Re-add alert variables removed during rebase
Whitespace fixes
This commit is contained in:
		| @@ -236,22 +236,22 @@ static int server_provided_client_authz = 0; | ||||
| static const unsigned char auth_ext_data[]={TLSEXT_AUTHZDATAFORMAT_dtcp}; | ||||
|  | ||||
| static int suppdata_cb(SSL *s, unsigned short supp_data_type, | ||||
| 		       const unsigned char *in, | ||||
| 		       unsigned short inlen, int *al, | ||||
| 		       void *arg); | ||||
| 				const unsigned char *in, | ||||
| 				unsigned short inlen, int *al, | ||||
| 				void *arg); | ||||
|  | ||||
| static int auth_suppdata_generate_cb(SSL *s, unsigned short supp_data_type, | ||||
| 				     const unsigned char **out, | ||||
|                                      unsigned short *outlen, int *al, void *arg); | ||||
| 				const unsigned char **out, | ||||
| 				unsigned short *outlen, int *al, void *arg); | ||||
|  | ||||
| static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type, | ||||
| 				    const unsigned char **out, unsigned short *outlen, | ||||
|                                     int *al, void *arg); | ||||
| 				const unsigned char **out, unsigned short *outlen, | ||||
| 				int *al, void *arg); | ||||
|  | ||||
| static int authz_tlsext_cb(SSL *s, unsigned short ext_type, | ||||
| 			   const unsigned char *in, | ||||
| 			   unsigned short inlen, int *al, | ||||
| 			   void *arg); | ||||
| 				const unsigned char *in, | ||||
| 				unsigned short inlen, int *al, | ||||
| 				void *arg); | ||||
| #endif | ||||
|  | ||||
| #ifndef OPENSSL_NO_PSK | ||||
| @@ -2439,9 +2439,9 @@ static int ocsp_resp_cb(SSL *s, void *arg) | ||||
| 	} | ||||
|  | ||||
| static int authz_tlsext_cb(SSL *s, unsigned short ext_type, | ||||
| 			   const unsigned char *in, | ||||
| 			   unsigned short inlen, int *al, | ||||
| 			   void *arg) | ||||
| 				const unsigned char *in, | ||||
| 				unsigned short inlen, int *al, | ||||
| 				void *arg) | ||||
| 	{ | ||||
| 	if (TLSEXT_TYPE_server_authz == ext_type) | ||||
| 		server_provided_server_authz | ||||
| @@ -2455,8 +2455,8 @@ static int authz_tlsext_cb(SSL *s, unsigned short ext_type, | ||||
| 	} | ||||
|  | ||||
| static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type, | ||||
| 				    const unsigned char **out, unsigned short *outlen, | ||||
|                                     int *al, void *arg) | ||||
| 				const unsigned char **out, unsigned short *outlen, | ||||
| 				int *al, void *arg) | ||||
| 	{ | ||||
| 	if (c_auth) | ||||
| 		{ | ||||
| @@ -2474,9 +2474,9 @@ static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type, | ||||
| 	} | ||||
|  | ||||
| static int suppdata_cb(SSL *s, unsigned short supp_data_type, | ||||
| 		       const unsigned char *in, | ||||
| 		       unsigned short inlen, int *al, | ||||
| 		       void *arg) | ||||
| 				const unsigned char *in, | ||||
| 				unsigned short inlen, int *al, | ||||
| 				void *arg) | ||||
| 	{ | ||||
| 	if (supp_data_type == TLSEXT_SUPPLEMENTALDATATYPE_authz_data) | ||||
| 		{ | ||||
| @@ -2487,8 +2487,8 @@ static int suppdata_cb(SSL *s, unsigned short supp_data_type, | ||||
| 	} | ||||
|  | ||||
| static int auth_suppdata_generate_cb(SSL *s, unsigned short supp_data_type, | ||||
| 				     const unsigned char **out, | ||||
|                                      unsigned short *outlen, int *al, void *arg) | ||||
| 				const unsigned char **out, | ||||
| 				unsigned short *outlen, int *al, void *arg) | ||||
| 	{ | ||||
| 	if (c_auth && server_provided_client_authz && server_provided_server_authz) | ||||
| 		{ | ||||
|   | ||||
| @@ -331,22 +331,22 @@ static int cert_chain = 0; | ||||
|  | ||||
| #ifndef OPENSSL_NO_TLSEXT | ||||
| static int suppdata_cb(SSL *s, unsigned short supp_data_type, | ||||
| 		       const unsigned char *in, | ||||
| 		       unsigned short inlen, int *al, | ||||
| 		       void *arg); | ||||
| 				const unsigned char *in, | ||||
| 				unsigned short inlen, int *al, | ||||
| 				void *arg); | ||||
|  | ||||
| static int auth_suppdata_generate_cb(SSL *s, unsigned short supp_data_type, | ||||
| 				     const unsigned char **out, | ||||
|                                      unsigned short *outlen, int *al, void *arg); | ||||
| 				const unsigned char **out, | ||||
| 				unsigned short *outlen, int *al, void *arg); | ||||
|  | ||||
| static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type, | ||||
