Skip to content

ECH with multiple tenants#10913

Open
sebastian-carpenter wants to merge 1 commit into
wolfSSL:masterfrom
sebastian-carpenter:tls-ech-multi-sni
Open

ECH with multiple tenants#10913
sebastian-carpenter wants to merge 1 commit into
wolfSSL:masterfrom
sebastian-carpenter:tls-ech-multi-sni

Conversation

@sebastian-carpenter

@sebastian-carpenter sebastian-carpenter commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

Description

Add support for ECH with multiple tenants (i.e., multiple private SNI's).

Ran into some issues with the SNI_Callback function when running the new callback tests: *_multi_sni and *_multi_ctx. The server never ack's an SNI that was accepted. This was fixed by adding TLSX_SetResponse(ssl, TLSX_SERVER_NAME) to the default case. Not sure if a new case would be preferred (ack_return?) or if this should be placed in the default since it could affect many users.

ECH testing:

  • Reworked testing (where appropriate) to make use of a 'public' and 'private' cert, switched based on the SNI the client provides.
  • Added multi-sni / multi-ctx tests
  • Added more sni_parse vectors based on the ordering of ECH and SNI in the extensions list
  • Optimized / refactored some tests

ECH code:

  • Reworked some code to make it easier to look at
  • Added / moved some guards
  • echConfig is now referenced through the ech extension only instead of through the ctx as well
  • echConfigs are copied when the ssl's ctx is swapped

client/server examples:

  • Updated to accept an ECH cert/key.
  • Improved logging

openssl interop:

  • Reject config is now built at runtime instead of from a stored config
  • Improved the --reject arg
  • Updated to use the multiple certs

Added certs/keys:

  • ech-public-cert.(pem|der)
  • ech-public-key.(pem|der)
  • tenant-a-cert.(pem|der), uses server-key
  • tenant-b-cert.(pem|der), uses server-key

Updated certs scripts:

  • renewcerts.sh now contains the added certs/keys
  • wolfssl.cnf updated with the cert info
  • gencertbuf.pl updated for builds with no filesystem
  • Updated certs/include.am with the new certs/keys

Checklist

  • added tests
  • updated/added doxygen
  • updated appropriate READMEs
  • Updated manual and documentation

@sebastian-carpenter sebastian-carpenter self-assigned this Jul 15, 2026
Copilot AI review requested due to automatic review settings July 15, 2026 17:31

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds and refines support for TLS 1.3 Encrypted ClientHello (ECH) in multi-tenant server scenarios (multiple private SNI values), including CTX swapping during SNI callback handling, updated examples/interop tooling, and expanded ECH test coverage with new demo certificates.

Changes:

  • Enable multi-tenant ECH by ensuring ECH config material remains available when swapping server WOLFSSL_CTX during SNI callbacks (and by ensuring SNI is properly acknowledged).
  • Refactor/guard ECH handling in core TLS 1.3 codepaths and extension parsing/writing logic.
  • Update tests, examples, and OpenSSL interop scripts to use “public” vs “private” certificates and add new multi-SNI/multi-CTX test cases.

Reviewed changes

Copilot reviewed 20 out of 24 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
wolfssl/test.h Adds ECH cert/key file macros and a helper to print ECH status in examples.
wolfssl/internal.h Updates internal ECH struct flags and exposes internal helper prototypes used by new logic.
wolfssl/certs_test.h Adds embedded DER buffers for the ECH public cert/key (no-filesystem builds).
tests/api.c Expands/refactors ECH tests, adding multi-tenant scenarios and more SNI/ECH parsing vectors.
src/tls13.c Adjusts TLS 1.3 ClientHello and ServerHello ECH handling (state/guards and inner CH header handling).
src/tls.c Exposes TLSX_SNI_GetRequest for tests, tightens ECH parsing, and updates ECH response behavior.
src/ssl.c Ensures ECH config public material is preserved across server CTX swaps (wolfSSL_set_SSL_CTX).
src/ssl_ech.c Implements copying of public ECH config fields into ssl-owned memory for CTX swapping scenarios.
src/internal.c Ensures SNI is properly acknowledged after SNI callback acceptance by setting the extension response.
gencertbuf.pl Adds ECH public cert/key to generated cert buffers list.
examples/server/server.c Adds --ech-cert/--ech-key, SNI callback logic to swap to private cert after ECH acceptance, and improved logging.
examples/client/client.c Prints ECH status after connect attempt to aid debugging/interop.
.github/scripts/openssl-ech.sh Reworks OpenSSL interop to use new public/private certs and runtime reject config corruption.
certs/ech-public-cert.pem Adds public-name demo certificate used for outer/rejected handshakes.
certs/ech-public-key.pem Adds corresponding private key for the public-name demo certificate.
certs/tenant-a-cert.pem Adds tenant A demo certificate for multi-tenant ECH tests/examples.
certs/tenant-b-cert.pem Adds tenant B demo certificate for multi-tenant ECH tests/examples.
certs/renewcerts/wolfssl.cnf Adds OpenSSL config sections for generating the new ECH/tenant certs.
certs/renewcerts.sh Extends cert renewal script to generate new ECH/tenant certs/keys.
certs/include.am Adds new ECH/tenant cert/key files to distribution lists.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread src/ssl_ech.c Outdated
Comment thread tests/api.c
@github-actions

github-actions Bot commented Jul 15, 2026

Copy link
Copy Markdown

@sebastian-carpenter

sebastian-carpenter commented Jul 15, 2026

Copy link
Copy Markdown
Contributor Author

Jenkins retest this please.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants