diff options
| author | Matt Caswell <matt@openssl.org> | 2016-12-28 17:30:51 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2016-12-29 13:32:54 +0000 |
| commit | 0785274ca53bbc20774186df6081dc75258db9bb (patch) | |
| tree | bb3dc135059fa34571c006e6465b661e5d9a2f32 /ssl | |
| parent | 397f4f78760480f982adaeed98ccb10bda4d3fbb (diff) | |
Fix extension for various no- options
Previously we were omitting the extension information from ext_defs if
the association no- option was defined. This doesn't work because the
indexes into the table are no longer valid.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2153)
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/statem/extensions.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index f6b0589ffe..2bb09c9507 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -92,6 +92,7 @@ typedef struct extensions_definition_st { * * TODO(TLS1.3): Make sure we have a test to check the consistency of these */ +#define INVALID_EXTENSION { 0x10000, 0, NULL, NULL, NULL, NULL, NULL, NULL } static const EXTENSION_DEFINITION ext_defs[] = { { TLSEXT_TYPE_renegotiate, @@ -116,6 +117,8 @@ static const EXTENSION_DEFINITION ext_defs[] = { EXT_CLIENT_HELLO | EXT_TLS1_2_AND_BELOW_ONLY, init_srp, tls_parse_ctos_srp, NULL, NULL, tls_construct_ctos_srp, NULL }, +#else + INVALID_EXTENSION, #endif #ifndef OPENSSL_NO_EC { @@ -132,6 +135,9 @@ static const EXTENSION_DEFINITION ext_defs[] = { NULL /* TODO(TLS1.3): Need to add this */, tls_construct_ctos_supported_groups, NULL }, +#else + INVALID_EXTENSION, + INVALID_EXTENSION, #endif { TLSEXT_TYPE_session_ticket, @@ -155,6 +161,8 @@ static const EXTENSION_DEFINITION ext_defs[] = { tls_parse_stoc_status_request, tls_construct_stoc_status_request, tls_construct_ctos_status_request, final_status_request }, +#else + INVALID_EXTENSION, #endif #ifndef OPENSSL_NO_NEXTPROTONEG { @@ -163,6 +171,8 @@ static const EXTENSION_DEFINITION ext_defs[] = { init_npn, tls_parse_ctos_npn, tls_parse_stoc_npn, tls_construct_stoc_next_proto_neg, tls_construct_ctos_npn, NULL }, +#else + INVALID_EXTENSION, #endif { /* @@ -183,6 +193,8 @@ static const EXTENSION_DEFINITION ext_defs[] = { init_srtp, tls_parse_ctos_use_srtp, tls_parse_stoc_use_srtp, tls_construct_stoc_use_srtp, tls_construct_ctos_use_srtp, NULL }, +#else + INVALID_EXTENSION, #endif { TLSEXT_TYPE_encrypt_then_mac, @@ -203,6 +215,8 @@ static const EXTENSION_DEFINITION ext_defs[] = { */ NULL, tls_parse_stoc_sct, NULL, tls_construct_ctos_sct, NULL }, +#else + INVALID_EXTENSION, #endif { TLSEXT_TYPE_extended_master_secret, |