Set TLS padding extension value.

Enable TLS padding extension using official value from: http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml (cherry picked from commit cd6bd5ffda) Conflicts: CHANGES
2014-04-05 20:43:54 +01:00 · 2014-04-05 20:43:54 +01:00 · 6411b83e52
commit 6411b83e52
parent bb98beade9
3 changed files with 8 additions and 12 deletions
--- a/12
+++ b/12
@ -17,23 +17,13 @@
     this fixes a limiation in previous versions of OpenSSL.
     [Steve Henson]

-  *) TLS pad extension: draft-agl-tls-padding-02
+  *) TLS pad extension: draft-agl-tls-padding-03

     Workaround for the "TLS hang bug" (see FAQ and PR#2771): if the
     TLS client Hello record length value would otherwise be > 255 and
     less that 512 pad with a dummy extension containing zeroes so it
     is at least 512 bytes long.

-     To enable it use an unused extension number (for example chrome uses
-     35655) using:
-
-     e.g. -DTLSEXT_TYPE_padding=35655
-
-     Since the extension is ignored the actual number doesn't matter as long
-     as it doesn't clash with any existing extension.
-
-     This will be updated when the extension gets an official number.
-
     [Adam Langley, Steve Henson]

  *) Extended RSA OAEP support via EVP_PKEY API. Options to specify digest,
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@ -1471,7 +1471,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha

 #ifdef TLSEXT_TYPE_padding
 	/* Add padding to workaround bugs in F5 terminators.
-	 * See https://tools.ietf.org/html/draft-agl-tls-padding-02
+	 * See https://tools.ietf.org/html/draft-agl-tls-padding-03
 	 *
 	 * NB: because this code works out the length of all existing
 	 * extensions it MUST always appear last.
--- a/ssl/tls1.h
+++ b/ssl/tls1.h
@ -233,6 +233,12 @@ extern "C" {
 /* ExtensionType value from draft-ietf-tls-applayerprotoneg-00 */
 #define TLSEXT_TYPE_application_layer_protocol_negotiation 16

+/* ExtensionType value for TLS padding extension.
+ * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
+ * http://tools.ietf.org/html/draft-agl-tls-padding-03
+ */
+#define TLSEXT_TYPE_padding	21
+
 /* ExtensionType value from RFC4507 */
 #define TLSEXT_TYPE_session_ticket		35