SSL_CTX_use_serverinfo doesn't work #18183
Description
I use SSL_CTX_use_serverinfo() to send extension data (extension number 18, signed certificate timestamp) in my test server. I use command openssl s_client -CAfile testca.pem -connect 127.0.0.1:24323 -serverinfo 18 to connect to my test server. I expect to see the extension data I set by SSL_CTX_use_serverinfo in the s_client command output, but I didn't get it. Below is my test server code and the command output. I'm using OpenSSL 1.1.1k 25 Mar 2021. Where am I doing wrong?
#include <openssl/ct.h>
#include <openssl/pem.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#include <string.h>
#include <memory.h>
#include <stdio.h>
#include <stdlib.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#define PORT 24323
unsigned char serverinfo18[] = {
0x00, 0x12,
0x00, 0x03,
0x04, 0x05, 0x06
};
int main() {
struct sockaddr_in addr;
addr.sin_family = AF_INET;
addr.sin_port = htons(PORT);
addr.sin_addr.s_addr = htonl(INADDR_ANY);
int sock = socket(AF_INET, SOCK_STREAM, 0);
if (sock < 0) {
perror("Unable to create socket");
exit(EXIT_FAILURE);
}
if (bind(sock, (struct sockaddr*)&addr, sizeof(addr)) < 0) {
perror("Unable to bind");
exit(EXIT_FAILURE);
}
if (listen(sock, 1) < 0) {
perror("Unable to listen");
exit(EXIT_FAILURE);
}
SSL_CTX *ctx = SSL_CTX_new(TLS_server_method());
if (!ctx) {
ERR_print_errors_fp(stderr);
exit(EXIT_FAILURE);
}
SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);
SSL_CTX_set_options(ctx, SSL_OP_NO_RENEGOTIATION);
if (SSL_CTX_use_certificate_file(ctx, "tmp.crt", SSL_FILETYPE_ASN1) <= 0) {
ERR_print_errors_fp(stderr);
exit(EXIT_FAILURE);
}
if (SSL_CTX_use_PrivateKey_file(ctx, "tmp.key", SSL_FILETYPE_PEM) <= 0 ) {
ERR_print_errors_fp(stderr);
exit(EXIT_FAILURE);
}
if (SSL_CTX_use_serverinfo(ctx, serverinfo18, sizeof(serverinfo18)) != 1) {
ERR_print_errors_fp(stderr);
exit(EXIT_FAILURE);
}
while (1) {
struct sockaddr_in saddr;
unsigned int len = sizeof(saddr);
SSL *ssl;
int client = accept(sock, (struct sockaddr*)&saddr, &len);
if (client < 0) {
perror("Unable to accept");
continue;
}
ssl = SSL_new(ctx);
if (ssl == NULL) {
ERR_print_errors_fp(stderr);
goto err;
}
if (SSL_set_fd(ssl, client) != 1) {
ERR_print_errors_fp(stderr);
goto err;
}
SSL_set_accept_state(ssl);
if (SSL_do_handshake(ssl) <= 0) {
ERR_print_errors_fp(stderr);
goto err;
}
char reply[] = "hello, client\n";
if (SSL_write(ssl, reply, sizeof(reply)) <= 0) {
ERR_print_errors_fp(stderr);
goto err;
}
err:
SSL_shutdown(ssl);
SSL_free(ssl);
}
}$ openssl s_client -CAfile testca.pem -connect 127.0.0.1:24323 -serverinfo 18
CONNECTED(00000003)
Can't use SSL_get_servername
depth=1 O = Go, CN = Go Root
verify return:1
depth=0 O = Go, CN = Go
verify return:1
---
Certificate chain
0 s:O = Go, CN = Go
i:O = Go, CN = Go Root
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICSzCCAbSgAwIBAgIJAOjwnT/iW+qmMA0GCSqGSIb3DQEBCwUAMB8xCzAJBgNV
BAoTAkdvMRAwDgYDVQQDEwdHbyBSb290MB4XDTE2MDEwMTAwMDAwMFoXDTI1MDEw
MTAwMDAwMFowGjELMAkGA1UEChMCR28xCzAJBgNVBAMTAkdvMIGfMA0GCSqGSIb3
DQEBAQUAA4GNADCBiQKBgQDbRn2TLhInBki8Bighq37EtqJd/h5SRYh6NkelCA2S
QlvCgcC+l3mYQPtPbRT9KxOLwqUuZ9jUCZ7WIji3Sgt0cyvCNPHRk+WW2XR781if
bGE8wLBB1NkrKyQjd1scO711Xc4gVM+hY4cdHiTE8x0aUIuqthRD7ZendWL0FMhS
1wIDAQABo4GTMIGQMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD
AQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAZBgNVHQ4EEgQQn5EWH0NDPkmm3m22
gNefYDAbBgNVHSMEFDASgBBIE0lNE34WMbujAdWsq257MBkGA1UdEQQSMBCCDmV4
YW1wbGUuZ29sYW5nMA0GCSqGSIb3DQEBCwUAA4GBAJ0wzEArW1CgYcu65VNY4e2D
KKlYGqk4pJWhrDFaGoRmPUPTLdkL8pff0yBkOJIkOgC8z5x9t0AgAV+q0xZhCaJ2
/RPDzOEMXO6xh4LxbATtc7uzQ3eNDBzxD6HYQINhyUxyK52u20YGBk30wbM+wNG9
QtTb/j0TYIRcIdM76frn
-----END CERTIFICATE-----
subject=O = Go, CN = Go
issuer=O = Go, CN = Go Root
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 1019 bytes and written 377 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 1024 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_256_GCM_SHA384
Session-ID: 61BDA3E918B236B27476CC7A9C89B7187687BFAC771B04DF63DC8FD5653327A9
Session-ID-ctx:
Resumption PSK: C258EF05B90D05472DDC88ECF057F947AC5B6A93508469E62990EA2447149ECD809BCA406D8C8D58C5AD64B225C40FC7
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 7200 (seconds)
TLS session ticket:
0000 - fe ac 11 13 3c 3e 88 4e-ae 67 59 fb fd 87 82 b3 ....<>.N.gY.....