| 				    const unsigned char **out, unsigned short *outlen, | ||||
|                                     int *al, void *arg); | ||||
| 				const unsigned char **out, unsigned short *outlen, | ||||
| 				int *al, void *arg); | ||||
|  | ||||
| static int authz_tlsext_cb(SSL *s, unsigned short ext_type, | ||||
| 			   const unsigned char *in, | ||||
| 			   unsigned short inlen, int *al, | ||||
| 			   void *arg); | ||||
| 				const unsigned char *in, | ||||
| 				unsigned short inlen, int *al, | ||||
| 				void *arg); | ||||
|  | ||||
| static BIO *serverinfo_in = NULL; | ||||
| static const char *s_serverinfo_file = NULL; | ||||
| @@ -3585,9 +3585,9 @@ static void free_sessions(void) | ||||
|  | ||||
| #ifndef OPENSSL_NO_TLSEXT | ||||
| static int authz_tlsext_cb(SSL *s, unsigned short ext_type, | ||||
| 			   const unsigned char *in, | ||||
| 			   unsigned short inlen, int *al, | ||||
| 			   void *arg) | ||||
| 				const unsigned char *in, | ||||
| 				unsigned short inlen, int *al, | ||||
| 				void *arg) | ||||
| 	{ | ||||
| 	if (TLSEXT_TYPE_server_authz == ext_type) | ||||
| 		client_provided_server_authz | ||||
| @@ -3601,8 +3601,8 @@ static int authz_tlsext_cb(SSL *s, unsigned short ext_type, | ||||
| 	} | ||||
|  | ||||
| static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type, | ||||
| 				    const unsigned char **out, unsigned short *outlen, | ||||
|                                     int *al, void *arg) | ||||
| 				const unsigned char **out, unsigned short *outlen, | ||||
| 				int *al, void *arg) | ||||
| 	{ | ||||
| 	if (c_auth && client_provided_client_authz && client_provided_server_authz) | ||||
| 		{ | ||||
| @@ -3621,9 +3621,9 @@ static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type, | ||||
| 	} | ||||
|  | ||||
| static int suppdata_cb(SSL *s, unsigned short supp_data_type, | ||||
| 		       const unsigned char *in, | ||||
| 		       unsigned short inlen, int *al, | ||||
| 		       void *arg) | ||||
| 				const unsigned char *in, | ||||
| 				unsigned short inlen, int *al, | ||||
| 				void *arg) | ||||
| 	{ | ||||
| 	if (supp_data_type == TLSEXT_SUPPLEMENTALDATATYPE_authz_data) | ||||
| 		{ | ||||
| @@ -3634,8 +3634,8 @@ static int suppdata_cb(SSL *s, unsigned short supp_data_type, | ||||
| 	} | ||||
|  | ||||
| static int auth_suppdata_generate_cb(SSL *s, unsigned short supp_data_type, | ||||
| 				     const unsigned char **out, | ||||
|                                      unsigned short *outlen, int *al, void *arg) | ||||
| 				const unsigned char **out, | ||||
| 				unsigned short *outlen, int *al, void *arg) | ||||
| 	{ | ||||
| 	if (c_auth && client_provided_client_authz && client_provided_server_authz) | ||||
| 		{ | ||||
|   | ||||
| @@ -299,6 +299,7 @@ static int ssl23_client_hello(SSL *s) | ||||
| 	unsigned long l; | ||||
| 	int ssl2_compat; | ||||
| 	int version = 0, version_major, version_minor; | ||||
| 	int al = 0; | ||||
| #ifndef OPENSSL_NO_COMP | ||||
| 	int j; | ||||
| 	SSL_COMP *comp; | ||||
| @@ -553,9 +554,9 @@ static int ssl23_client_hello(SSL *s) | ||||
| 				SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT); | ||||
| 				return -1; | ||||
| 				} | ||||
|                         if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH, &al)) == NULL) | ||||
| 			if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH, &al)) == NULL) | ||||
| 				{ | ||||
|                                 ssl3_send_alert(s,SSL3_AL_FATAL,al); | ||||
| 				ssl3_send_alert(s,SSL3_AL_FATAL,al); | ||||
| 				SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR); | ||||
| 				return -1; | ||||
| 				} | ||||
|   | ||||
| @@ -689,6 +689,7 @@ int ssl3_client_hello(SSL *s) | ||||
| 	unsigned char *p,*d; | ||||
| 	int i; | ||||
| 	unsigned long l; | ||||
| 	int al = 0; | ||||
| #ifndef OPENSSL_NO_COMP | ||||
| 	int j; | ||||
| 	SSL_COMP *comp; | ||||
| @@ -891,9 +892,9 @@ int ssl3_client_hello(SSL *s) | ||||
| 			SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT); | ||||
| 			goto err; | ||||
| 			} | ||||
|                 if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH, &al)) == NULL) | ||||
| 		if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH, &al)) == NULL) | ||||
| 			{ | ||||
|                         ssl3_send_alert(s,SSL3_AL_FATAL,al); | ||||
| 			ssl3_send_alert(s,SSL3_AL_FATAL,al); | ||||
| 			SSLerr(SSL_F_SSL3_CLIENT_HELLO,ERR_R_INTERNAL_ERROR); | ||||
| 			goto err; | ||||
| 			} | ||||
