Anyone good with C/C++ and the ClientHello message who can help me out here? I wrote the callback to SSL_CTX_set_client_hello_cb like this:
static int set_alpn_cb(SSL* ssl, int alert, void* arg) {
constexpr int ext_type{ TLSEXT_TYPE_application_layer_protocol_negotiation };
int extensions[1]{ ext_type };
std::size_t extensions_len{ 1u };
int extensions_present{ SSL_client_hello_get1_extensions_present(ssl,
reinterpret_cast<int**>(extensions), &extensions_len) };
const unsigned char** alpn_str;
std::size_t alpn_str_len{};
// 1 means success
if (extensions_present == 1)
{
SSL_client_hello_get0_ext(ssl, ext_type, alpn_str, &alpn_str_len);
std::cout << "alpn_str: " << alpn_str << std::endl;
}
}
(not sure if I did this right, and also don't know how to actually get the ALPN and choose a protocol with this since the
out parameter is of type
const unsigned char** meaning it can't be modified inside the function either, or else I could've expected the ALPN string to be in there after the function returns.)
And I called the SSL_CTX_set_client_hello_cb function like this (inside the function where I'm doing the TLS handshake for
the server):
auto* ssl_ctx{ ctx.native_handle() };
SSL* ssl{};
void* arg{};
SSL_CTX_set_client_hello_cb(ssl_ctx, &set_alpn_cb, nullptr);
And now I have an error saying:
error C2664: 'void SSL_CTX_set_client_hello_cb(SSL_CTX *,SSL_client_hello_cb_fn,void *)': cannot convert argument 2 from 'int (__cdecl *)(SSL *,int,void *)' to 'SSL_client_hello_cb_fn'
Without the
& in front, I get this error:
error C2664: 'void SSL_CTX_set_client_hello_cb(SSL_CTX *,SSL_client_hello_cb_fn,void *)': cannot convert argument 2 from 'int (__cdecl *)(SSL *,int,void *)' to 'SSL_client_hello_cb_fn'
Someone please help, if possible. Thanks.
-------- Original Message --------
*Subject:* Re: SSL_CTX_set_alpn_select_cb and Other OpenSSL API ALPN Functions + Their Callbacks *From:* Osman Zakir <osmanzakir90@xxxxxxxxxxx> *To:* "angus@xxxxxxxxxxxx" <angus@xxxxxxxxxxxx> *Date:* Sat, 30 Jul 2022 16:51:36 +0000 > Sorry, I can not educate you in how write C programmes. I'm not asking you to. I'm only asking if there are good examples of C/C++ code using the function properly. And at least answer my question about the wire-format for HTTP/2, please. And what does the value of the SSL* pointer have to be? -------- Original Message -------- *Subject:* Re: SSL_CTX_set_alpn_select_cb and Other OpenSSL API ALPN Functions + Their Callbacks *From:* Osman Zakir <osmanzakir90@xxxxxxxxxxx> *To:* "angus@xxxxxxxxxxxx" <angus@xxxxxxxxxxxx> *Date:* Sat, 30 Jul 2022 14:41:04 +0000 > There is a detailed OpenSSL manaul page for >SSL_CTX_set_client_hello_cb. I took a look at that and have some questions: In the callback function arguments, would it be okay to pass 0 as the second argument if I have no error to alert? What should the third argument be? The protocol in wire-format? And what do pass as the first argument? The SSL_CTX? I also don't really get the wire-format itself. Is HTTP/2 guaranteed to always be represented by the char array {6, 's', 'p', 'd', 'y', '/', '1'}_? > Google brings up lots of examples of it being used. Having some trouble finding them. > My own implementation is open source at: > https://svn.overbyte.be/svn/ics/trunk/Source/OverbyteIcsWSocket.pas > but is Delphi/pascal language. Thanks for that, but I don't really understand Pascal. I need a good C or C++ example. Osman -------- Original Message -------- *Subject:* Re: SSL_CTX_set_alpn_select_cb and Other OpenSSL API ALPN Functions + Their Callbacks *From:* Osman Zakir <osmanzakir90@xxxxxxxxxxx> *To:* "angus@xxxxxxxxxxxx" <angus@xxxxxxxxxxxx> *Date:* Sat, 30 Jul 2022 00:50:56 +0000 Thanks for the reply. So, how do I write the SSL_client_hello_cb_fn callback? I need some examples for this and also for parsing whatever I need to parse to get the TLSEXT_TYPE_server_name and TLSEXT_TYPE_application_layer_protocol_negotiation that I need. I'm sorry about this but I'm completely new to using OpenSSL directly and also to ALPN. I'm not a networking person or library author originally, so I also had to read up on ASIO before I could use Boost.Beast to write my app server. Difference is that ASIO and Beast are at least documented well and the latter even has server and client examples that are their own self-contained apps that you can just take and work with. [Sorry for the top-posting, but hotmail isn't letting me fix it for some reason; it used to before.] ________________________________ From: openssl-users <openssl-users-bounces@xxxxxxxxxxx> on behalf of Angus Robertson - Magenta Systems Ltd <angus@xxxxxxxxxxxx> Sent: Friday, July 29, 2022 9:22 PM To: openssl-users@xxxxxxxxxxx <openssl-users@xxxxxxxxxxx> Subject: Re: SSL_CTX_set_alpn_select_cb and Other OpenSSL API ALPN Functions + Their Callbacks > I don't understand how to write the callback functions some of > the OpenSSL ALPN functions expect, and the manual really isn't > helping there either, so I'd like some help. Use SSL_CTX_set_client_hello_cb to set a SSL_client_hello_cb_fn function, which you can parse to get TLSEXT_TYPE_server_name and TLSEXT_TYPE_application_layer_protocol_negotiation, and everything else sent in the Client Hello (if you need it) like SSL versions and ciphers supported. Within this callback you can change SSL_CTX depending on SNI and ALPN. Ignore the SNI and ALPN callbacks. client_hello_cb was only added in 1.1.1 so is often missing from old examples, FAQs and manuals. Angus -- *Included Files:* am2file:001-HTML_Message.html -- *Included Files:* am2file:001-HTML_Message.html -- *Included Files:* am2file:001-HTML_Message.html |