0010 - 1e 7d eb 93 95 c2 b6 ee-c6 15 a3 80 10 5e 07 33 .}...........^.3
0020 - 8b 15 a2 85 8a 9c 10 b8-31 5e d5 8b 58 5e a4 0a ........1^..X^..
0030 - 2f 99 6a 98 6a 87 70 ef-09 57 b4 a4 30 4d 90 8e /.j.j.p..W..0M..
0040 - fc 9b 93 2b 3c 70 b8 f4-9f 9c 11 24 05 6d 33 2d ...+<p.....$.m3-
0050 - e6 06 12 74 f8 0a dc dc-02 27 38 37 b3 31 9d c4 ...t.....'87.1..
0060 - 3c ed 10 71 13 3e 82 7a-08 b2 d6 be 81 1d 6b 5e <..q.>.z......k^
0070 - 99 e0 29 36 06 6c 92 1d-40 2f 8a 87 a9 80 2b c8 ..)6.l..@/....+.
0080 - 49 6c 73 43 a0 28 03 f7-40 c2 1c a4 e5 54 44 80 IlsC.([email protected].
0090 - 39 2a 52 fb 37 bb 22 62-a8 27 f1 90 19 72 1c cc 9*R.7."b.'...r..
00a0 - b6 3b d9 c2 85 e3 24 2a-76 85 b1 38 f9 53 21 02 .;....$*v..8.S!.
00b0 - 8e 02 b2 a3 a8 6d 6b 3e-eb bb d2 cc b0 da 6b 0d .....mk>......k.
Start Time: 1650977090
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Max Early Data: 0
---
read R BLOCK
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_256_GCM_SHA384
Session-ID: 82D2D7274265C2607C80319CF0BB363B03FA6D0F1DC0E0349304BCE164B087C2
Session-ID-ctx:
Resumption PSK: 6E38963F268400A69DE956E2DB4D7533309FD899D6F81F9B7B008E924619A68C7A637C02B65ABCE01F5E19EE7B38C6F3
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 7200 (seconds)
TLS session ticket:
0000 - fe ac 11 13 3c 3e 88 4e-ae 67 59 fb fd 87 82 b3 ....<>.N.gY.....
0010 - 65 c5 08 e0 2c 30 bf 66-88 d5 5b 0e 11 30 3e 16 e...,0.f..[..0>.
0020 - ef 66 2c 02 10 3a 29 9c-25 75 c7 4e 1d 2b c4 f6 .f,..:).%u.N.+..
0030 - ef 38 b0 77 f9 c4 29 76-af a3 47 7f e8 35 61 10 .8.w..)v..G..5a.
0040 - b5 4f 4a 66 7f e0 57 72-14 5c 83 02 b6 04 2b 88 .OJf..Wr.\....+.
0050 - 85 b0 ae c4 1c 1f e6 a3-28 9b 9f 66 8c 86 80 3f ........(..f...?
0060 - a7 5e bf 22 a3 aa 6c 9d-c1 0c 41 f4 3c 9c c4 d8 .^."..l...A.<...
0070 - 10 42 b4 64 66 8e a8 3e-ba f2 0e c3 b9 90 e6 5c .B.df..>.......\
0080 - db 11 75 bb b0 3d ac 71-c5 ef db 39 e1 92 83 0f ..u..=.q...9....
0090 - 50 dd 99 2b 02 8b 19 05-da 94 49 ed 33 d1 9d 9c P..+......I.3...
00a0 - be d3 dd ef ac e4 6a ee-ec 27 c7 55 08 f6 5f b5 ......j..'.U.._.
00b0 - 5d c5 ff 87 bc 1f 71 1a-09 21 d5 21 1a a4 06 e0 ].....q..!.!....
Start Time: 1650977090
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Max Early Data: 0
---
read R BLOCK
hello, client
closed