Various changes in the new TLS extension code, including the following:

 - fix indentation
 - rename some functions and macros
 - fix up confusion between SSL_ERROR_... and SSL_AD_... values

15 files changed, 486 insertions, 215 deletions

diff --git a/CHANGES b/CHANGES
index 8023667d75..33d90e8fcf 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,16 +4,33 @@
 
  Changes between 0.9.8a and 0.9.9  [xx XXX xxxx]
 
-  *) Add support for TLS extensions, specifically for the HostName extension.
-     The SSL_SESSION, SSL_CTX, and SSL data structures now have new members
-     for HostName support.
+  *) Add support for TLS extensions, specifically for the HostName extension
+     so far.  The SSL_SESSION, SSL_CTX, and SSL data structures now have new
+     members for HostName support.
+
+     New functions (subject to change):
+
+         SSL_get_servername()
+         SSL_get_servername_type()
+         SSL_set_SSL_CTX()
+
+     New CTRL codes and macros (subject to change):
+
+         SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
+                                 - SSL_CTX_set_tlsext_servername_callback()
+         SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG
+                                      - SSL_CTX_set_tlsext_servername_arg()
+         SSL_CTRL_SET_TLSEXT_HOSTNAME           - SSL_set_tlsext_hostname()
+         SSL_CTRL_GET_TLSEXT_HOSTNAME     [similar to SSL_get_servername()]
+         SSL_CTRL_SET_TLSEXT_SERVERNAME_DONE
+                                         - SSL_set_tlsext_servername_done()
 
      openssl s_client has a new '-servername' option.
 
-     openssl s_server has new options '-servername', '-cert2', and '-key2';
-     this allows testing the HostName extension for a specific single
-     host name ('-cert' and '-key' remain fallbacks for handshakes without
-     HostName negotiation).
+     openssl s_server has new options '-servername', '-cert2', and '-key2'
+     (subject to change); this allows testing the HostName extension for a
+     specific single host name ('-cert' and '-key' remain fallbacks for
+     handshakes without HostName negotiation).
 
      [Peter Sylvester]
 
diff --git a/Configure b/Configure
index c9a30751aa..a8e9bda150 100755
--- a/Configure
+++ b/Configure
@@ -836,6 +836,10 @@ if (defined($disabled{"md5"}) || defined($disabled{"sha"})
 	$disabled{"tls1"} = "forced";
 	}
 
+if (defined($disabled{"tls1"}))
+	{
+	$disabled{"tlsext"} = "forced";
+	}
 
 if ($target eq "TABLE") {
 	foreach $target (sort keys %table) {
diff --git a/apps/s_client.c b/apps/s_client.c
index b5c044bfa7..181cb3f15b 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -239,11 +239,11 @@ typedef struct tlsextctx_st {
 static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg)
 	{
 	tlsextctx * p = (tlsextctx *) arg;
-	const unsigned char * hn= SSL_get_servername(s, TLSEXT_TYPE_SERVER_host);
+	const unsigned char * hn= SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
 	if (SSL_get_servername_type(s) != -1) 
  	        p->ack = !SSL_session_reused(s) && hn != NULL;
 	else 
-		BIO_printf(bio_err,"SSL_get_tlsext_hostname does not work\n");
+		BIO_printf(bio_err,"Can't use SSL_get_servername\n");
 	
 	return SSL_ERROR_NONE;
 	}
diff --git a/apps/s_server.c b/apps/s_server.c
index 068e0c54b1..6c106f7f02 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -539,7 +539,7 @@ typedef struct tlsextctx_st {
 static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg)
 	{
 	tlsextctx * p = (tlsextctx *) arg;
-	const char * servername = SSL_get_servername(s, TLSEXT_TYPE_SERVER_host);
+	const char * servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
         if (servername) 
 		BIO_printf(p->biodebug,"Hostname in TLS extension: \"%s\"\n",servername);
         
@@ -1257,12 +1257,14 @@ bad:
 #endif
 #endif
 
-	if (cipher != NULL) {
-		if(!SSL_CTX_set_cipher_list(ctx,cipher)) {
+	if (cipher != NULL)
+		{
+		if(!SSL_CTX_set_cipher_list(ctx,cipher))
+			{
 			BIO_printf(bio_err,"error setting cipher list\n");
 			ERR_print_errors(bio_err);
 			goto end;
-		}
+			}
 #ifndef OPENSSL_NO_TLSEXT
 		if (ctx2 && !SSL_CTX_set_cipher_list(ctx2,cipher))
 			{
@@ -1271,7 +1273,7 @@ bad:
 			goto end;
 			}
 #endif
-	}
+		}
 	SSL_CTX_set_verify(ctx,s_server_verify,verify_callback);
 	SSL_CTX_set_session_id_context(ctx,(void*)&s_server_session_id_context,
 		sizeof s_server_session_id_context);
@@ -1283,13 +1285,14 @@ bad:
 		SSL_CTX_set_session_id_context(ctx2,(void*)&s_server_session_id_context,
 			sizeof s_server_session_id_context);
 
