diff options
| author | Trevor <unsafe@trevp.net> | 2013-06-13 22:36:45 -0700 |
|---|---|---|
| committer | Ben Laurie <ben@links.org> | 2013-06-18 16:13:08 +0100 |
| commit | 9cd50f738ff55eae2a64f872492d3a7ce115f18d (patch) | |
| tree | ff3b9868dd02aa7b632d82a8f9ff9f7c0d8ebc18 /ssl/t1_lib.c | |
| parent | 8ee3c7e676c5edb1d5fbe0d66b7ce307a4f92899 (diff) | |
| download | openssl-9cd50f738ff55eae2a64f872492d3a7ce115f18d.tar.gz | |
Cleanup of custom extension stuff.
serverinfo rejects non-empty extensions.
Omit extension if no relevant serverinfo data.
Improve error-handling in serverinfo callback.
Cosmetic cleanups.
s_client documentation.
s_server documentation.
SSL_CTX_serverinfo documentation.
Cleaup -1 and NULL callback handling for custom extensions, add tests.
Cleanup ssl_rsa.c serverinfo code.
Whitespace cleanup.
Improve comments in ssl.h for serverinfo.
Whitespace.
Cosmetic cleanup.
Reject non-zero-len serverinfo extensions.
Whitespace.
Make it build.
Diffstat (limited to 'ssl/t1_lib.c')
| -rw-r--r-- | ssl/t1_lib.c | 32 |
1 files changed, 24 insertions, 8 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 19769c5888..8bed38d6d4 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1455,10 +1455,19 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha unsigned short outlen = 0; record = &s->ctx->custom_cli_ext_records[i]; - if (record->fn1 && !record->fn1(s, record->ext_type, + /* NULL callback sends empty extension */ + /* -1 from callback omits extension */ + if (record->fn1) + { + int cb_retval = 0; + cb_retval = record->fn1(s, record->ext_type, &out, &outlen, - record->arg)) - return NULL; + record->arg); + if (cb_retval == 0) + return NULL; /* error */ + if (cb_retval == -1) + continue; /* skip this extension */ + } if (limit < ret + 4 + outlen) return NULL; s2n(record->ext_type, ret); @@ -1751,11 +1760,18 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha { const unsigned char *out = NULL; unsigned short outlen = 0; - if (record->fn2 - && !record->fn2(s, record->ext_type, - &out, &outlen, - record->arg)) - return NULL; + int cb_retval = 0; + + /* NULL callback or -1 omits extension */ + if (!record->fn2) + break; + cb_retval = record->fn2(s, record->ext_type, + &out, &outlen, + record->arg); + if (cb_retval == 0) + return NULL; /* error */ + if (cb_retval == -1) + break; /* skip this extension */ if (limit < ret + 4 + outlen) return NULL; s2n(record->ext_type, ret); |