| @@ -3623,7 +3624,7 @@ int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey) | ||||
| #ifndef OPENSSL_NO_TLSEXT | ||||
| int tls1_send_client_supplemental_data(SSL *s, int *skip) | ||||
| 	{ | ||||
|         int al = 0; | ||||
| 	int al = 0; | ||||
| 	if (s->ctx->cli_supp_data_records_count) | ||||
| 		{ | ||||
| 		unsigned char *p = NULL; | ||||
| @@ -3643,20 +3644,20 @@ int tls1_send_client_supplemental_data(SSL *s, int *skip) | ||||
| 			if (!record->fn2) | ||||
| 				continue; | ||||
| 			cb_retval = record->fn2(s, record->supp_data_type, | ||||
|                                 &out, &outlen, &al, | ||||
| 				record->arg); | ||||
| 									&out, &outlen, &al, | ||||
| 									record->arg); | ||||
| 			if (cb_retval == -1) | ||||
| 				continue; /* skip this supp data entry */ | ||||
| 			if (cb_retval == 0) | ||||
| 				{ | ||||
| 				SSLerr(SSL_F_TLS1_SEND_CLIENT_SUPPLEMENTAL_DATA,ERR_R_BUF_LIB); | ||||
|                                 goto f_err; | ||||
| 				goto f_err; | ||||
| 				} | ||||
| 			if (outlen == 0 || TLSEXT_MAXLEN_supplemental_data < outlen + 4 + length) | ||||
| 				{ | ||||
| 				SSLerr(SSL_F_TLS1_SEND_CLIENT_SUPPLEMENTAL_DATA,ERR_R_BUF_LIB); | ||||
| 				return 0; | ||||
| 			    	} | ||||
| 				} | ||||
| 			/* if first entry, write handshake message type */ | ||||
| 			if (length == 0) | ||||
| 				{ | ||||
| @@ -3668,11 +3669,11 @@ int tls1_send_client_supplemental_data(SSL *s, int *skip) | ||||
| 				p = (unsigned char *)s->init_buf->data; | ||||
| 				*(p++) = SSL3_MT_SUPPLEMENTAL_DATA; | ||||
| 				/* update message length when all | ||||
| 				 * callbacks complete */ | ||||
| 				* callbacks complete */ | ||||
| 				size_loc = p; | ||||
| 				/* skip over handshake length field (3 | ||||
| 				 * bytes) and supp_data length field | ||||
| 				 * (3 bytes) */ | ||||
| 				* bytes) and supp_data length field | ||||
| 				* (3 bytes) */ | ||||
| 				p += 3 + 3; | ||||
| 				length += 1 +3 +3; | ||||
| 				} | ||||
| @@ -3706,10 +3707,10 @@ int tls1_send_client_supplemental_data(SSL *s, int *skip) | ||||
| 	s->init_off = 0; | ||||
| 	return 1; | ||||
|  | ||||
| f_err: | ||||
|         ssl3_send_alert(s,SSL3_AL_FATAL,al); | ||||
|         return 0; | ||||
| } | ||||
| 	f_err: | ||||
| 		ssl3_send_alert(s,SSL3_AL_FATAL,al); | ||||
| 		return 0; | ||||
| 	} | ||||
|  | ||||
| int tls1_get_server_supplemental_data(SSL *s) | ||||
| 	{ | ||||
| @@ -3724,12 +3725,12 @@ int tls1_get_server_supplemental_data(SSL *s) | ||||
| 	int cb_retval = 0; | ||||
|  | ||||
| 	n=s->method->ssl_get_message(s, | ||||
| 		SSL3_ST_CR_SUPPLEMENTAL_DATA_A, | ||||
| 		SSL3_ST_CR_SUPPLEMENTAL_DATA_B, | ||||
| 		SSL3_MT_SUPPLEMENTAL_DATA, | ||||
| 		/* use default limit */ | ||||
| 		TLSEXT_MAXLEN_supplemental_data, | ||||
| 		&ok); | ||||
| 					SSL3_ST_CR_SUPPLEMENTAL_DATA_A, | ||||
| 					SSL3_ST_CR_SUPPLEMENTAL_DATA_B, | ||||
| 					SSL3_MT_SUPPLEMENTAL_DATA, | ||||
| 					/* use default limit */ | ||||
| 					TLSEXT_MAXLEN_supplemental_data, | ||||
| 					&ok); | ||||
|  | ||||
| 	if (!ok) return((int)n); | ||||
|  | ||||
| @@ -3750,9 +3751,11 @@ int tls1_get_server_supplemental_data(SSL *s) | ||||
| 		/* if there is a callback for this supp data type, send it */ | ||||
| 		for (i=0; i < s->ctx->cli_supp_data_records_count; i++) | ||||
| 			{ | ||||
| 			if (s->ctx->cli_supp_data_records[i].supp_data_type == supp_data_entry_type && s->ctx->cli_supp_data_records[i].fn1) | ||||
| 			if (s->ctx->cli_supp_data_records[i].supp_data_type == supp_data_entry_type && | ||||
| 				s->ctx->cli_supp_data_records[i].fn1) | ||||
| 				{ | ||||
| 				cb_retval = s->ctx->cli_supp_data_records[i].fn1(s, supp_data_entry_type, p, supp_data_entry_len, &al, s->ctx->cli_supp_data_records[i].arg); | ||||
| 				cb_retval = s->ctx->cli_supp_data_records[i].fn1(s, supp_data_entry_type, p, | ||||
| 				supp_data_entry_len, &al, s->ctx->cli_supp_data_records[i].arg); | ||||
| 				if (cb_retval == 0) | ||||
| 					{ | ||||
| 					SSLerr(SSL_F_TLS1_GET_SERVER_SUPPLEMENTAL_DATA, ERR_R_SSL_LIB); | ||||
| @@ -3763,8 +3766,8 @@ int tls1_get_server_supplemental_data(SSL *s) | ||||
| 		p += supp_data_entry_len; | ||||
| 		} | ||||
| 	return 1; | ||||
| f_err: | ||||
| 	ssl3_send_alert(s,SSL3_AL_FATAL,al); | ||||
| 	return -1; | ||||
| 	f_err: | ||||
| 		ssl3_send_alert(s,SSL3_AL_FATAL,al); | ||||
| 		return -1; | ||||
| 	} | ||||
| #endif | ||||
|   | ||||
							
