Skip to content

OpenSSL: Let people opt-in to use TLS 1.3 PSK callback

It's a workaround for the workaround...

If TLS 1.3 was explicitly chosen and the PSK callback is set then without this patch the callback is never called since, with TLS 1.3, PSK would only be queried once at the start of a connection.

It can now be re-enabled with an environment variable. A new API should be added to address the new requirements of PSK with TLS 1.3: For session resumption the connection MUST use the same hash algorithm as in the original session. For new sessions the hash algorithm must be decided ahead of time, or a default will be used (as defined by the standard). A user can also pass along multiple identity+key pairs and the server will pick one it recognizes. This is not something we can currently do with the preSharedKeyAuthenticationRequired callback.

[ChangeLog][Network][QSslSocket][OpenSSL] When using TLS 1.3 we suppress the first callback from OpenSSL about pre-shared keys, as it doesn't conform to the past behavior which preSharedKeyAuthenticationRequired provided. With this update you can opt-out of that workaround by setting the QT_USE_TLS_1_3_PSK environment variable

  • asturm 2021-10-16: Fix conflicts caused by preceding dev branch commits: b477d823 which renamed src/network/ssl/{qsslsocket => qtls}_openssl.cpp d385158d which moved src/{network/ => plugins/tls/open}ssl/qtls_openssl.cpp and changed q_ssl_psk_client_callback, q_ssl_psk_restore_client from unsigned int to unsigned retVal

Pick-to: 6.2 6.1 5.15 Task-number: QTBUG-95670 Change-Id: Ia7454bbbf394cbcb859de333b371d0890b42a1c3 Reviewed-by: Timur Pocheptsov (cherry picked from commit 2e520f29)

Merge request reports