Hello, During development of one feature for my TLS proxy bud, I have discovered that the cert_cb is invoked only for newly generated tickets/sessions. The reasoning behind this is clear, but I believe that it is most likely needs a revision. Here is my reasoning:
The major use case is choosing a certificate/private key either dynamically (based on various parameters of SSL structure) or asynchronously (by using SSL_ERROR_WANT_X509_LOOKUP). However when the TLS ticket is provided by the client, it will be parsed and loaded using the ticket key from the main context, without giving a way for application to override it for particular servername (from SNI). Furthermore, with the TLS ticket provided application can no longer chose to provide a different certificate in case of expiration or revocation. The documentation says: "It is B<always> called even is a certificate is already set so the callback can modify or delete the existing certificate." Additionally, when talking about things allowed in `cert_cb`: "An application will typically call SSL_use_certificate() and SSL_use_PrivateKey() to set the end entity certificate and private key. It can add intermediate and optionally the root CA certificates using SSL_add1_chain_cert()." It only says that it is *typically* for applications to use these functions not limiting them to set and use different secure contextes on cert_cb. This is in fact what I've used in bud, and what we use in node.js too. Proposal: Invoke cert_cb before looking up session ids and parsing tls tickets. It is a safe change, and it should be done to match intention of this API documented in man pages. Please let me know if I can help or work on this. Thank you, Fedor.
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