								
								
									
										12
									
								
								ssl/s3_lib.c
									
									
									
									
									
								
							
							
						
						
									
										12
									
								
								ssl/s3_lib.c
									
									
									
									
									
								
							| @@ -3029,8 +3029,8 @@ void ssl3_free(SSL *s) | ||||
| 	SSL_SRP_CTX_free(s); | ||||
| #endif | ||||
| #ifndef OPENSSL_NO_TLSEXT | ||||
|         if (s->s3->serverinfo_client_tlsext_custom_types != NULL) | ||||
|                 OPENSSL_free(s->s3->serverinfo_client_tlsext_custom_types); | ||||
| 	if (s->s3->serverinfo_client_tlsext_custom_types != NULL) | ||||
| 		OPENSSL_free(s->s3->serverinfo_client_tlsext_custom_types); | ||||
| #endif | ||||
| 	OPENSSL_cleanse(s->s3,sizeof *s->s3); | ||||
| 	OPENSSL_free(s->s3); | ||||
| @@ -3076,12 +3076,12 @@ void ssl3_clear(SSL *s) | ||||
| 		} | ||||
| #endif | ||||
| #ifndef OPENSSL_NO_TLSEXT | ||||
|         if (s->s3->serverinfo_client_tlsext_custom_types != NULL) | ||||
| 	if (s->s3->serverinfo_client_tlsext_custom_types != NULL) | ||||
| 		{ | ||||
|                 OPENSSL_free(s->s3->serverinfo_client_tlsext_custom_types); | ||||
|                 s->s3->serverinfo_client_tlsext_custom_types = NULL; | ||||
| 		OPENSSL_free(s->s3->serverinfo_client_tlsext_custom_types); | ||||
| 		s->s3->serverinfo_client_tlsext_custom_types = NULL; | ||||
| 		} | ||||
|         s->s3->serverinfo_client_tlsext_custom_types_count = 0; | ||||
| 	s->s3->serverinfo_client_tlsext_custom_types_count = 0; | ||||
| #ifndef OPENSSL_NO_EC | ||||
| 	s->s3->is_probably_safari = 0; | ||||
| #endif /* !OPENSSL_NO_EC */ | ||||
|   | ||||
| @@ -1504,7 +1504,8 @@ int ssl3_send_server_hello(SSL *s) | ||||
| 	{ | ||||
| 	unsigned char *buf; | ||||
| 	unsigned char *p,*d; | ||||
|         int i,sl,al; | ||||
| 	int i,sl; | ||||
| 	int al = 0; | ||||
| 	unsigned long l; | ||||
|  | ||||
| 	if (s->state == SSL3_ST_SW_SRVR_HELLO_A) | ||||
| @@ -1574,9 +1575,9 @@ int ssl3_send_server_hello(SSL *s) | ||||
| 			SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO,SSL_R_SERVERHELLO_TLSEXT); | ||||
| 			return -1; | ||||
| 			} | ||||
|                 if ((p = ssl_add_serverhello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH, &al)) == NULL) | ||||
| 		if ((p = ssl_add_serverhello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH, &al)) == NULL) | ||||
| 			{ | ||||
|                         ssl3_send_alert(s, SSL3_AL_FATAL, al); | ||||
| 			ssl3_send_alert(s, SSL3_AL_FATAL, al); | ||||
| 			SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO,ERR_R_INTERNAL_ERROR); | ||||
| 			return -1; | ||||
| 			} | ||||
| @@ -3704,7 +3705,7 @@ int ssl3_get_next_proto(SSL *s) | ||||
|  | ||||
| int tls1_send_server_supplemental_data(SSL *s, int *skip) | ||||
| 	{ | ||||
|         int al = 0; | ||||
| 	int al = 0; | ||||
| 	if (s->ctx->srv_supp_data_records_count) | ||||
| 		{ | ||||
| 		unsigned char *p = NULL; | ||||
| @@ -3724,14 +3725,14 @@ int tls1_send_server_supplemental_data(SSL *s, int *skip) | ||||
| 			if (!record->fn1) | ||||
| 				continue; | ||||
| 			cb_retval = record->fn1(s, record->supp_data_type, | ||||
|                         &out, &outlen, &al, | ||||
| 									&out, &outlen, &al, | ||||
| 			record->arg); | ||||
| 			if (cb_retval == -1) | ||||
| 				continue; /* skip this supp data entry */ | ||||
| 			if (cb_retval == 0) | ||||
| 				{ | ||||
| 				SSLerr(SSL_F_TLS1_SEND_SERVER_SUPPLEMENTAL_DATA,ERR_R_BUF_LIB); | ||||
|                                 goto f_err; | ||||
| 				goto f_err; | ||||
| 				} | ||||
| 			if (outlen == 0 || TLSEXT_MAXLEN_supplemental_data < outlen + 4 + length) | ||||
| 				{ | ||||
| @@ -3794,8 +3795,8 @@ int tls1_send_server_supplemental_data(SSL *s, int *skip) | ||||
| 	s->init_off = 0; | ||||
| 	return 1; | ||||
| f_err: | ||||
|         ssl3_send_alert(s,SSL3_AL_FATAL,al); | ||||
|         return 0; | ||||
| 	ssl3_send_alert(s,SSL3_AL_FATAL,al); | ||||
| 	return 0; | ||||
| 	} | ||||
|  | ||||
| int tls1_get_client_supplemental_data(SSL *s) | ||||
| @@ -3811,12 +3812,12 @@ int tls1_get_client_supplemental_data(SSL *s) | ||||
| 	size_t i = 0; | ||||
|  | ||||
| 	n=s->method->ssl_get_message(s, | ||||
| 	SSL3_ST_SR_SUPPLEMENTAL_DATA_A, | ||||
| 	SSL3_ST_SR_SUPPLEMENTAL_DATA_B, | ||||
| 	SSL3_MT_SUPPLEMENTAL_DATA, | ||||
| 	/* use default limit */ | ||||
| 	TLSEXT_MAXLEN_supplemental_data, | ||||
| 	&ok); | ||||
| 								 SSL3_ST_SR_SUPPLEMENTAL_DATA_A, | ||||
| 								 SSL3_ST_SR_SUPPLEMENTAL_DATA_B, | ||||
| 								 SSL3_MT_SUPPLEMENTAL_DATA, | ||||
| 								 /* use default limit */ | ||||
| 								 TLSEXT_MAXLEN_supplemental_data, | ||||
| 								 &ok); | ||||
|  | ||||
| 	if (!ok) return((int)n); | ||||
|  | ||||
|   | ||||
							
								
								
									
										32
									
								
								ssl/ssl.h
									
									
									
									
									
								
							
							
						
						
									
										32
									
								
								ssl/ssl.h
									
									
									
									
									
