ClientHello Message

Question

ClientHello Message

SteveSelva opened this issue a year ago · comments

I want to generate SSL Certificate on the fly. I found a way using the ClientHello message in the TLS handshake, which contains the Server Name in the SNI extension. Is there any way to get the Server Name at ClientHello message or any other way to generate Certificate on the fly?

afrind · Answer 1 · Wed May 31 2023 00:10:17 GMT+0800 (China Standard Time)

There used to be a hook for this in wangle::SSLContextConfig, but it was removed in facebook/wangle@398695a

afrind · Answer 2 · Wed May 31 2023 00:10:30 GMT+0800 (China Standard Time)

CC: @AjanthanAsogamoorthy

steveselva · Answer 3 · Wed May 31 2023 00:22:02 GMT+0800 (China Standard Time)

I have found two functions in folly::SSLContext; folly::SSLContext::setServerNameCallback() & folly::SSLContext::addClientHelloCallback(), which purposes my functionality, but to use those I must use folly::AsyncSSLSocket::sslAccept to accept the connection instead of using Fizz.
But I don't know how to use it properly, or its with a bug, folly::AsyncSSLSocket::sslAccept(). And I have raised it as an issue in Facebook::folly github group.https://github.com/facebook/folly/issues/2007. Help me fix this issue.