summaryrefslogtreecommitdiffstats
path: root/ssl/t1_ext.c
AgeCommit message (Collapse)Author
2015-05-22Remove support for OPENSSL_NO_TLSEXTMatt Caswell
Given the pervasive nature of TLS extensions it is inadvisable to run OpenSSL without support for them. It also means that maintaining the OPENSSL_NO_TLSEXT option within the code is very invasive (and probably not well tested). Therefore it is being removed. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-05memset, memcpy, sizeof consistency fixesRich Salz
Just as with the OPENSSL_malloc calls, consistently use sizeof(*ptr) for memset and memcpy. Remove needless casts for those functions. For memset, replace alternative forms of zero with 0. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-01free null cleanup finaleRich Salz
Don't check for NULL before calling OPENSSL_free Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-28Remove support for opaque-prfRich Salz
An expired IETF Internet-Draft (seven years old) that nobody implements, and probably just as good as NSA DRBG work. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-22Run util/openssl-format-source -v -c .Matt Caswell
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-08-28Rename some callbacks, fix alignment.Dr. Stephen Henson
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2014-08-28Use consistent function naming.Dr. Stephen Henson
Instead of SSL_CTX_set_custom_cli_ext and SSL_CTX_set_custom_srv_ext use SSL_CTX_add_client_custom_ext and SSL_CTX_add_server_custom_ext. Reviewed-by: Emilia Käsper <emilia@openssl.org>
2014-08-28New function SSL_extension_supported().Dr. Stephen Henson
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2014-08-28New extension callback features.Dr. Stephen Henson
Support separate parse and add callback arguments. Add new callback so an application can free extension data. Change return value for send functions so < 0 is an error 0 omits extension and > 0 includes it. This is more consistent with the behaviour of other functions in OpenSSL. Modify parse_cb handling so <= 0 is an error. Make SSL_CTX_set_custom_cli_ext and SSL_CTX_set_custom_cli_ext argument order consistent. NOTE: these changes WILL break existing code. Remove (now inaccurate) in line documentation. Reviewed-by: Emilia Käsper <emilia@openssl.org>
2014-08-28Callback revision.Dr. Stephen Henson
Use "parse" and "add" for function and callback names instead of "first" and "second". Change arguments to callback so the extension type is unsigned int and the buffer length is size_t. Note: this *will* break existing code. Reviewed-by: Emilia Käsper <emilia@openssl.org>
2014-08-28Add custom extension sanity checks.Dr. Stephen Henson
Reject attempts to use extensions handled internally. Add flags to each extension structure to indicate if an extension has been sent or received. Enforce RFC5246 compliance by rejecting duplicate extensions and unsolicited extensions and only send a server extension if we have sent the corresponding client extension. Reviewed-by: Emilia Käsper <emilia@openssl.org>
2014-08-28Custom extension revision.Dr. Stephen Henson
Use the same structure for client and server custom extensions. Add utility functions in new file t1_ext.c. Use new utility functions to handle custom server and client extensions and remove a lot of code duplication. Reviewed-by: Emilia Käsper <emilia@openssl.org>
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-28 13:19:09 +0000