diff options
author | Bodo Möller <bodo@openssl.org> | 2006-01-02 23:14:37 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2006-01-02 23:14:37 +0000 |
commit | ed3883d21bb4ddfc21ec9d154e14e84c85db164d (patch) | |
tree | 90b41ebd80a9ddc73886c2f9d3ff427d48508f21 /ssl/s3_srvr.c | |
parent | ea558241e08c575cfea49732b19eaf14bae9e672 (diff) |
Support TLS extensions (specifically, HostName)
Submitted by: Peter Sylvester
Diffstat (limited to 'ssl/s3_srvr.c')
-rw-r--r-- | ssl/s3_srvr.c | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 18030842b8..25b56fa6fa 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -281,6 +281,17 @@ int ssl3_accept(SSL *s) s->shutdown=0; ret=ssl3_get_client_hello(s); if (ret <= 0) goto end; +#ifndef OPENSSL_NO_TLSEXT + { + int extension_error = 0,al; + if ((al = ssl_check_Hello_TLS_extensions(s,&extension_error)) != SSL_ERROR_NONE){ + ret = -1; + SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_CLIENTHELLO_TLS_EXT); + ssl3_send_alert(s,al,extension_error); + goto end; + } + } +#endif s->new_session = 2; s->state=SSL3_ST_SW_SRVR_HELLO_A; s->init_num=0; @@ -942,6 +953,17 @@ int ssl3_get_client_hello(SSL *s) } } #endif +#ifndef OPENSSL_NO_TLSEXT + /* TLS extensions*/ + if (s->version > SSL3_VERSION) + { + if ((al = ssl_parse_ClientHello_TLS_extensions(s,&p,d,n)) != SSL_ERROR_NONE){ + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_PARSE_TLS_EXT); + ssl3_send_alert(s,SSL3_AL_WARNING,al); + return (ret = al); + } + } +#endif /* Given s->session->ciphers and SSL_get_ciphers, we must * pick a cipher */ @@ -1086,6 +1108,13 @@ int ssl3_send_server_hello(SSL *s) else *(p++)=s->s3->tmp.new_compression->id; #endif +#ifndef OPENSSL_NO_TLSEXT + if ((p = ssl_add_ServerHello_TLS_extensions(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL) + { + SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO,ERR_R_INTERNAL_ERROR); + return -1; + } +#endif /* do the header */ l=(p-d); |