Hi! In a proxying environment when the client connects to the proxy and it sends the SNI, you have to suspend the handshake with the client side, start the handshake on the serverside, get the certificate from the server, and send that certificate back to the client. This is only possible, if I can suspend the handshake procedure with the client, and continue when I have the certificate from the server.
Right now openssl has some callbacks like the info and msg callbacks but you cannot return from it with let's say: SSL_HANDSHAKE_SUSPEND, or SSL_HANDSHAKE_INTERRUPT or something like that to be able to continue it later. So right now when you return from these and you don't have the certificate set you'll get the: No shared cipher error. The question is that will there'be some kind of way to suspend and continue the handshake? Or is there any other way to do this now? Thank you.