								
							| @@ -410,19 +410,19 @@ typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, S | ||||
|  */ | ||||
| typedef int (*custom_cli_ext_first_cb_fn)(SSL *s, unsigned short ext_type, | ||||
| 					  const unsigned char **out, | ||||
|                                           unsigned short *outlen, int *al, void *arg); | ||||
| 					  unsigned short *outlen, int *al, void *arg); | ||||
| typedef int (*custom_cli_ext_second_cb_fn)(SSL *s, unsigned short ext_type, | ||||
| 					   const unsigned char *in, | ||||
| 					   unsigned short inlen, int *al, | ||||
| 					   void *arg);  | ||||
| 					  const unsigned char *in, | ||||
| 					  unsigned short inlen, int *al, | ||||
| 					  void *arg); | ||||
|  | ||||
| typedef int (*custom_srv_ext_first_cb_fn)(SSL *s, unsigned short ext_type, | ||||
| 					  const unsigned char *in, | ||||
| 					  unsigned short inlen, int *al, | ||||
| 					  void *arg); | ||||
| typedef int (*custom_srv_ext_second_cb_fn)(SSL *s, unsigned short ext_type, | ||||
| 					   const unsigned char **out, | ||||
|                                            unsigned short *outlen, int *al, void *arg); | ||||
| 					  const unsigned char **out, | ||||
| 					  unsigned short *outlen, int *al, void *arg); | ||||
|  | ||||
| typedef struct { | ||||
| 	unsigned short ext_type; | ||||
| @@ -460,20 +460,20 @@ typedef struct { | ||||
|  *     fatal TLS alert, if the callback returns zero. | ||||
|  */ | ||||
| typedef int (*srv_supp_data_first_cb_fn)(SSL *s, unsigned short supp_data_type, | ||||
| 	     const unsigned char **out, | ||||
|              unsigned short *outlen, int *al, void *arg); | ||||
| 					  const unsigned char **out, | ||||
| 					  unsigned short *outlen, int *al, void *arg); | ||||
| typedef int (*srv_supp_data_second_cb_fn)(SSL *s, unsigned short supp_data_type, | ||||
| 	     const unsigned char *in, | ||||
| 	     unsigned short inlen, int *al, | ||||
| 	     void *arg); | ||||
| 					  const unsigned char *in, | ||||
| 					  unsigned short inlen, int *al, | ||||
| 					  void *arg); | ||||
|  | ||||
| typedef int (*cli_supp_data_first_cb_fn)(SSL *s, unsigned short supp_data_type, | ||||
| 	     const unsigned char *in, | ||||
| 	     unsigned short inlen, int *al, | ||||
| 	     void *arg); | ||||
| 					  const unsigned char *in, | ||||
| 					  unsigned short inlen, int *al, | ||||
| 					  void *arg); | ||||
| typedef int (*cli_supp_data_second_cb_fn)(SSL *s, unsigned short supp_data_type, | ||||
| 	     const unsigned char **out, | ||||
|              unsigned short *outlen, int *al, void *arg); | ||||
| 					  const unsigned char **out, | ||||
| 					  unsigned short *outlen, int *al, void *arg); | ||||
|  | ||||
| typedef struct { | ||||
| 	unsigned short supp_data_type; | ||||
|   | ||||
| @@ -844,71 +844,71 @@ static int serverinfo_find_extension(const unsigned char *serverinfo, | ||||
| 	} | ||||
|  | ||||
| static int serverinfo_srv_first_cb(SSL *s, unsigned short ext_type, | ||||
| 				   const unsigned char *in, | ||||
| 				   unsigned short inlen, int *al, | ||||
| 				   void *arg) | ||||
| 				const unsigned char *in, | ||||
| 				unsigned short inlen, int *al, | ||||
| 				void *arg) | ||||
| 	{ | ||||
|         size_t i = 0; | ||||
| 	size_t i = 0; | ||||
| 	if (inlen != 0) | ||||
| 		{ | ||||
| 		*al = SSL_AD_DECODE_ERROR; | ||||
| 		return 0; | ||||
| 		} | ||||
|         //if already in list, error out | ||||
|         for (i = 0; i < s->s3->serverinfo_client_tlsext_custom_types_count; i++) | ||||
|                 { | ||||
|                 if (s->s3->serverinfo_client_tlsext_custom_types[i] == ext_type) | ||||
|                         { | ||||
|                         *al = SSL_AD_DECODE_ERROR; | ||||
|                         return 0; | ||||
|                         } | ||||
|                 } | ||||
|         s->s3->serverinfo_client_tlsext_custom_types_count++; | ||||
|         s->s3->serverinfo_client_tlsext_custom_types = OPENSSL_realloc( | ||||
|         s->s3->serverinfo_client_tlsext_custom_types, | ||||
|         s->s3->serverinfo_client_tlsext_custom_types_count * 2); | ||||
|         if (s->s3->serverinfo_client_tlsext_custom_types == NULL) | ||||
|                 { | ||||
|                 s->s3->serverinfo_client_tlsext_custom_types_count = 0; | ||||
|                 *al = TLS1_AD_INTERNAL_ERROR; | ||||
|                 return 0; | ||||
|                 } | ||||
|         s->s3->serverinfo_client_tlsext_custom_types[ | ||||
|         s->s3->serverinfo_client_tlsext_custom_types_count - 1] = ext_type; | ||||
| 	//if already in list, error out | ||||
| 	for (i = 0; i < s->s3->serverinfo_client_tlsext_custom_types_count; i++) | ||||
| 		{ | ||||
| 		if (s->s3->serverinfo_client_tlsext_custom_types[i] == ext_type) | ||||
| 			{ | ||||
| 			*al = SSL_AD_DECODE_ERROR; | ||||
| 			return 0; | ||||
| 			} | ||||
| 		} | ||||
| 	s->s3->serverinfo_client_tlsext_custom_types_count++; | ||||
| 	s->s3->serverinfo_client_tlsext_custom_types = OPENSSL_realloc( | ||||
| 	s->s3->serverinfo_client_tlsext_custom_types, | ||||
| 	s->s3->serverinfo_client_tlsext_custom_types_count * 2); | ||||
| 	if (s->s3->serverinfo_client_tlsext_custom_types == NULL) | ||||
| 		{ | ||||
| 		s->s3->serverinfo_client_tlsext_custom_types_count = 0; | ||||
| 		*al = TLS1_AD_INTERNAL_ERROR; | ||||
| 		return 0; | ||||
| 		} | ||||
| 	s->s3->serverinfo_client_tlsext_custom_types[ | ||||
| 	s->s3->serverinfo_client_tlsext_custom_types_count - 1] = ext_type; | ||||
|  | ||||
| 	return 1; | ||||
| 	} | ||||
|  | ||||
| static int serverinfo_srv_second_cb(SSL *s, unsigned short ext_type, | ||||
| 			            const unsigned char **out, unsigned short *outlen,  | ||||
|                                     int *al, void *arg) | ||||
| 				const unsigned char **out, unsigned short *outlen, | ||||
| 				int *al, void *arg) | ||||
| 	{ | ||||
| 	const unsigned char *serverinfo = NULL; | ||||
| 	size_t serverinfo_length = 0; | ||||
|         size_t i = 0; | ||||
|         unsigned int match = 0; | ||||
|         /* Did the client send a TLS extension for this type? */ | ||||
|         for (i = 0; i < s->s3->serverinfo_client_tlsext_custom_types_count; i++) | ||||
|                 { | ||||
|                 if (s->s3->serverinfo_client_tlsext_custom_types[i] == ext_type) | ||||
|                         { | ||||
|                         match = 1; | ||||
|                         break; | ||||
|                         } | ||||
|                 } | ||||
|         if (!match) | ||||
|         { | ||||
|                 //extension not sent by client...don't send extension | ||||
|                 return -1; | ||||
|         } | ||||
| 	size_t i = 0; | ||||
| 	unsigned int match = 0; | ||||
| 	/* Did the client send a TLS extension for this type? */ | ||||
| 	for (i = 0; i < s->s3->serverinfo_client_tlsext_custom_types_count; i++) | ||||
| 		{ | ||||
| 		if (s->s3->serverinfo_client_tlsext_custom_types[i] == ext_type) | ||||
| 			{ | ||||
| 			match = 1; | ||||
| 			break; | ||||
| 			} | ||||
| 		} | ||||
| 	if (!match) | ||||
| 		{ | ||||
| 		//extension not sent by client...don't send extension | ||||
| 		return -1; | ||||
| 		} | ||||
|  | ||||
| 	/* Is there serverinfo data for the chosen server cert? */ | ||||
| 	if ((ssl_get_server_cert_serverinfo(s, &serverinfo, | ||||
| 					    &serverinfo_length)) != 0) | ||||
| 		&serverinfo_length)) != 0) | ||||
| 		{ | ||||
| 		/* Find the relevant extension from the serverinfo */ | ||||
| 		int retval = serverinfo_find_extension(serverinfo, serverinfo_length, | ||||
| 					      	       ext_type, out, outlen); | ||||
| 							ext_type, out, outlen); | ||||
| 		if (retval == 0) | ||||
| 			return 0; /* Error */ | ||||
| 		if (retval == -1) | ||||
|   | ||||
							
