Add ECC extensions with DTLS.
PR#3449
(cherry picked from commit 2054eb771e)
This commit is contained in:
Dr. Stephen Henson
parent
ed1de3810d
commit
ec9cb40da5
3 changed files with 18 additions and 13 deletions
|
|
@ -694,12 +694,18 @@ int dtls1_client_hello(SSL *s)
|
|||
*(p++)=0; /* Add the NULL method */
|
||||
|
||||
#ifndef OPENSSL_NO_TLSEXT
|
||||
/* TLS extensions*/
|
||||
if (ssl_prepare_clienthello_tlsext(s) <= 0)
|
||||
{
|
||||
SSLerr(SSL_F_DTLS1_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT);
|
||||
goto err;
|
||||
}
|
||||
if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
|
||||
{
|
||||
SSLerr(SSL_F_DTLS1_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
|
||||
goto err;
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
|
||||
l=(p-d);
|
||||
d=buf;
|
||||
|
|
|
|||
|
|
@ -821,6 +821,11 @@ int dtls1_send_server_hello(SSL *s)
|
|||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_TLSEXT
|
||||
if (ssl_prepare_serverhello_tlsext(s) <= 0)
|
||||
{
|
||||
SSLerr(SSL_F_DTLS1_SEND_SERVER_HELLO,SSL_R_SERVERHELLO_TLSEXT);
|
||||
return -1;
|
||||
}
|
||||
if ((p = ssl_add_serverhello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
|
||||
{
|
||||
SSLerr(SSL_F_DTLS1_SEND_SERVER_HELLO,ERR_R_INTERNAL_ERROR);
|
||||
|
|
|
|||
18
ssl/t1_lib.c
18
ssl/t1_lib.c
|
|
@ -342,8 +342,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
|
|||
}
|
||||
|
||||
#ifndef OPENSSL_NO_EC
|
||||
if (s->tlsext_ecpointformatlist != NULL &&
|
||||
s->version != DTLS1_VERSION)
|
||||
if (s->tlsext_ecpointformatlist != NULL)
|
||||
{
|
||||
/* Add TLS extension ECPointFormats to the ClientHello message */
|
||||
long lenmax;
|
||||
|
|
@ -362,8 +361,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
|
|||
memcpy(ret, s->tlsext_ecpointformatlist, s->tlsext_ecpointformatlist_length);
|
||||
ret+=s->tlsext_ecpointformatlist_length;
|
||||
}
|
||||
if (s->tlsext_ellipticcurvelist != NULL &&
|
||||
s->version != DTLS1_VERSION)
|
||||
if (s->tlsext_ellipticcurvelist != NULL)
|
||||
{
|
||||
/* Add TLS extension EllipticCurves to the ClientHello message */
|
||||
long lenmax;
|
||||
|
|
@ -546,8 +544,7 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha
|
|||
}
|
||||
|
||||
#ifndef OPENSSL_NO_EC
|
||||
if (s->tlsext_ecpointformatlist != NULL &&
|
||||
s->version != DTLS1_VERSION)
|
||||
if (s->tlsext_ecpointformatlist != NULL)
|
||||
{
|
||||
/* Add TLS extension ECPointFormats to the ServerHello message */
|
||||
long lenmax;
|
||||
|
|
@ -852,8 +849,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
|
|||
}
|
||||
|
||||
#ifndef OPENSSL_NO_EC
|
||||
else if (type == TLSEXT_TYPE_ec_point_formats &&
|
||||
s->version != DTLS1_VERSION)
|
||||
else if (type == TLSEXT_TYPE_ec_point_formats)
|
||||
{
|
||||
unsigned char *sdata = data;
|
||||
int ecpointformatlist_length = *(sdata++);
|
||||
|
|
@ -887,8 +883,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
|
|||
fprintf(stderr,"\n");
|
||||
#endif
|
||||
}
|
||||
else if (type == TLSEXT_TYPE_elliptic_curves &&
|
||||
s->version != DTLS1_VERSION)
|
||||
else if (type == TLSEXT_TYPE_elliptic_curves)
|
||||
{
|
||||
unsigned char *sdata = data;
|
||||
int ellipticcurvelist_length = (*(sdata++) << 8);
|
||||
|
|
@ -1148,8 +1143,7 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
|
|||
}
|
||||
|
||||
#ifndef OPENSSL_NO_EC
|
||||
else if (type == TLSEXT_TYPE_ec_point_formats &&
|
||||
s->version != DTLS1_VERSION)
|
||||
else if (type == TLSEXT_TYPE_ec_point_formats)
|
||||
{
|
||||
unsigned char *sdata = data;
|
||||
int ecpointformatlist_length = *(sdata++);
|
||||
|
|
|
|||
Loading…
Reference in a new issue