diff options
| author | Scott Deboy <sdeboy@secondstryke.com> | 2013-06-18 14:34:38 -0700 |
|---|---|---|
| committer | Scott Deboy <sdeboy@secondstryke.com> | 2014-02-08 16:12:15 -0800 |
| commit | 038bec784e528ce273169f178c35991fbc3bea92 (patch) | |
| tree | be8a71c2c534db29ea7ee31f1207be9b976b0698 /ssl/s3_lib.c | |
| parent | f407eec799f1f5d271b809875f016f680935567b (diff) | |
Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions)
Removed prior audit proof logic - audit proof support was implemented using the generic TLS extension API
Tests exercising the new supplemental data registration and callback api can be found in ssltest.c.
Implemented changes to s_server and s_client to exercise supplemental data callbacks via the -auth argument, as well as additional flags to exercise supplemental data being sent only during renegotiation.
(cherry picked from commit 36086186a9b90cdad0d2cd0a598a10f03f8f4bcc)
Conflicts:
Configure
apps/s_client.c
apps/s_server.c
ssl/ssl.h
ssl/ssl3.h
ssl/ssltest.c
Diffstat (limited to 'ssl/s3_lib.c')
| -rw-r--r-- | ssl/s3_lib.c | 17 |
1 files changed, 0 insertions, 17 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 372910f573..b03601d6ea 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3029,8 +3029,6 @@ void ssl3_free(SSL *s) SSL_SRP_CTX_free(s); #endif #ifndef OPENSSL_NO_TLSEXT - if (s->s3->tlsext_authz_client_types != NULL) - OPENSSL_free(s->s3->tlsext_authz_client_types); if (s->s3->tlsext_custom_types != NULL) OPENSSL_free(s->s3->tlsext_custom_types); #endif @@ -3078,11 +3076,6 @@ void ssl3_clear(SSL *s) } #endif #ifndef OPENSSL_NO_TLSEXT - if (s->s3->tlsext_authz_client_types != NULL) - { - OPENSSL_free(s->s3->tlsext_authz_client_types); - s->s3->tlsext_authz_client_types = NULL; - } if (s->s3->tlsext_custom_types != NULL) { OPENSSL_free(s->s3->tlsext_custom_types); @@ -3897,10 +3890,6 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) case SSL_CTRL_SET_CHAIN_CERT_STORE: return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg); - case SSL_CTRL_SET_TLSEXT_AUTHZ_SERVER_AUDIT_PROOF_CB_ARG: - ctx->tlsext_authz_server_audit_proof_cb_arg = parg; - break; - #endif /* !OPENSSL_NO_TLSEXT */ /* A Thawte special :-) */ @@ -4023,12 +4012,6 @@ long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void)) ctx->srp_ctx.SRP_give_srp_client_pwd_callback=(char *(*)(SSL *,void *))fp; break; #endif - - case SSL_CTRL_SET_TLSEXT_AUTHZ_SERVER_AUDIT_PROOF_CB: - ctx->tlsext_authz_server_audit_proof_cb = - (int (*)(SSL *, void *))fp; - break; - #endif default: return(0); |