Make it build.
(cherry picked from commit a6a48e87bc
)
Conflicts:
ssl/s3_clnt.c
ssl/t1_lib.c
This commit is contained in:
parent
c32ebefaa8
commit
8b41df41c2
6 changed files with 53 additions and 45 deletions
|
@ -2471,7 +2471,7 @@ static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type,
|
|||
return 1;
|
||||
}
|
||||
}
|
||||
//no auth extension to send
|
||||
/* no auth extension to send */
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
@ -2506,7 +2506,7 @@ static int auth_suppdata_generate_cb(SSL *s, unsigned short supp_data_type,
|
|||
return 1;
|
||||
}
|
||||
}
|
||||
//no supplemental data to send
|
||||
/* no supplemental data to send */
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
|
|
@ -3590,7 +3590,7 @@ static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type,
|
|||
return 1;
|
||||
}
|
||||
}
|
||||
//no auth extension to send
|
||||
/* no auth extension to send */
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
@ -3625,7 +3625,7 @@ static int auth_suppdata_generate_cb(SSL *s, unsigned short supp_data_type,
|
|||
return 1;
|
||||
}
|
||||
}
|
||||
//no supplemental data to send
|
||||
/* no supplemental data to send */
|
||||
return -1;
|
||||
}
|
||||
#endif
|
||||
|
|
|
@ -3652,7 +3652,7 @@ int tls1_send_client_supplemental_data(SSL *s, int *skip)
|
|||
{
|
||||
SSLerr(SSL_F_TLS1_SEND_CLIENT_SUPPLEMENTAL_DATA,ERR_R_BUF_LIB);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
/* if first entry, write handshake message type */
|
||||
if (length == 0)
|
||||
{
|
||||
|
@ -3685,9 +3685,9 @@ int tls1_send_client_supplemental_data(SSL *s, int *skip)
|
|||
}
|
||||
if (length > 0)
|
||||
{
|
||||
//write handshake length
|
||||
/* write handshake length */
|
||||
l2n3(length - 4, size_loc);
|
||||
//supp_data length
|
||||
/* supp_data length */
|
||||
l2n3(length - 7, size_loc);
|
||||
s->state = SSL3_ST_CW_SUPPLEMENTAL_DATA_B;
|
||||
s->init_num = length;
|
||||
|
@ -3696,7 +3696,7 @@ int tls1_send_client_supplemental_data(SSL *s, int *skip)
|
|||
}
|
||||
}
|
||||
|
||||
//no supp data message sent
|
||||
/* no supp data message sent */
|
||||
*skip = 1;
|
||||
s->init_num = 0;
|
||||
s->init_off = 0;
|
||||
|
@ -3743,7 +3743,7 @@ int tls1_get_server_supplemental_data(SSL *s)
|
|||
{
|
||||
n2s(p, supp_data_entry_type);
|
||||
n2s(p, supp_data_entry_len);
|
||||
//if there is a callback for this supp data type, send it
|
||||
/* if there is a callback for this supp data type, send it */
|
||||
for (i=0; i < s->ctx->cli_supp_data_records_count; i++)
|
||||
{
|
||||
if (s->ctx->cli_supp_data_records[i].supp_data_type == supp_data_entry_type &&
|
||||
|
|
|
@ -3689,12 +3689,13 @@ int tls1_send_server_supplemental_data(SSL *s, int *skip)
|
|||
SSLerr(SSL_F_TLS1_SEND_SERVER_SUPPLEMENTAL_DATA,ERR_R_BUF_LIB);
|
||||
return 0;
|
||||
}
|
||||
//write supp data entry...
|
||||
//if first entry, write handshake message type
|
||||
//jump back to write length at end
|
||||
/* write supp data entry...
|
||||
* if first entry, write handshake message type
|
||||
* jump back to write length at end */
|
||||
if (length == 0)
|
||||
{
|
||||
//1 byte message type + 3 bytes for message length
|
||||
/* 1 byte message type + 3 bytes for
|
||||
* message length */
|
||||
if (!BUF_MEM_grow_clean(s->init_buf, 4))
|
||||
{
|
||||
SSLerr(SSL_F_TLS1_SEND_SERVER_SUPPLEMENTAL_DATA,ERR_R_BUF_LIB);
|
||||
|
@ -3702,13 +3703,15 @@ int tls1_send_server_supplemental_data(SSL *s, int *skip)
|
|||
}
|
||||
p = (unsigned char *)s->init_buf->data;
|
||||
*(p++) = SSL3_MT_SUPPLEMENTAL_DATA;
|
||||
//hold on to length field to update later
|
||||
/* hold on to length field to update later */
|
||||
size_loc = p;
|
||||
//skip over handshake length field (3 bytes) and supp_data length field (3 bytes)
|
||||
/* skip over handshake length field (3
|
||||
* bytes) and supp_data length field
|
||||
* (3 bytes) */
|
||||
p += 3 + 3;
|
||||
length += 1 +3 +3;
|
||||
}
|
||||
//2 byte supp data type + 2 byte length + outlen
|
||||
/* 2 byte supp data type + 2 byte length + outlen */
|
||||
if (!BUF_MEM_grow(s->init_buf, outlen + 4))
|
||||
{
|
||||
SSLerr(SSL_F_TLS1_SEND_SERVER_SUPPLEMENTAL_DATA,ERR_R_BUF_LIB);
|
||||
|
@ -3717,15 +3720,16 @@ int tls1_send_server_supplemental_data(SSL *s, int *skip)
|
|||
s2n(record->supp_data_type, p);
|
||||
s2n(outlen, p);
|
||||
memcpy(p, out, outlen);
|
||||
//update length to supp data type (2 bytes) + supp data length (2 bytes) + supp data
|
||||
