diff --git a/apps/s_cb.c b/apps/s_cb.c index 38eae7fe3..2cd73376d 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -686,6 +686,22 @@ void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type, extname = "status request"; break; + case TLSEXT_TYPE_user_mapping: + extname = "user mapping"; + break; + + case TLSEXT_TYPE_client_authz: + extname = "client authz"; + break; + + case TLSEXT_TYPE_server_authz: + extname = "server authz"; + break; + + case TLSEXT_TYPE_cert_type: + extname = "cert type"; + break; + case TLSEXT_TYPE_elliptic_curves: extname = "elliptic curves"; break; @@ -694,23 +710,40 @@ void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type, extname = "EC point formats"; break; - case TLSEXT_TYPE_session_ticket: - extname = "server ticket"; - break; - - case TLSEXT_TYPE_renegotiate: - extname = "renegotiate"; + case TLSEXT_TYPE_srp: + extname = "SRP"; break; case TLSEXT_TYPE_signature_algorithms: extname = "signature algorithms"; break; + case TLSEXT_TYPE_use_srtp: + extname = "use SRTP"; + break; + + case TLSEXT_TYPE_heartbeat: + extname = "heartbeat"; + break; + + case TLSEXT_TYPE_session_ticket: + extname = "session ticket"; + break; + + case TLSEXT_TYPE_renegotiate: + extname = "renegotiation info"; + break; + #ifdef TLSEXT_TYPE_opaque_prf_input case TLSEXT_TYPE_opaque_prf_input: extname = "opaque PRF input"; break; #endif +#ifdef TLSEXT_TYPE_next_proto_neg + case TLSEXT_TYPE_next_proto_neg: + extname = "next protocol"; + break; +#endif default: extname = "unknown"; diff --git a/ssl/tls1.h b/ssl/tls1.h index c5e3a7002..c39c267f0 100644 --- a/ssl/tls1.h +++ b/ssl/tls1.h @@ -197,20 +197,42 @@ extern "C" { #define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114 #define TLS1_AD_UNKNOWN_PSK_IDENTITY 115 /* fatal */ -/* ExtensionType values from RFC3546 / RFC4366 */ +/* ExtensionType values from RFC3546 / RFC4366 / RFC6066 */ #define TLSEXT_TYPE_server_name 0 #define TLSEXT_TYPE_max_fragment_length 1 #define TLSEXT_TYPE_client_certificate_url 2 #define TLSEXT_TYPE_trusted_ca_keys 3 #define TLSEXT_TYPE_truncated_hmac 4 #define TLSEXT_TYPE_status_request 5 +/* ExtensionType values from RFC4681 */ +#define TLSEXT_TYPE_user_mapping 6 + +/* ExtensionType values from RFC5878 */ +#define TLSEXT_TYPE_client_authz 7 +#define TLSEXT_TYPE_server_authz 8 + +/* ExtensionType values from RFC6091 */ +#define TLSEXT_TYPE_cert_type 9 + /* ExtensionType values from RFC4492 */ #define TLSEXT_TYPE_elliptic_curves 10 #define TLSEXT_TYPE_ec_point_formats 11 + /* ExtensionType value from RFC5054 */ #define TLSEXT_TYPE_srp 12 + +/* ExtensionType values from RFC5246 */ #define TLSEXT_TYPE_signature_algorithms 13 + +/* ExtensionType value from RFC5764 */ +#define TLSEXT_TYPE_use_srtp 14 + +/* ExtensionType value from RFC5620 */ +#define TLSEXT_TYPE_heartbeat 15 + +/* ExtensionType value from RFC4507 */ #define TLSEXT_TYPE_session_ticket 35 + /* ExtensionType value from draft-rescorla-tls-opaque-prf-input-00.txt */ #if 0 /* will have to be provided externally for now , * i.e. build with -DTLSEXT_TYPE_opaque_prf_input=38183 @@ -253,12 +275,6 @@ extern "C" { #define TLSEXT_hash_sha384 5 #define TLSEXT_hash_sha512 6 -/* ExtensionType value from RFC5764 */ -#define TLSEXT_TYPE_use_srtp 14 - -/* Heartbeat extension */ -#define TLSEXT_TYPE_heartbeat 15 - #ifndef OPENSSL_NO_TLSEXT #define TLSEXT_MAXLEN_host_name 255