TLS Extension support - Server Name Indication

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

TLS Extension support - Server Name Indication

Cesc Santa
Hi,
 
While discussing the proper implementation for TLS support for (open)ser SIP proxy (currently using OpenSSL), we came up with somehow a showstopper: when the server serves multiple domains, we'd like to present a different certificate depending on which domain the incoming message is directed to. The option of using a different port per domain is an option, but not the best one.
So, my question is, does openssl implement TLS extensions, as defined in RFC 3546, specially section "3.1 - server name identification"? This way, the tls client establishing the tls connection could announce the proxy it is connecting to, thus solving all the multi-domain problems.
We heard that it is there in gnutls, what about openssl?
 
And, now that i started, what TLS Extensions does openssl support?
 
Regards,
 
Cesc
Reply | Threaded
Open this post in threaded view
|

Re: TLS Extension support - Server Name Indication

Peter Sylvester-3
Dear OpenSSL developpers,

I have put a version of openssl that supports the TLS servername extension
into our web server. It is based on a openssl development snapshot of
last week.
We have split of and simplified the code that was done together with SRP
last year, an,d corrected known bugs.

See http://www.edelweb.fr/EdelKey/files/openssl-0.9.8+SERVERNAME.tar.gz

see also http://www.edelweb.fr/EdelKey/

The snapshot was one day before the 0.9.8a announcement, I think it
contains the recent vulerability patch.

I invite the core developers to take a look on it:

basically s_client and s_server have been slighlty enhanced and in "ssl"
there the modules that have OPENSSL_NO_TLSEXT contain the new
functionality.
In the s23_lib.c it is possible to have anounce  a TLS extension and
to "ignore it"  on the server side as with s3_lib.

There is one functionality which is not necessary to support the servername
extension, but only to allow a renegotiation of a session using another
servername, e;g. when a web server received a "Host: " This is not yet
fully tested, and I am not sure whether the implemenation is good.
The idea is to switch the ssl->ctx point to another context. The reference
counting for the ctx is simple, but during an SSL_new there is some
data "cached" down into the SSL, and, in particular the interesting
one, the server's certificate. It may not be necessary to switch the
actual CTX, but rather change the SSL to cache from the "other" CTX.


regards and thanks for looking at it; sorry for the lengthly message.

Peter

Cesc wrote:

> Hi,
>  
> While discussing the proper implementation for TLS support for
> (open)ser SIP proxy (currently using OpenSSL), we came up with somehow
> a showstopper: when the server serves multiple domains, we'd like to
> present a different certificate depending on which domain the incoming
> message is directed to. The option of using a different port per
> domain is an option, but not the best one.
> So, my question is, does openssl implement TLS extensions, as defined
> in RFC 3546, specially section "3.1 - server name identification"?
> This way, the tls client establishing the tls connection could
> announce the proxy it is connecting to, thus solving all the
> multi-domain problems.
> We heard that it is there in gnutls, what about openssl?
>  
> And, now that i started, what TLS Extensions does openssl support?
>  
> Regards,
>  
> Cesc


--
To verify the signature, see http://edelpki.edelweb.fr/ 
Cela vous permet de charger le certificat de l'autorité;
die Liste mit zurückgerufenen Zertifikaten finden Sie da auch.


smime.p7s (6K) Download Attachment