1SSL_CTX_SET_TLSEXT_SERVERNAME_CALLBACOKpS(eS3nL)S_SCLTX_SET_TLSEXT_SERVERNAME_CALLBACK(3)
2
3
4
6 SSL_CTX_set_tlsext_servername_callback,
7 SSL_CTX_set_tlsext_servername_arg, SSL_get_servername_type,
8 SSL_get_servername, SSL_set_tlsext_host_name - handle server name
9 indication (SNI)
10
12 #include <openssl/ssl.h>
13
14 long SSL_CTX_set_tlsext_servername_callback(SSL_CTX *ctx,
15 int (*cb)(SSL *s, int *al, void *arg));
16 long SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg);
17
18 const char *SSL_get_servername(const SSL *s, const int type);
19 int SSL_get_servername_type(const SSL *s);
20
21 int SSL_set_tlsext_host_name(const SSL *s, const char *name);
22
24 The functionality provided by the servername callback is mostly
25 superseded by the ClientHello callback, which can be set using
26 SSL_CTX_set_client_hello_cb(). However, even where the ClientHello
27 callback is used, the servername callback is still necessary in order
28 to acknowledge the servername requested by the client.
29
30 SSL_CTX_set_tlsext_servername_callback() sets the application callback
31 cb used by a server to perform any actions or configuration required
32 based on the servername extension received in the incoming connection.
33 When cb is NULL, SNI is not used.
34
35 The servername callback should return one of the following values:
36
37 SSL_TLSEXT_ERR_OK
38 This is used to indicate that the servername requested by the
39 client has been accepted. Typically a server will call
40 SSL_set_SSL_CTX() in the callback to set up a different
41 configuration for the selected servername in this case.
42
43 SSL_TLSEXT_ERR_ALERT_FATAL
44 In this case the servername requested by the client is not accepted
45 and the handshake will be aborted. The value of the alert to be
46 used should be stored in the location pointed to by the al
47 parameter to the callback. By default this value is initialised to
48 SSL_AD_UNRECOGNIZED_NAME.
49
50 SSL_TLSEXT_ERR_ALERT_WARNING
51 If this value is returned then the servername is not accepted by
52 the server. However, the handshake will continue and send a
53 warning alert instead. The value of the alert should be stored in
54 the location pointed to by the al parameter as for
55 SSL_TLSEXT_ERR_ALERT_FATAL above. Note that TLSv1.3 does not
56 support warning alerts, so if TLSv1.3 has been negotiated then this
57 return value is treated the same way as SSL_TLSEXT_ERR_NOACK.
58
59 SSL_TLSEXT_ERR_NOACK
60 This return value indicates that the servername is not accepted by
61 the server. No alerts are sent and the server will not acknowledge
62 the requested servername.
63
64 SSL_CTX_set_tlsext_servername_arg() sets a context-specific argument to
65 be passed into the callback (via the arg parameter) for this SSL_CTX.
66
67 The behaviour of SSL_get_servername() depends on a number of different
68 factors. In particular note that in TLSv1.3 the servername is
69 negotiated in every handshake. In TLSv1.2 the servername is only
70 negotiated on initial handshakes and not on resumption handshakes.
71
72 On the client, before the handshake
73 If a servername has been set via a call to
74 SSL_set_tlsext_host_name() then it will return that servername.
75
76 If one has not been set, but a TLSv1.2 resumption is being
77 attempted and the session from the original handshake had a
78 servername accepted by the server then it will return that
79 servername.
80
81 Otherwise it returns NULL.
82
83 On the client, during or after the handshake and a TLSv1.2 (or below)
84 resumption occurred
85 If the session from the original handshake had a servername
86 accepted by the server then it will return that servername.
87
88 Otherwise it returns the servername set via
89 SSL_set_tlsext_host_name() or NULL if it was not called.
90
91 On the client, during or after the handshake and a TLSv1.2 (or below)
92 resumption did not occur
93 It will return the servername set via SSL_set_tlsext_host_name() or
94 NULL if it was not called.
95
96 On the server, before the handshake
97 The function will always return NULL before the handshake
98
99 On the server, after the servername extension has been processed and a
100 TLSv1.2 (or below) resumption occurred
101 If a servername was accepted by the server in the original
102 handshake then it will return that servername, or NULL otherwise.
103
104 On the server, after the servername extension has been processed and a
105 TLSv1.2 (or below) resumption did not occur
106 The function will return the servername requested by the client in
107 this handshake or NULL if none was requested.
108
109 Note that the ClientHello callback occurs before a servername extension
110 from the client is processed. The servername, certificate and ALPN
111 callbacks occur after a servername extension from the client is
112 processed.
113
114 SSL_get_servername_type() returns the servername type or -1 if no
115 servername is present. Currently the only supported type (defined in
116 RFC3546) is TLSEXT_NAMETYPE_host_name.
117
118 SSL_set_tlsext_host_name() sets the server name indication ClientHello
119 extension to contain the value name. The type of server name indication
120 extension is set to TLSEXT_NAMETYPE_host_name (defined in RFC3546).
121
123 Several callbacks are executed during ClientHello processing, including
124 the ClientHello, ALPN, and servername callbacks. The ClientHello
125 callback is executed first, then the servername callback, followed by
126 the ALPN callback.
127
128 The SSL_set_tlsext_host_name() function should only be called on SSL
129 objects that will act as clients; otherwise the configured name will be
130 ignored.
131
133 SSL_CTX_set_tlsext_servername_callback() and
134 SSL_CTX_set_tlsext_servername_arg() both always return 1 indicating
135 success. SSL_set_tlsext_host_name() returns 1 on success, 0 in case of
136 error.
137
139 ssl(7), SSL_CTX_set_alpn_select_cb(3), SSL_get0_alpn_selected(3),
140 SSL_CTX_set_client_hello_cb(3)
141
143 SSL_get_servername() historically provided some unexpected results in
144 certain corner cases. This has been fixed from OpenSSL 1.1.1e.
145
146 Prior to 1.1.1e, when the client requested a servername in an initial
147 TLSv1.2 handshake, the server accepted it, and then the client
148 successfully resumed but set a different explicit servername in the
149 second handshake then when called by the client it returned the
150 servername from the second handshake. This has now been changed to
151 return the servername requested in the original handshake.
152
153 Also prior to 1.1.1e, if the client sent a servername in the first
154 handshake but the server did not accept it, and then a second handshake
155 occurred where TLSv1.2 resumption was successful then when called by
156 the server it returned the servername requested in the original
157 handshake. This has now been changed to NULL.
158
160 Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
161
162 Licensed under the OpenSSL license (the "License"). You may not use
163 this file except in compliance with the License. You can obtain a copy
164 in the file LICENSE in the source distribution or at
165 <https://www.openssl.org/source/license.html>.
166
167
168
1691.1.1k 2021S-S0L3_-C2T6X_SET_TLSEXT_SERVERNAME_CALLBACK(3)