+		tlsextcbp.biodebug = bio_s_out;
+		SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb);
+		SSL_CTX_set_tlsext_servername_arg(ctx2, &tlsextcbp);
+		SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
+		SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
 		}
-	tlsextcbp.biodebug = bio_s_out;
-	SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb);
-	SSL_CTX_set_tlsext_servername_arg(ctx2, &tlsextcbp);
-	SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
-	SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
 #endif
+
 	if (CAfile != NULL)
 		{
 		SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile));
diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c
index 5a07db158f..3bb5adfa48 100644
--- a/ssl/s23_clnt.c
+++ b/ssl/s23_clnt.c
@@ -55,6 +55,59 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
 
 #include <stdio.h>
 #include "ssl_locl.h"
@@ -352,7 +405,6 @@ static int ssl23_client_hello(SSL *s)
 #ifdef OPENSSL_NO_COMP
 			*(p++)=1;
 #else
-
 			if ((s->options & SSL_OP_NO_COMPRESSION)
 						|| !s->ctx->comp_methods)
 				j=0;
@@ -366,16 +418,16 @@ static int ssl23_client_hello(SSL *s)
 				}
 #endif
 			*(p++)=0; /* Add the NULL method */
+
 #ifndef OPENSSL_NO_TLSEXT
-			if ((p = ssl_add_ClientHello_TLS_extensions(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
-			{
+			if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
+				{
 				SSLerr(SSL_F_SSL3_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
 				return -1;
-			}
+				}
 #endif
 			
 			l = p-d;
-			*p = 42;
 
 			/* fill in 4-byte handshake header */
 			d=&(buf[5]);
diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c
index 8bf044e15f..4da169eb31 100644
--- a/ssl/s23_srvr.c
+++ b/ssl/s23_srvr.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -140,7 +140,7 @@ IMPLEMENT_ssl23_meth_func(SSLv23_server_method,
 int ssl23_accept(SSL *s)
 	{
 	BUF_MEM *buf;
-	unsigned long Time=time(NULL);
+	unsigned long Time=(unsigned long)time(NULL);
 	void (*cb)(const SSL *ssl,int type,int val)=NULL;
 	int ret= -1;
 	int new_state,state;
@@ -416,7 +416,9 @@ int ssl23_get_client_hello(SSL *s)
 		n2s(p,sil);
 		n2s(p,cl);
 		d=(unsigned char *)s->init_buf->data;
-		if ((csl+sil+cl+11) > s->packet_length)
+		if ((csl+sil+cl+11) != s->packet_length) /* We can't have TLS extensions in SSL 2.0 format
+		                                          * Client Hello, can we? Error condition should be
+		                                          * '>' otherweise */
 			{
 			SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_MISMATCH);
 			goto err;
@@ -459,11 +461,14 @@ int ssl23_get_client_hello(SSL *s)
 		*(d++)=1;
 		*(d++)=0;
 		
+#if 0
                 /* copy any remaining data with may be extensions */
-	        p = p+csl+sil+cl ;
-		while (p <  s->packet+s->packet_length) {
+	        p = p+csl+sil+cl;
+		while (p <  s->packet+s->packet_length)
+			{
 			*(d++)=*(p++);
-		}
+			}
+#endif
 