								
								
									
										132
									
								
								ssl/ssltest.c
									
									
									
									
									
								
							
							
						
						
									
										132
									
								
								ssl/ssltest.c
									
									
									
									
									
								
							| @@ -563,8 +563,8 @@ static int verify_serverinfo() | ||||
|  */ | ||||
|  | ||||
| static int custom_ext_0_cli_first_cb(SSL *s, unsigned short ext_type, | ||||
| 				     const unsigned char **out, | ||||
|                                      unsigned short *outlen, int *al, void *arg) | ||||
| 				const unsigned char **out, | ||||
| 				unsigned short *outlen, int *al, void *arg) | ||||
| 	{ | ||||
| 	if (ext_type != CUSTOM_EXT_TYPE_0) | ||||
| 		custom_ext_error = 1; | ||||
| @@ -572,17 +572,17 @@ static int custom_ext_0_cli_first_cb(SSL *s, unsigned short ext_type, | ||||
| 	} | ||||
|  | ||||
| static int custom_ext_0_cli_second_cb(SSL *s, unsigned short ext_type, | ||||
| 				      const unsigned char *in, | ||||
| 				      unsigned short inlen, int *al, | ||||
| 				      void *arg) | ||||
| 				const unsigned char *in, | ||||
| 				unsigned short inlen, int *al, | ||||
| 				void *arg) | ||||
| 	{ | ||||
| 	custom_ext_error = 1; /* Shouldn't be called */ | ||||
| 	return 0; | ||||
| 	} | ||||
|  | ||||
| static int custom_ext_1_cli_first_cb(SSL *s, unsigned short ext_type, | ||||
| 				     const unsigned char **out, | ||||
|                                      unsigned short *outlen, int *al, void *arg) | ||||
| 				const unsigned char **out, | ||||
| 				unsigned short *outlen, int *al, void *arg) | ||||
| 	{ | ||||
| 	if (ext_type != CUSTOM_EXT_TYPE_1) | ||||
| 		custom_ext_error = 1; | ||||
| @@ -592,17 +592,17 @@ static int custom_ext_1_cli_first_cb(SSL *s, unsigned short ext_type, | ||||
| 	} | ||||
|  | ||||
| static int custom_ext_1_cli_second_cb(SSL *s, unsigned short ext_type, | ||||
| 				      const unsigned char *in, | ||||
| 				      unsigned short inlen, int *al, | ||||
| 				      void *arg) | ||||
| 				const unsigned char *in, | ||||
| 				unsigned short inlen, int *al, | ||||
| 				void *arg) | ||||
| 	{ | ||||
| 	custom_ext_error = 1; /* Shouldn't be called */ | ||||
| 	return 0; | ||||
| 	} | ||||
|  | ||||
| static int custom_ext_2_cli_first_cb(SSL *s, unsigned short ext_type, | ||||
| 				     const unsigned char **out, | ||||
|                                      unsigned short *outlen, int *al, void *arg) | ||||
| 				const unsigned char **out, | ||||
| 				unsigned short *outlen, int *al, void *arg) | ||||
| 	{ | ||||
| 	if (ext_type != CUSTOM_EXT_TYPE_2) | ||||
| 		custom_ext_error = 1; | ||||
| @@ -612,9 +612,9 @@ static int custom_ext_2_cli_first_cb(SSL *s, unsigned short ext_type, | ||||
| 	} | ||||
|  | ||||
| static int custom_ext_2_cli_second_cb(SSL *s, unsigned short ext_type, | ||||
| 				      const unsigned char *in, | ||||
| 				      unsigned short inlen, int *al, | ||||
| 				      void *arg) | ||||
| 				const unsigned char *in, | ||||
| 				unsigned short inlen, int *al, | ||||
| 				void *arg) | ||||
| 	{ | ||||
| 	if (ext_type != CUSTOM_EXT_TYPE_2) | ||||
| 		custom_ext_error = 1; | ||||
| @@ -624,8 +624,8 @@ static int custom_ext_2_cli_second_cb(SSL *s, unsigned short ext_type, | ||||
| 	} | ||||
|  | ||||
| static int custom_ext_3_cli_first_cb(SSL *s, unsigned short ext_type, | ||||
| 				     const unsigned char **out, | ||||
|                                      unsigned short *outlen, int *al, void *arg) | ||||
| 				const unsigned char **out, | ||||
| 				unsigned short *outlen, int *al, void *arg) | ||||
| 	{ | ||||
| 	if (ext_type != CUSTOM_EXT_TYPE_3) | ||||
| 		custom_ext_error = 1; | ||||
| @@ -635,9 +635,9 @@ static int custom_ext_3_cli_first_cb(SSL *s, unsigned short ext_type, | ||||
| 	} | ||||
|  | ||||
| static int custom_ext_3_cli_second_cb(SSL *s, unsigned short ext_type, | ||||
| 				      const unsigned char *in, | ||||
| 				      unsigned short inlen, int *al, | ||||
| 				      void *arg) | ||||
| 				const unsigned char *in, | ||||
| 				unsigned short inlen, int *al, | ||||
| 				void *arg) | ||||
| 	{ | ||||
| 	if (ext_type != CUSTOM_EXT_TYPE_3) | ||||
| 		custom_ext_error = 1; | ||||
| @@ -650,9 +650,9 @@ static int custom_ext_3_cli_second_cb(SSL *s, unsigned short ext_type, | ||||
