[gnutls-help] Interrupt and continue handshake from gnutls_handshake_set_post_client_hello_function()

DEXTER mydexterid at gmail.com
Thu May 22 13:00:29 CEST 2014


The main reason is that in a proxying environment when you get the sni from
the client, you need to connect to the server first, get the certificate,
and send that certificate back to the client.
You see that this is only possible if I suspend the handshake with the
client and continue with the server, and after I got the certificate I can
continue with the client.

The callback mechanism in GnuTLS would be good if I could return from it
with something like (SUSPEND, or even E_AGAIN, E_INTERRUPT), and next time
I call the gnutls_handshake function it would continue where it left off.


On Thu, May 22, 2014 at 8:54 AM, Nikos Mavrogiannopoulos <nmav at gnutls.org>wrote:

> On Wed, May 21, 2014 at 11:12 AM, DEXTER <mydexterid at gmail.com> wrote:
> > Hi,
> >
> > I'm trying to write a gnutls server where I can suspend the handshake
> > procedure and then continue.
> > What I'm trying to achieve is to get the SNI from the client, suspend the
> > handshake, do something else depending on the SNI, then come back to the
> > handshake and continue.
>
> Hello,
>  Why not do everything you need in the callback? As it is now the
> callback is not designed to allow interruption as you describe it.
>
> > The question is that is this the way one should do to continue a
> suspended
> > handshake, or is there another way to do it?
>
> Not that I know of. The best you can do is use the callback mechanisms.
>
> regards,
> Nikos
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20140522/80d8d433/attachment-0001.html>


More information about the Gnutls-help mailing list