiated then this return value is
    58. 

  58. treated the same way as SSL_TLSEXT_ERR_NOACK.
    59. 

  59. 

  60. =item SSL_TLSEXT_ERR_NOACK
    61. 

  61. 

  62. This return value indicates that the servername is not accepted by the server.
    63. 

  63. No alerts are sent and the server will not acknowledge the requested servername.
    64. 

  64. 

  65. =back
    66. 

  66. 

  67. SSL_CTX_set_tlsext_servername_arg() sets a context-specific argument to be
    68. 

  68. passed into the callback (via the B<arg> parameter) for this B<SSL_CTX>.
    69. 

  69. 

  70. The behaviour of SSL_get_servername() depends on a number of different factors.
    71. 

  71. In particular note that in TLSv1.3 the servername is negotiated in every
    72. 

  72. handshake. In TLSv1.2 the servername is only negotiated on initial handshakes
    73. 

  73. and not on resumption handshakes.
    74. 

  74. 

  75. =over 4
    76. 

  76. 

  77. =item On the client, before the handshake
    78. 

  78. 

  79. If a servername has been set via a call to SSL_set_tlsext_host_name() then it
    80. 

  80. will return that servername.
    81. 

  81. 

  82. If one has not been set, but a TLSv1.2 resumption is being attempted and the
    83. 

  83. session from the original handshake had a servername accepted by the server then
    84. 

  84. it will return that servername.
    85. 

  85. 

  86. Otherwise it returns NULL.
    87. 

  87. 

  88. =item On the client, during or after the handshake and a TLSv1.2 (or below)
    89. 

  89. resumption occurred
    90. 

  90. 

  91. If the session from the original handshake had a servername accepted by the
    92. 

  92. server then it will return that servername.
    93. 

  93. 

  94. Otherwise it returns the servername set via SSL_set_tlsext_host_name() or NULL
    95. 

  95. if it was not called.
    96. 

  96. 

  97. =item On the client, during or after the handshake and a TLSv1.2 (or below)
    98. 

  98. resumption did not occur
    99. 

  99. 

  100. It will return the servername set via SSL_set_tlsext_host_name() or NULL if it
    101. 

  101. was not called.
    102. 

  102. 

  103. =item On the server, before the handshake
    104. 

  104. 

  105. The function will always return NULL before the handshake
    106. 

  106. 

  107. =item On the server, after the servername extension has been processed and a
    108. 

  108. TLSv1.2 (or below) resumption occurred
    109. 

  109. 

  110. If a servername was accepted by the server in the original handshake then it
    111. 

  111. will return that servername, or NULL otherwise.
    112. 

  112. 

  113. =item On the server, after the servername extension has been processed and a
    114. 

  114. TLSv1.2 (or below) resumption did not occur
    115. 

  115. 

  116. The function will return the servername requested by the client in this
    117. 

  117. handshake or NULL if none was requested.
    118. 

  118. 

  119. =back
    120. 

  120. 

  121. Note that the ClientHello callback occurs before a servername extension from the
    122. 

  122. client is processed. The servername, certificate and ALPN callbacks occur after
    123. 

  123. a servername extension from the client is processed.
    124. 

  124. 

  125. SSL_get_servername_type() returns the servername type or -1 if no servername
    126. 

  126. is present. Currently the only supported type (defined in RFC3546) is
    127. 

  127. B<TLSEXT_NAMETYPE_host_name>.
    128. 

  128. 

  129. SSL_set_tlsext_host_name() sets the server name indication ClientHello extension
    130. 

  130. to contain the value B<name>. The type of server name indication extension is set
    131. 

  131. to B<TLSEXT_NAMETYPE_host_name> (defined in RFC3546).
    132. 

  132. 

  133. =head1 NOTES
    134. 

  134. 

  135. Several callbacks are executed during ClientHello processing, including
    136. 

  136. the ClientHello, ALPN, and servername callbacks.  The ClientHello callback is
    137. 

  137. executed first, then the servername callback, followed by the ALPN callback.
    138. 

  138. 

  139. The SSL_set_tlsext_host_name() function should only be called on SSL objects
    140. 

  140. that will act as clients; otherwise the configured B<name> will be ignored.
    141. 

  141. 

  142. =head1 RETURN VALUES
    143. 

  143. 

  144. SSL_CTX_set_tlsext_servername_callback() and
    145. 

  145. SSL_CTX_set_tlsext_servername_arg() both always return 1 indicating success.
    146. 

  146. SSL_set_tlsext_host_name() returns 1 on success, 0 in case of error.
    147. 

  147. 

  148. =head1 SEE ALSO
    149. 

  149. 

  150. L<ssl(7)>, L<SSL_CTX_set_alpn_select_cb(3)>,
    151. 

  151. L<SSL_get0_alpn_selected(3)>, L<SSL_CTX_set_client_hello_cb(3)>
    152. 

  152. 

  153. =head1 HISTORY
    154. 

  154. 

  155. SSL_get_servername() historically provided some unexpected results in certain
    156. 

  156. corner cases. This has been fixed from OpenSSL 1.1.1e.
    157. 

  157. 

  158. Prior to 1.1.1e, when the client requested a servername in an initial TLSv1.2
    159. 

  159. handshake, the server accepted it, and then the client successfully resumed but
    160. 

  160. set a different explicit servername in the second handshake then when called by
    161. 

  161. the client it returned the servername from the second handshake. This has now
    162. 

  162. been changed to return the servername requested in the original handshake.
    163. 

  163. 

  164. Also prior to 1.1.1e, if the client sent a servername in the first handshake but
    165. 

  165. the server did not accept it, and then a second handshake occurred where TLSv1.2
    166. 

  166. resumption was successful then when called by the server it returned the
    167. 

  167. servername requested in the original handshake. This has now been changed to
    168. 

  168. NULL.
    169. 

  169. 

  170. =head1 COPYRIGHT
    171. 

  171. 

  172. Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
    173. 

  173. 

  174. Licensed under the Apache License 2.0 (the "License").  You may not use
    175. 

  175. this file except in compliance with the License.  You can obtain a copy
    176. 

  176. in the file LICENSE in the source distribution or at
    177. 

  177. L<https://www.openssl.org/source/license.html>.
    178. 

  178. 

  179. =cut
    180.