/* update length to supp data type (2 bytes) +
|
||||
* supp data length (2 bytes) + supp data */
|
||||
length += (outlen + 4);
|
||||
p += outlen;
|
||||
}
|
||||
if (length > 0)
|
||||
{
|
||||
//write handshake length
|
||||
/* write handshake length */
|
||||
l2n3(length - 4, size_loc);
|
||||
//supp_data length
|
||||
/* supp_data length */
|
||||
l2n3(length - 7, size_loc);
|
||||
s->state = SSL3_ST_SW_SUPPLEMENTAL_DATA_B;
|
||||
s->init_num = length;
|
||||
|
@ -3735,7 +3739,7 @@ int tls1_send_server_supplemental_data(SSL *s, int *skip)
|
|||
}
|
||||
}
|
||||
|
||||
//no supp data message sent
|
||||
/* no supp data message sent */
|
||||
*skip = 1;
|
||||
s->init_num = 0;
|
||||
s->init_off = 0;
|
||||
|
@ -3782,7 +3786,7 @@ int tls1_get_client_supplemental_data(SSL *s)
|
|||
{
|
||||
n2s(p, supp_data_entry_type);
|
||||
n2s(p, supp_data_entry_len);
|
||||
//if there is a callback for this supp data type, send it
|
||||
/* if there is a callback for this supp data type, send it */
|
||||
for (i=0; i < s->ctx->srv_supp_data_records_count; i++)
|
||||
{
|
||||
if (s->ctx->srv_supp_data_records[i].supp_data_type == supp_data_entry_type && s->ctx->srv_supp_data_records[i].fn2)
|
||||
|
|
|
@ -1649,20 +1649,37 @@ bad:
|
|||
|
||||
if (suppdata)
|
||||
{
|
||||
//TEST CASES
|
||||
//client and server both send and receive, verify additional arg passed back
|
||||
SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_0, supp_data_0_srv_first_cb, supp_data_0_srv_second_cb, s_ssl);
|
||||
SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_0, supp_data_0_cli_first_cb, supp_data_0_cli_second_cb, c_ssl);
|
||||
/* TEST CASES */
|
||||
/* client and server both send and receive, verify
|
||||
* additional arg passed back */
|
||||
SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_0,
|
||||
supp_data_0_srv_first_cb,
|
||||
supp_data_0_srv_second_cb, s_ssl);
|
||||
SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_0,
|
||||
supp_data_0_cli_first_cb,
|
||||
supp_data_0_cli_second_cb, c_ssl);
|
||||
|
||||
//-1 response from sending server/client doesn't receive, -1 response from sending client/server doesn't receive
|
||||
SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_1, supp_data_1_srv_first_cb, supp_data_1_srv_second_cb, NULL);
|
||||
SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_1, supp_data_1_cli_first_cb, supp_data_1_cli_second_cb, NULL);
|
||||
/* -1 response from sending server/client doesn't
|
||||
* receive, -1 response from sending client/server
|
||||
* doesn't receive */
|
||||
SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_1,
|
||||
supp_data_1_srv_first_cb,
|
||||
supp_data_1_srv_second_cb, NULL);
|
||||
SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_1,
|
||||
supp_data_1_cli_first_cb,
|
||||
supp_data_1_cli_second_cb, NULL);
|
||||
|
||||
//null sending server/client doesn't receive, null sending client/server doesn't receive
|
||||
SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_2, /*supp_data_2_srv_first_cb*/NULL, supp_data_2_srv_second_cb, NULL);
|
||||
SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_2, supp_data_2_cli_first_cb, /*supp_data_2_cli_second_cb*/NULL, NULL);
|
||||
/* null sending server/client doesn't receive, null
|
||||
sending client/server doesn't receive */
|
||||
SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_2,
|
||||
/*supp_data_2_srv_first_cb*/NULL,
|
||||
supp_data_2_srv_second_cb, NULL);
|
||||
SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_2,
|
||||
supp_data_2_cli_first_cb,
|
||||
/*supp_data_2_cli_second_cb*/NULL,
|
||||
NULL);
|
||||
|
||||
//alerts set to non-zero and zero return values not tested
|
||||
/* alerts set to non-zero and zero return values not tested */
|
||||
}
|
||||
#ifndef OPENSSL_NO_KRB5
|
||||
if (c_ssl && c_ssl->kssl_ctx)
|
||||
|
|
13
ssl/t1_lib.c
13
ssl/t1_lib.c
|
@ -1089,19 +1089,6 @@ void ssl_set_client_disabled(SSL *s)
|
|||
c->valid = 1;
|
||||
}
|
||||
|
||||
/* byte_compare is a compare function for qsort(3) that compares bytes. */
|
||||
static int byte_compare(const void *in_a, const void *in_b)
|
||||
{
|
||||
unsigned char a = *((const unsigned char*) in_a);
|
||||
unsigned char b = *((const unsigned char*) in_b);
|
||||
|
||||
if (a > b)
|
||||
return 1;
|
||||
else if (a < b)
|
||||
return -1;
|
||||
return 0;
|
||||
}
|
||||
|
||||
unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit, int *al)
|
||||
{
|
||||
int extdatalen=0;
|
||||
|
|
Loading…
Reference in a new issue