|  | ||||
| //custom_ext_0_cli_first_cb returns -1 - the server won't receive a callback for this extension | ||||
| static int custom_ext_0_srv_first_cb(SSL *s, unsigned short ext_type, | ||||
| 				     const unsigned char *in, | ||||
| 				     unsigned short inlen, int *al, | ||||
| 				     void *arg) | ||||
| 				const unsigned char *in, | ||||
| 				unsigned short inlen, int *al, | ||||
| 				void *arg) | ||||
| 	{ | ||||
| 	custom_ext_error = 1; | ||||
| 	return 0; /* Shouldn't be called */ | ||||
| @@ -660,16 +660,16 @@ static int custom_ext_0_srv_first_cb(SSL *s, unsigned short ext_type, | ||||
|  | ||||
| //'generate' callbacks are always called, even if the 'receive' callback isn't called | ||||
| static int custom_ext_0_srv_second_cb(SSL *s, unsigned short ext_type, | ||||
| 				      const unsigned char **out, | ||||
|                                       unsigned short *outlen, int *al, void *arg) | ||||
| 				const unsigned char **out, | ||||
| 				unsigned short *outlen, int *al, void *arg) | ||||
| 	{ | ||||
|         return -1; /* Don't send an extension */ | ||||
| 	} | ||||
|  | ||||
| static int custom_ext_1_srv_first_cb(SSL *s, unsigned short ext_type, | ||||
| 				     const unsigned char *in, | ||||
| 				     unsigned short inlen, int *al, | ||||
| 				     void *arg) | ||||
| 				const unsigned char *in, | ||||
| 				unsigned short inlen, int *al, | ||||
| 				void *arg) | ||||
| 	{ | ||||
| 	if (ext_type != CUSTOM_EXT_TYPE_1) | ||||
| 		custom_ext_error = 1;		 | ||||
| @@ -682,16 +682,16 @@ static int custom_ext_1_srv_first_cb(SSL *s, unsigned short ext_type, | ||||
| 	} | ||||
|  | ||||
| static int custom_ext_1_srv_second_cb(SSL *s, unsigned short ext_type, | ||||
| 				      const unsigned char **out, | ||||
|                                       unsigned short *outlen, int *al, void *arg) | ||||
| 				const unsigned char **out, | ||||
| 				unsigned short *outlen, int *al, void *arg) | ||||
| 	{ | ||||
| 	return -1; /* Don't send an extension */ | ||||
| 	} | ||||
|  | ||||
| static int custom_ext_2_srv_first_cb(SSL *s, unsigned short ext_type, | ||||
| 				     const unsigned char *in, | ||||
| 				     unsigned short inlen, int *al, | ||||
| 				     void *arg) | ||||
| 				const unsigned char *in, | ||||
| 				unsigned short inlen, int *al, | ||||
| 				void *arg) | ||||
| 	{ | ||||
| 	if (ext_type != CUSTOM_EXT_TYPE_2) | ||||
| 		custom_ext_error = 1;		 | ||||
| @@ -704,8 +704,8 @@ static int custom_ext_2_srv_first_cb(SSL *s, unsigned short ext_type, | ||||
| 	} | ||||
|  | ||||
| static int custom_ext_2_srv_second_cb(SSL *s, unsigned short ext_type, | ||||
| 				      const unsigned char **out, | ||||
|                                       unsigned short *outlen, int *al, void *arg) | ||||
| 				const unsigned char **out, | ||||
| 				unsigned short *outlen, int *al, void *arg) | ||||
| 	{ | ||||
| 	*out = NULL; | ||||
| 	*outlen = 0; | ||||
| @@ -713,9 +713,9 @@ static int custom_ext_2_srv_second_cb(SSL *s, unsigned short ext_type, | ||||
| 	} | ||||
|  | ||||
| static int custom_ext_3_srv_first_cb(SSL *s, unsigned short ext_type, | ||||
| 				     const unsigned char *in, | ||||
| 				     unsigned short inlen, int *al, | ||||
| 				     void *arg) | ||||
| 				const unsigned char *in, | ||||
| 				unsigned short inlen, int *al, | ||||
| 				void *arg) | ||||
| 	{ | ||||
| 	if (ext_type != CUSTOM_EXT_TYPE_3) | ||||
| 		custom_ext_error = 1;		 | ||||
| @@ -728,8 +728,8 @@ static int custom_ext_3_srv_first_cb(SSL *s, unsigned short ext_type, | ||||
| 	} | ||||
|  | ||||
| static int custom_ext_3_srv_second_cb(SSL *s, unsigned short ext_type, | ||||
| 				      const unsigned char **out, | ||||
|                                       unsigned short *outlen, int *al, void *arg) | ||||
| 				const unsigned char **out, | ||||
| 				unsigned short *outlen, int *al, void *arg) | ||||
| 	{ | ||||
| 	*out = (const unsigned char*)custom_ext_srv_string; | ||||
| 	*outlen = strlen(custom_ext_srv_string); | ||||
| @@ -737,8 +737,8 @@ static int custom_ext_3_srv_second_cb(SSL *s, unsigned short ext_type, | ||||
| 	} | ||||
|  | ||||
| static int supp_data_0_srv_first_cb(SSL *s, unsigned short supp_data_type, | ||||
| 				    const unsigned char **out, | ||||