 		i = (d-(unsigned char *)s->init_buf->data) - 4;
 		l2n3((long)i, d_len);
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 7a4f256642..578285230d 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -257,12 +257,14 @@ int ssl3_connect(SSL *s)
 			if (ret <= 0) goto end;
 #ifndef OPENSSL_NO_TLSEXT
 			{
-				int extension_error = 0,al;
-				if ((al = ssl_check_Hello_TLS_extensions(s,&extension_error)) != SSL_ERROR_NONE){
-					ret = -1;
+				int al;
+				if (ssl_check_tlsext(s,&al) <= 0)
+					{
+					ssl3_send_alert(s,SSL3_AL_FATAL,al); /* XXX does this *have* to be fatal? */
 					SSLerr(SSL_F_SSL3_CONNECT,SSL_R_SERVERHELLO_TLS_EXT);
+					ret = -1;
 					goto end;
-				}
+					}
 			}
 #endif
 			if (s->hit)
@@ -613,11 +615,11 @@ int ssl3_client_hello(SSL *s)
 #endif
 		*(p++)=0; /* Add the NULL method */
 #ifndef OPENSSL_NO_TLSEXT
-		if ((p = ssl_add_ClientHello_TLS_extensions(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
-		{
+		if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
+			{
 			SSLerr(SSL_F_SSL3_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
 			goto err;
-		}
+			}
 #endif
 		
 		l=(p-d);
@@ -806,12 +808,14 @@ int ssl3_get_server_hello(SSL *s)
 #ifndef OPENSSL_NO_TLSEXT
 	/* TLS extensions*/
 	if (s->version > SSL3_VERSION)
-	{
-		if ((al = ssl_parse_ServerHello_TLS_extensions(s,&p,d,n)) != SSL_ERROR_NONE){
+		{
+		if (!ssl_parse_serverhello_tlsext(s,&p,d,n, &al))
+			{
+			/* 'al' set by ssl_parse_serverhello_tlsext */
 			SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_PARSE_TLS_EXT);
 			goto f_err; 
+			}
 		}
-	}
 #endif
 
 	if (p != (d+n))
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 845e5a16c5..c3bedf20ff 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -1645,16 +1645,21 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 #endif /* !OPENSSL_NO_ECDH */
 #ifndef OPENSSL_NO_TLSEXT
 	case SSL_CTRL_GET_TLSEXT_HOSTNAME:	
-		if (larg != TLSEXT_TYPE_SERVER_host)
+		if (larg != TLSEXT_NAMETYPE_host_name)
 			{
 			SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
 			return(0);
 			}
-	   	*((char **) parg) = s->session&&s->session->tlsext_hostname?s->session->tlsext_hostname:s->tlsext_hostname;
+		/* XXX cf. SSL_get_servername() (ssl_lib.c) */
+		if (s->session && s->session->tlsext_hostname)
+			*((char **) parg) = s->session->tlsext_hostname;
+		else
+			*((char **) parg) = s->tlsext_hostname;
 		ret = 1;
-                break;
+		break;
 	case SSL_CTRL_SET_TLSEXT_HOSTNAME:
- 		if (larg == TLSEXT_TYPE_SERVER_host) {
+ 		if (larg == TLSEXT_NAMETYPE_host_name)
+			{
 			if (s->tlsext_hostname != NULL) 
 				OPENSSL_free(s->tlsext_hostname);
 			s->tlsext_hostname = NULL;
@@ -1662,19 +1667,23 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 			ret = 1;
 			if (parg == NULL) 
 				break;
-			if (strlen((char *)parg) > 255) {
+			if (strlen((char *)parg) > 255)
+				{
 				SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
 				return 0;
-			}
-			if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL) {
+				}
+			if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL)
+				{
 				SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
 				return 0;
+				}
 			}
-		} else {
+		else
+			{
 			SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
 			return 0;
-		}
-		s->options |= SSL_OP_NO_SSLv2;
+			}
+		s->options |= SSL_OP_NO_SSLv2; /* can't use extension w/ SSL 2.0 format */
  		break;
 	case SSL_CTRL_SET_TLSEXT_SERVERNAME_DONE:
 		s->servername_done = larg;
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 25b56fa6fa..954959404a 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -283,13 +283,14 @@ int ssl3_accept(SSL *s)
 			if (ret <= 0) goto end;
 #ifndef OPENSSL_NO_TLSEXT
 			{
-				int extension_error = 0,al;
-				if ((al = ssl_check_Hello_TLS_extensions(s,&extension_error)) != SSL_ERROR_NONE){
-					ret = -1;
+				int al;
+				if (ssl_check_tlsext(s,&al) <= 0)
+					{
+					ssl3_send_alert(s,SSL3_AL_FATAL,al); /* XXX does this *have* to be fatal? */
 					SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_CLIENTHELLO_TLS_EXT);
-					ssl3_send_alert(s,al,extension_error);
+					ret = -1;
 					goto end;
-				}
+					}
 			}
 #endif
 			s->new_session = 2;
@@ -937,32 +938,17 @@ int ssl3_get_client_hello(SSL *s)
 		}
 #endif
 
