diff options
author | Matt Caswell <matt@openssl.org> | 2017-04-05 11:59:23 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-04-07 13:41:04 +0100 |
commit | 43ae5eed6f8665b88f45445df666ab2688aae7b0 (patch) | |
tree | 33413025b37f6fb6f4d406591c9fbbb066702d1b /ssl/ssl_cert.c | |
parent | fe874d27d33faa527b5e945137787bf6b0f5c253 (diff) |
Implement a new custom extensions API
The old custom extensions API was not TLSv1.3 aware. Extensions are used
extensively in TLSv1.3 and they can appear in many different types of
messages. Therefore we need a new API to be able to cope with that.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3139)
Diffstat (limited to 'ssl/ssl_cert.c')
-rw-r--r-- | ssl/ssl_cert.c | 7 |
1 files changed, 2 insertions, 5 deletions
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index a4e7977012..3a85ede638 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -190,9 +190,7 @@ CERT *ssl_cert_dup(CERT *cert) ret->sec_level = cert->sec_level; ret->sec_ex = cert->sec_ex; - if (!custom_exts_copy(&ret->cli_ext, &cert->cli_ext)) - goto err; - if (!custom_exts_copy(&ret->srv_ext, &cert->srv_ext)) + if (!custom_exts_copy(&ret->custext, &cert->custext)) goto err; #ifndef OPENSSL_NO_PSK if (cert->psk_identity_hint) { @@ -254,8 +252,7 @@ void ssl_cert_free(CERT *c) OPENSSL_free(c->ctype); X509_STORE_free(c->verify_store); X509_STORE_free(c->chain_store); - custom_exts_free(&c->cli_ext); - custom_exts_free(&c->srv_ext); + custom_exts_free(&c->custext); #ifndef OPENSSL_NO_PSK OPENSSL_free(c->psk_identity_hint); #endif |