Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions)

Removed prior audit proof logic - audit proof support was implemented using the generic TLS extension API Tests exercising the new supplemental data registration and callback api can be found in ssltest.c. Implemented changes to s_server and s_client to exercise supplemental data callbacks via the -auth argument, as well as additional flags to exercise supplemental data being sent only during renegotiation.
author: Scott Deboy <sdeboy@secondstryke.com> 2013-06-18 14:34:38 -0700
committer: Ben Laurie <ben@links.org> 2013-09-06 13:59:13 +0100
commit: 36086186a9b90cdad0d2cd0a598a10f03f8f4bcc (patch)
tree: a145840fa49b4951e052274b00a6cd9296964954 /ssl/s23_clnt.c
parent: cda01d55ba9f238d8892c8e909580030ea5b3ebd (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c
index 15da654bf1..15878c66e1 100644
--- a/ssl/s23_clnt.c
+++ b/ssl/s23_clnt.c
@@ -340,10 +340,10 @@ static int ssl23_client_hello(SSL *s)
 		if (s->ctx->tlsext_opaque_prf_input_callback != 0 || s->tlsext_opaque_prf_input != NULL)
 			ssl2_compat = 0;
 #endif
-		if (s->ctx->tlsext_authz_server_audit_proof_cb != NULL)
-			ssl2_compat = 0;
 		if (s->ctx->custom_cli_ext_records_count != 0)
 			ssl2_compat = 0;
+		if (s->ctx->cli_supp_data_records_count != 0)
+			ssl2_compat = 0;
 		}
 #endif
author	Scott Deboy <sdeboy@secondstryke.com>	2013-06-18 14:34:38 -0700
committer	Ben Laurie <ben@links.org>	2013-09-06 13:59:13 +0100
commit	36086186a9b90cdad0d2cd0a598a10f03f8f4bcc (patch)
tree	a145840fa49b4951e052274b00a6cd9296964954 /ssl/s23_clnt.c
parent	cda01d55ba9f238d8892c8e909580030ea5b3ebd (diff)