Hi,
I am running into a couple of issues while using these two extensions
together in 0.9.8j. They are working fine independently though.
First issue is the order of callback invocation for these extensions.
Ticket key callback is invoked ahead of the servername one. In my case,
the ticket decryption key is tied to the incoming servername extension,
and I need to know the servername value to return the right key in the
ticket key callback. So, is there anyway to get to the servername value
in the ticket key callback ?
Second, when server failed to decrypt the ticket, it is sending empty
servername and ticket extensions in its hello message, and the client
doesn't seem to like it. It is throwing a decode error while processing
the servername extension.
Here is the extension dump on the client side:
<<< TLS 1.0 Handshake [length 0034], ServerHello
02 00 00 30 03 01 4a 9f ff 08 9d eb af bd ae 57
01 ef 40 27 db df 69 0d dc 5a 0e 2b 99 b8 d0 d7
09 39 99 81 d3 f4 00 00 35 00 00 08 00 00 00 00
00 23 00 00
TLS server extension "server name" (id=0), len=0
TLS server extension "server ticket" (id=35), len=0
>>> TLS 1.0 Alert [length 0002], fatal decode_error
02 32
Here is the code where the error is thrown from:
ssl/t1_lib.c:
ssl_parse_serverhello_tlsext()
{
....
if (!s->hit && tlsext_servername == 1)
{
if (s->tlsext_hostname)
{
if (s->session->tlsext_hostname == NULL) ----> This is
filled from the cached ticket that client sent in it's hello.
{
...........
}
else
{
*al = SSL_AD_DECODE_ERROR; ----> Error here.
return 0;
}
}
}
}
Can some one comment on whether it is usage error or a bug.
Thanks,
Sreekanth.