-	/* TLS does not mind if there is extra stuff */
-#if 0   /* SSL 3.0 does not mind either, so we should disable this test
-         * (was enabled in 0.9.6d through 0.9.6j and 0.9.7 through 0.9.7b,
-         * in earlier SSLeay/OpenSSL releases this test existed but was buggy) */
-	if (s->version == SSL3_VERSION)
-		{
-		if (p < (d+n))
-			{
-			/* wrong number of bytes,
-			 * there could be more to follow */
-			al=SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
-			goto f_err;
-			}
-		}
-#endif
 #ifndef OPENSSL_NO_TLSEXT
 	/* TLS extensions*/
 	if (s->version > SSL3_VERSION)
-	{
-		if ((al = ssl_parse_ClientHello_TLS_extensions(s,&p,d,n)) != SSL_ERROR_NONE){
+		{
+		if (!ssl_parse_clienthello_tlsext(s,&p,d,n, &al))
+			{
+			/* 'al' set by ssl_parse_clienthello_tlsext */
 			SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_PARSE_TLS_EXT);
-			ssl3_send_alert(s,SSL3_AL_WARNING,al);
-			return (ret = al);
+			goto f_err;
+			}
 		}
-	}
 #endif
 
 	/* Given s->session->ciphers and SSL_get_ciphers, we must
@@ -1109,11 +1095,11 @@ int ssl3_send_server_hello(SSL *s)
 			*(p++)=s->s3->tmp.new_compression->id;
 #endif
 #ifndef OPENSSL_NO_TLSEXT
-		if ((p = ssl_add_ServerHello_TLS_extensions(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
-		{
+		if ((p = ssl_add_serverhello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
+			{
 			SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO,ERR_R_INTERNAL_ERROR);
 			return -1;
-		}
+			}
 #endif
 
 		/* do the header */
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 29f1e0beec..17d2103aac 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -109,7 +109,7 @@
  *
  */
 /* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -172,11 +172,6 @@
 
 #include <openssl/e_os2.h>
 
-#ifdef OPENSSL_NO_TLS1
-#	ifndef OPENSSL_NO_TLSEXT 
-#		define OPENSSL_NO_TLSEXT
-#	endif
-#endif
 #ifndef OPENSSL_NO_COMP
 #include <openssl/comp.h>
 #endif
@@ -765,11 +760,10 @@ struct ssl_ctx_st
 	unsigned int max_send_fragment;
 
 #ifndef OPENSSL_NO_TLSEXT
-    /* TLS extensions servername callback */
+	/* TLS extensions servername callback */
 	int (*tlsext_servername_callback)(SSL*, int *, void *);
 	void *tlsext_servername_arg;
 #endif
-
 	};
 
 #define SSL_SESS_CACHE_OFF			0x0000
@@ -994,11 +988,11 @@ struct ssl_st
 	unsigned int max_send_fragment;
 #ifndef OPENSSL_NO_TLSEXT
 	char *tlsext_hostname;
-        int servername_done;   /* no further mod of servername 
-                                  0 : call the servername extension callback.
-                                  1 : prepare 2, allow last ack just after in server callback.
-                                  2 : don't call servername callback, no ack in server hello
-                               */
+	int servername_done;   /* no further mod of servername 
+	                          0 : call the servername extension callback.
+	                          1 : prepare 2, allow last ack just after in server callback.
+	                          2 : don't call servername callback, no ack in server hello
+	                       */
 #endif
 	};
 
@@ -1145,9 +1139,7 @@ size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
 #define SSL_AD_INTERNAL_ERROR		TLS1_AD_INTERNAL_ERROR	/* fatal */
 #define SSL_AD_USER_CANCELLED		TLS1_AD_USER_CANCELLED
 #define SSL_AD_NO_RENEGOTIATION		TLS1_AD_NO_RENEGOTIATION
-#ifndef OPENSSL_NO_TLSEXT
 #define SSL_AD_UNRECOGNIZED_NAME	TLS1_AD_UNRECOGNIZED_NAME
-#endif
 
 #define SSL_ERROR_NONE			0
 #define SSL_ERROR_SSL			1
@@ -1208,6 +1200,13 @@ size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
 
 #define SSL_CTRL_SET_MAX_SEND_FRAGMENT		52
 
+/* see tls.h for macros based on these */
+#define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB	53
+#define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG	54
+#define SSL_CTRL_SET_TLSEXT_HOSTNAME		55
+#define SSL_CTRL_GET_TLSEXT_HOSTNAME		56
+#define SSL_CTRL_SET_TLSEXT_SERVERNAME_DONE	57
+
 #define SSL_session_reused(ssl) \
 	SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
 #define SSL_num_renegotiations(ssl) \
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index afe7162ab7..841d75d585 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -58,7 +58,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -1315,27 +1315,30 @@ err:
 	return(NULL);
 	}
 
