mbedtls icon indicating copy to clipboard operation
mbedtls copied to clipboard

Published 20 hours ago verified publisher icon Mbed-TLS

Enable use of SNI without x509

Open plskeggs opened this issue 2 years ago • 7 comments

Description

Allow clients to send the server name extension when using PSKs with DTLS instead of only with x509. Some servers require SNI for DTLS and PSK.

Status

DEVELOPMENT

Requires Backporting

NO

Migrations

NO

Todos

  • [ ] Tests
  • [X] Documentation
  • [X] Changelog updated
  • [ ] Backported

Signed-off-by: Pete Skeggs [email protected]

plskeggs avatar Aug 05 '22 21:08 plskeggs

Thank you for contributing this! We don't normally accept new features without tests. Can you please add test cases for SNI with PSK? SNI is tested in ssl-opt.sh, currently (obviously) only with certificates.

gilles-peskine-arm avatar Aug 06 '22 09:08 gilles-peskine-arm

Is there a guide that explains how to write tests for MbedTLS? I've looked at the ssl_opt.sh but it's unclear how it all works.

plskeggs avatar Aug 06 '22 16:08 plskeggs

I'm afraid we don't have any guide for ssl-opt. It should be possible to adapt existing tests though. Search for sni=. In a nutshell, the structure of a test case is:

  • requires_xxx lists compile-time dependencies, for test cases that don't work in all configurations. Some dependencies are autodetected, and there's a preexisting bug that some are missing (for example it looks like the test script would break in a configuration with X.509 but without SNI). So you'll need requires_config_enabled MBEDTLS_SSL_SERVER_NAME_INDICATION.
  • run_test describes what to do in a test case:
    • Argument 1 is the test case description.
    • Argument 2 is the server call.$P_SRV … is programs/ssl/ssl_server2. Use $O_SRV or $G_SRV for interoperability tests with OpenSSL/GnuTLS.
    • Argument 3 is the client call.$P_CLI … is programs/ssl/ssl_server2. Again, $O_CLI or $G_CLI for interoperability.
    • Argument 4 is the expected status code: 0 for success, 1 when the connection is expected to fail.
    • Extra arguments are strings that are expected to be found in the logs, see the run_test usage description.

For a PSK connection, pass e.g. psk=abc123 psk_identity=foo to both server and client (search psk= for examples).

With this knowledge I think you'll be able to adapt the existing SNI tests (search sni=). Don't hesitate to ask if you're stuck.

gilles-peskine-arm avatar Aug 08 '22 09:08 gilles-peskine-arm

I'm afraid we don't have any guide for ssl-opt. It should be possible to adapt existing tests though. Search for sni=. In a nutshell, the structure of a test case is:

  • requires_xxx lists compile-time dependencies, for test cases that don't work in all configurations. Some dependencies are autodetected, and there's a preexisting bug that some are missing (for example it looks like the test script would break in a configuration with X.509 but without SNI). So you'll need requires_config_enabled MBEDTLS_SSL_SERVER_NAME_INDICATION.

  • run_test describes what to do in a test case:

    • Argument 1 is the test case description.
    • Argument 2 is the server call.$P_SRV … is programs/ssl/ssl_server2. Use $O_SRV or $G_SRV for interoperability tests with OpenSSL/GnuTLS.
    • Argument 3 is the client call.$P_CLI … is programs/ssl/ssl_server2. Again, $O_CLI or $G_CLI for interoperability.
    • Argument 4 is the expected status code: 0 for success, 1 when the connection is expected to fail.
    • Extra arguments are strings that are expected to be found in the logs, see the run_test usage description.

For a PSK connection, pass e.g. psk=abc123 psk_identity=foo to both server and client (search psk= for examples).

With this knowledge I think you'll be able to adapt the existing SNI tests (search sni=). Don't hesitate to ask if you're stuck.

Thanks for the tutorial.

It looks like I will need to modify ssl_server2 to accept a new command line argument to specify the SNI name without expecting the 5 additional comma-separated values.

plskeggs avatar Aug 09 '22 00:08 plskeggs

@gilles-peskine-arm any idea why this latest run https://github.com/Mbed-TLS/mbedtls/pull/6176/checks?check_run_id=8437701418 does not provide a way to download the XXX-325.log and XXX-326.log files?

plskeggs avatar Sep 19 '22 22:09 plskeggs

@plskeggs We don't save those logs on Travis. But you can get them from the corresponding OpenCI job (“Artifacts” tab).

gilles-peskine-arm avatar Sep 20 '22 09:09 gilles-peskine-arm

@plskeggs We don't save those logs on Travis. But you can get them from the corresponding OpenCI job (“Artifacts” tab).

Thanks. I just was not patient enough. I see it now.

plskeggs avatar Sep 20 '22 16:09 plskeggs

We are now converting older PRs to draft PRs where the following conditions are met: They have not been updated in the last 3 months, and they need more than non-trivial work to complete.

tom-daubney-arm avatar Jun 15 '23 11:06 tom-daubney-arm