Ok. Trying the -users mailing list before going further.
On Fri, May 23, 2014 at 10:56 AM, DEXTER <[email protected]> wrote: > Hi! > > I'm not sure if this is the appropriate list to send this to but since I > believe it would need a modification in openssl source code that's why I'm > sending this to here. > > So the problem I'm trying to solve is this. > In a proxying environment when the client connects to the proxy and it > sends the SNI, you have to suspend the handshake with the client side, > start the handshake on the serverside, get the certificate from the server, > and send that certificate back to the client. > This is only possible, if I can suspend the handshake procedure with the > client, and continue when I have the certificate from the server. > > Right now openssl has some callbacks like the info and msg callbacks but > you cannot return from it with let's say: SSL_HANDSHAKE_SUSPEND, or > SSL_HANDSHAKE_INTERRUPT or something like that to be able to continue it > later. So right now when you return from these and you don't have the > certificate set you'll get the: No shared cipher error. > > The question is that will there'be some kind of way to suspend and > continue the handshake? > > Thank you. > >