+
 #ifndef OPENSSL_TLSEXT
-/** return a servername extension value if provided in CLIENT HELLO
- * or NULL. 
- * For the moment, only hostname types are supported. 
+/** return a servername extension value if provided in Client Hello, or NULL. 
+ * So far, only host_name types are defined (RFC 3546).
  */
 
-const char *SSL_get_servername(const SSL *s, const int type) {
-
-	if (type != TLSEXT_TYPE_SERVER_host) 
+const char *SSL_get_servername(const SSL *s, const int type)
+	{
+	if (type != TLSEXT_NAMETYPE_host_name)
 		return NULL;
-	return s->session /*&&s->session->tlsext_hostname*/?s->session->tlsext_hostname:s->tlsext_hostname;
-}
-
-int SSL_get_servername_type(const SSL *s) {
+	/* XXX cf. SSL_CTRL_GET_TLSEXT_HOSTNAME case in ssl3_ctrl (s3_lib.c) */
+	return s->session /*&&s->session->tlsext_hostname*/ ?
+		s->session->tlsext_hostname :
+		s->tlsext_hostname;
+	}
 
-	if (s->session &&s->session->tlsext_hostname ?s->session->tlsext_hostname:s->tlsext_hostname) 
-		return TLSEXT_TYPE_SERVER_host;
+int SSL_get_servername_type(const SSL *s)
+	{
+	if (s->session &&s->session->tlsext_hostname ? s->session->tlsext_hostname : s->tlsext_hostname) 
+		return TLSEXT_NAMETYPE_host_name;
 	return -1;
-}
-
+	}
 #endif
+
 unsigned long SSL_SESSION_hash(const SSL_SESSION *a)
 	{
 	unsigned long l;
@@ -1488,7 +1491,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
 	ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
 
 #ifndef OPENSSL_NO_TLSEXT
-	ret->tlsext_servername_callback = NULL;
+	ret->tlsext_servername_callback = 0;
 	ret->tlsext_servername_arg = NULL;
 #endif
 	return(ret);
@@ -2442,7 +2445,6 @@ SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl)
 
 SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx)
 	{
-
 	if (ssl->cert != NULL)
 		ssl_cert_free(ssl->cert);
 	ssl->cert = ssl_cert_dup(ctx->cert);
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 26a062fdcd..ccc490aaf1 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -941,10 +941,10 @@ int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs);
 SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
 
 #ifndef OPENSSL_NO_TLSEXT
-unsigned char *ssl_add_ClientHello_TLS_extensions(SSL *s, unsigned char *p, unsigned char *limit); 
-unsigned char *ssl_add_ServerHello_TLS_extensions(SSL *s, unsigned char *p, unsigned char *limit); 
-int ssl_parse_ClientHello_TLS_extensions(SSL *s, unsigned char **data, unsigned char *d, int n);
-int ssl_parse_ServerHello_TLS_extensions(SSL *s, unsigned char **data, unsigned char *d, int n);
-int ssl_check_Hello_TLS_extensions(SSL *s,int *ad);
+unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit); 
+unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit); 
+int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n, int *al);
+int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n, int *al);
+int ssl_check_tlsext(SSL *s,int *al);
 #endif
 #endif
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 6c2c04bf0f..16162fa951 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -55,6 +55,59 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
 
 #include <stdio.h>
 #include <openssl/lhash.h>
@@ -550,8 +603,7 @@ void SSL_SESSION_free(SSL_SESSION *ss)
 	if (ss->peer != NULL) X509_free(ss->peer);
 	if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers);
 #ifndef OPENSSL_NO_TLSEXT
-	if (ss->tlsext_hostname != NULL)
-		OPENSSL_free(ss->tlsext_hostname);
+	if (ss->tlsext_hostname != NULL) OPENSSL_free(ss->tlsext_hostname);
 #endif
 	OPENSSL_cleanse(ss,sizeof(*ss));
 	OPENSSL_free(ss);
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index ff5bc58ce7..b248dab361 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -55,6 +55,59 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
 
 #include <stdio.h>
 #include <openssl/objects.h>
@@ -101,41 +154,43 @@ void tls1_clear(SSL *s)