From f1fd4544a3747682010ed89ac908713fe90b8304 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bodo=20M=C3=B6ller?= <bodo@openssl.org>
Date: Tue, 3 Jan 2006 03:27:19 +0000
Subject: Various changes in the new TLS extension code, including the
 following:  - fix indentation  - rename some functions and macros  - fix up
 confusion between SSL_ERROR_... and SSL_AD_... values

---
 ssl/s3_clnt.c | 26 +++++++++++++++-----------
 1 file changed, 15 insertions(+), 11 deletions(-)

(limited to 'ssl/s3_clnt.c')

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 7a4f256642..578285230d 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -257,12 +257,14 @@ int ssl3_connect(SSL *s)
 			if (ret <= 0) goto end;
 #ifndef OPENSSL_NO_TLSEXT
 			{
-				int extension_error = 0,al;
-				if ((al = ssl_check_Hello_TLS_extensions(s,&extension_error)) != SSL_ERROR_NONE){
-					ret = -1;
+				int al;
+				if (ssl_check_tlsext(s,&al) <= 0)
+					{
+					ssl3_send_alert(s,SSL3_AL_FATAL,al); /* XXX does this *have* to be fatal? */
 					SSLerr(SSL_F_SSL3_CONNECT,SSL_R_SERVERHELLO_TLS_EXT);
+					ret = -1;
 					goto end;
-				}
+					}
 			}
 #endif
 			if (s->hit)
@@ -613,11 +615,11 @@ int ssl3_client_hello(SSL *s)
 #endif
 		*(p++)=0; /* Add the NULL method */
 #ifndef OPENSSL_NO_TLSEXT
-		if ((p = ssl_add_ClientHello_TLS_extensions(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
-		{
+		if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
+			{
 			SSLerr(SSL_F_SSL3_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
 			goto err;
-		}
+			}
 #endif
 		
 		l=(p-d);
@@ -806,12 +808,14 @@ int ssl3_get_server_hello(SSL *s)
 #ifndef OPENSSL_NO_TLSEXT
 	/* TLS extensions*/
 	if (s->version > SSL3_VERSION)
-	{
-		if ((al = ssl_parse_ServerHello_TLS_extensions(s,&p,d,n)) != SSL_ERROR_NONE){
+		{
+		if (!ssl_parse_serverhello_tlsext(s,&p,d,n, &al))
+			{
+			/* 'al' set by ssl_parse_serverhello_tlsext */
 			SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_PARSE_TLS_EXT);
 			goto f_err; 
+			}
 		}
-	}
 #endif
 
 	if (p != (d+n))
-- 
cgit v1.2.3