search

facebook / proxygen

A collection of C++ HTTP libraries including an easy to use HTTP server.
Other
8.16k stars 1.5k forks source link

ClientHello Callback #446

Closed SteveSelva closed 1 year ago

SteveSelva commented 1 year ago

Is there any way to insert a callback at clientHello message during the TLS handshake while accepting the connection in proxygen::HTTPServer?

afrind commented 1 year ago

When configured to use OpenSSL as the TLS stack (eg: folly::SSLContext) we do not for sure. The socket abstraction provides a way to set a handshake verification callback, though it might not be plumbed all the way through, and may not be what you're looking for.

I don't think Fizz has this either, but you might need to ask in their repo: https://github.com/facebookincubator/fizz

What is your high-level goal? Maybe there's something else in place that will work.

SteveSelva commented 1 year ago

I want to get the server name from the SNI extension in ClientHello message.

afrind commented 1 year ago

Is it ok to get that after the handshake completes? This is available in the wangle::TransportInfo structure serverName field, which is accessible from your RequestHandler as downstream_->getSetupTransportInfo().

SteveSelva commented 1 year ago

No, I need the server name at the time of ClientHello, so that I can generate Certificate on the fly. Is there any way to get server name in ClientHello message, or any other way to generate Certificate on the fly?