CSharp Wrapper SNI Support#7610
Conversation
| public static readonly int SUCCESS = 1; | ||
| public static readonly int FAILURE = 0; | ||
| public static readonly int WOLFSSL_SNI_HOST_NAME = 0; | ||
| public static readonly int WOLFSSL_SNI_HOST_NAME_OUTER = 0; |
There was a problem hiding this comment.
Can you please remove WOLFSSL_SNI_HOST_NAME_OUTER here and also in ssl.h. I cannot find any place it is used and its a duplicate value in the enum, which is odd.
… got lost during editing)
… the name client side via -S flag
| /// </summary> | ||
| private static bool haveSNI(string[] args) | ||
| { | ||
| if (args != null && args.Length == 2 && args[0] == "-S") |
There was a problem hiding this comment.
Is this working for you? mono wolfSSL.exe -S shows SNI IS: OFF
| ``` | ||
|
|
||
| Build wolfSSL and install: | ||
| # Build wolfSSL and install |
| ``` | ||
|
|
||
| Build and run the wrapper: | ||
| # Build and run the wrapper |
There was a problem hiding this comment.
Can you also show building the client with mono and add SNI example / docs?
| ``` | ||
|
|
||
| Run the example: | ||
| # Run the example |
- removed tlsext callback (since it's a compatibility one) - updated testing examples and wrapper
dgarske
left a comment
dgarske
left a comment
There was a problem hiding this comment.
Awesome work. Very close to complete!
| /* SNI types */ | ||
| enum { | ||
| WOLFSSL_SNI_HOST_NAME = 0, | ||
| WOLFSSL_SNI_HOST_NAME_OUTER = 0, |
There was a problem hiding this comment.
Note: This was an artifact from an early ECH that was later changed and this was left behind and should be removed.
| * HAVE_LIGHTY || WOLFSSL_HAPROXY || WOLFSSL_OPENSSH || | ||
| * HAVE_SBLIM_SFCB)) */ | ||
|
|
||
| #ifdef HAVE_SNI |
There was a problem hiding this comment.
Note: Moved these outside of the strict compatibility layer macros and made accessible to match the WOLFSSL_CTX member of HAVE_SNI only.
|
|
||
| ### Enabling SNI | ||
|
|
||
| To enable SNI, just pass the `-S` argument with the specified hostname: |
There was a problem hiding this comment.
The server.exe also needs run with -S to work. Please add that to the steps.
| /// wolfSSL. | ||
| /// <param name="args">Parameters passed via command line</param> | ||
| /// </summary> | ||
| private static bool haveSNI(string[] args) |
There was a problem hiding this comment.
Please have this function return int with the index for the i+1 instead of bool, so you don't have to hard code args[1].Trim(); below. Use -1 to indicate not found.
| return; | ||
| } | ||
|
|
||
| if (haveSNI(args)) |
There was a problem hiding this comment.
Update to:
int sniArg = haveSNI(args);
if (sniArg >= 0) {
string sniHostNameString = args[sniArg].Trim();
| string fileCert = @"server-cert.pem"; | ||
| string fileKey = @"server-key.pem"; | ||
| string fileCert = @"../../certs/server-cert.pem"; | ||
| string fileKey = @"../../certs/server-key.pem"; |
There was a problem hiding this comment.
this change has implications on the Windows VS build:
PS D:\work\sni-wrappers\wrapper\CSharp\DLL Debug\Win32> .\wolfSSL-TLS-Server.exe
Calling ctx Init from wolfSSL
Finished init of ctx .... now load in cert and key
Could not find cert or key file
freeing ctx handle
There was a problem hiding this comment.
Might consider logic like wolfssl/test.h ChangeToWolfRoot or gate the path based on _WIN32...
…icates; - Updated all the examples with it;
| return; | ||
| } | ||
|
|
||
| if (!File.Exists(dhparam.ToString())) { |
There was a problem hiding this comment.
I tried this on Visual Studio 2022. Got this error:
The name 'dhparam' does not exist in the current context
wolfSSL-TLS-Server
C:\Users\David Garske\Documents\wolfssl\wrapper\CSharp\wolfSSL-TLS-Server\wolfSSL-TLS-Server.cs
124
dgarske
left a comment
dgarske
left a comment
There was a problem hiding this comment.
Tested on Windows and Linux. Thanks Reda. @JacobBarthelmeh will you give it a final?
4 participants
Description
Fixes zd#17990
Checklist