diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2014-08-05 15:21:36 +0100 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2014-08-28 17:06:50 +0100 |
| commit | da67a0ae3462f6c6447ed841a9ec514077244b02 (patch) | |
| tree | 83c6ede13bdfa499ce877a4515d54994d769f95a /ssl/t1_lib.c | |
| parent | 9a9b0c0401cae443f115ff19921d347b20aa396b (diff) | |
Revision of custom extension code.
Move custom extension structures from SSL_CTX to CERT structure.
This change means the form can be revised in future without binary
compatibility issues. Also since CERT is part of SSL structures
so per-SSL custom extensions could be supported in future as well as
per SSL_CTX.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit b83294fe3022b9d5d525ccdcfeb53d39c25b05bd)
Conflicts:
ssl/ssl.h
ssl/ssl_cert.c
ssl/ssl_locl.h
Diffstat (limited to 'ssl/t1_lib.c')
| -rw-r--r-- | ssl/t1_lib.c | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index ba2d9ae8f0..78cdc52914 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1446,17 +1446,17 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf, unsigned c } /* Add custom TLS Extensions to ClientHello */ - if (s->ctx->custom_cli_ext_records_count) + if (s->cert->custom_cli_ext_records_count) { size_t i; custom_cli_ext_record* record; - for (i = 0; i < s->ctx->custom_cli_ext_records_count; i++) + for (i = 0; i < s->cert->custom_cli_ext_records_count; i++) { const unsigned char* out = NULL; unsigned short outlen = 0; - record = &s->ctx->custom_cli_ext_records[i]; + record = &s->cert->custom_cli_ext_records[i]; /* NULL callback sends empty extension */ /* -1 from callback omits extension */ if (record->fn1) @@ -1707,13 +1707,13 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf, unsigned c } #endif - for (i = 0; i < s->ctx->custom_srv_ext_records_count; i++) + for (i = 0; i < s->cert->custom_srv_ext_records_count; i++) { const unsigned char *out = NULL; unsigned short outlen = 0; int cb_retval = 0; - record = &s->ctx->custom_srv_ext_records[i]; + record = &s->cert->custom_srv_ext_records[i]; /* NULL callback or -1 omits extension */ if (!record->fn2) @@ -2444,13 +2444,13 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char * so call the callback and record the extension number so that * an appropriate ServerHello may be later returned. */ - else if (!s->hit && s->ctx->custom_srv_ext_records_count) + else if (!s->hit && s->cert->custom_srv_ext_records_count) { custom_srv_ext_record *record; - for (i=0; i < s->ctx->custom_srv_ext_records_count; i++) + for (i=0; i < s->cert->custom_srv_ext_records_count; i++) { - record = &s->ctx->custom_srv_ext_records[i]; + record = &s->cert->custom_srv_ext_records[i]; if (type == record->ext_type) { if (record->fn1 && !record->fn1(s, type, data, size, al, record->arg)) @@ -2782,14 +2782,14 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char /* If this extension type was not otherwise handled, but * matches a custom_cli_ext_record, then send it to the c * callback */ - else if (s->ctx->custom_cli_ext_records_count) + else if (s->cert->custom_cli_ext_records_count) { size_t i; custom_cli_ext_record* record; - for (i = 0; i < s->ctx->custom_cli_ext_records_count; i++) + for (i = 0; i < s->cert->custom_cli_ext_records_count; i++) { - record = &s->ctx->custom_cli_ext_records[i]; + record = &s->cert->custom_cli_ext_records[i]; if (record->ext_type == type) { if (record->fn2 && !record->fn2(s, type, data, size, al, record->arg)) |