openssl/openssl
Ver no GitHubRFE: make SSL_get_servername work early in ClientHello callback
Open
#23.326 aberto em 17 de jan. de 2024
branch: masterhelp wantedtriaged: feature
Métricas do repositório
- Stars
- (30.157 stars)
- Métricas de merge de PR
- (Nenhuma PRs mesclada em 30d)
Description
SNI is the most common reason for the use of ClientHello callback and requires manually parsing as SSL_get_servername cannot be used.
BoringSSL has refactored this portion so that SSL_get_servername can be used at this early stage: gotta love this description from @davidben — “SNI is the most common reason to use the ClientHello callback and the extension is a little goofy to parse”
See discussion here: https://github.com/openssl/openssl/discussions/23303