|                                     unsigned short *outlen, int *al, void *arg) | ||||
| 				const unsigned char **out, | ||||
| 				unsigned short *outlen, int *al, void *arg) | ||||
| 	{ | ||||
| 	*out = (const unsigned char*)supp_data_0_string; | ||||
| 	*outlen = strlen(supp_data_0_string); | ||||
| @@ -748,9 +748,9 @@ static int supp_data_0_srv_first_cb(SSL *s, unsigned short supp_data_type, | ||||
| 	} | ||||
|  | ||||
| static int supp_data_0_srv_second_cb(SSL *s, unsigned short supp_data_type, | ||||
| 				     const unsigned char *in, | ||||
| 				     unsigned short inlen, int *al, | ||||
| 				     void *arg) | ||||
| 				const unsigned char *in, | ||||
| 				unsigned short inlen, int *al, | ||||
| 				void *arg) | ||||
| 	{ | ||||
| 	if (supp_data_type != CUSTOM_SUPP_DATA_TYPE_0) | ||||
| 		suppdata_error = 1; | ||||
| @@ -764,34 +764,34 @@ static int supp_data_0_srv_second_cb(SSL *s, unsigned short supp_data_type, | ||||
| 	} | ||||
|  | ||||
| static int supp_data_1_srv_first_cb(SSL *s, unsigned short supp_data_type, | ||||
| 				    const unsigned char **out, | ||||
|                                     unsigned short *outlen, int *al, void *arg) | ||||
| 				const unsigned char **out, | ||||
| 				unsigned short *outlen, int *al, void *arg) | ||||
| 	{ | ||||
| 	return -1; | ||||
| 	} | ||||
|  | ||||
| static int supp_data_1_srv_second_cb(SSL *s, unsigned short supp_data_type, | ||||
| 				     const unsigned char *in, | ||||
| 				     unsigned short inlen, int *al, | ||||
| 				     void *arg) | ||||
| 				const unsigned char *in, | ||||
| 				unsigned short inlen, int *al, | ||||
| 				void *arg) | ||||
| 	{ | ||||
| 	suppdata_error = 1; | ||||
| 	return 1; | ||||
| 	} | ||||
|  | ||||
| static int supp_data_2_srv_second_cb(SSL *s, unsigned short supp_data_type, | ||||
| 				     const unsigned char *in, | ||||
| 				     unsigned short inlen, int *al, | ||||
| 				     void *arg) | ||||
| 				const unsigned char *in, | ||||
| 				unsigned short inlen, int *al, | ||||
| 				void *arg) | ||||
| 	{ | ||||
| 	suppdata_error = 1; | ||||
| 	return 1; | ||||
| 	} | ||||
|  | ||||
| static int supp_data_0_cli_first_cb(SSL *s, unsigned short supp_data_type, | ||||
| 				    const unsigned char *in, | ||||
| 				    unsigned short inlen, int *al, | ||||
| 				    void *arg) | ||||
| 				const unsigned char *in, | ||||
| 				unsigned short inlen, int *al, | ||||
| 				void *arg) | ||||
| 	{ | ||||
| 	if (supp_data_type != CUSTOM_SUPP_DATA_TYPE_0) | ||||
| 		suppdata_error = 1; | ||||
| @@ -805,8 +805,8 @@ static int supp_data_0_cli_first_cb(SSL *s, unsigned short supp_data_type, | ||||
| 	} | ||||
|  | ||||
| static int supp_data_0_cli_second_cb(SSL *s, unsigned short supp_data_type, | ||||
| 				     const unsigned char **out, | ||||
|                                      unsigned short *outlen, int *al, void *arg) | ||||
| 				const unsigned char **out, | ||||
| 				unsigned short *outlen, int *al, void *arg) | ||||
| 	{ | ||||
| 	*out = (const unsigned char*)supp_data_0_string; | ||||
| 	*outlen = strlen(supp_data_0_string); | ||||
| @@ -816,25 +816,25 @@ static int supp_data_0_cli_second_cb(SSL *s, unsigned short supp_data_type, | ||||
| 	} | ||||
|  | ||||
| static int supp_data_1_cli_first_cb(SSL *s, unsigned short supp_data_type, | ||||
| 				    const unsigned char *in, | ||||
| 				    unsigned short inlen, int *al, | ||||
| 				    void *arg) | ||||
| 				const unsigned char *in, | ||||
| 				unsigned short inlen, int *al, | ||||
| 				void *arg) | ||||
| 	{ | ||||
| 	suppdata_error = 1; | ||||
| 	return 1; | ||||
| 	} | ||||
|  | ||||
| static int supp_data_1_cli_second_cb(SSL *s, unsigned short supp_data_type, | ||||
| 				     const unsigned char **out, | ||||
|                                      unsigned short *outlen, int *al, void *arg) | ||||
| 				const unsigned char **out, | ||||
| 				unsigned short *outlen, int *al, void *arg) | ||||
| 	{ | ||||
| 	return -1; | ||||
| 	} | ||||
|  | ||||
| static int supp_data_2_cli_first_cb(SSL *s, unsigned short supp_data_type, | ||||
| 				    const unsigned char *in, | ||||
| 				    unsigned short inlen, int *al, | ||||
| 				    void *arg) | ||||
| 				const unsigned char *in, | ||||
| 				unsigned short inlen, int *al, | ||||
| 				void *arg) | ||||
| 	{ | ||||
| 	suppdata_error = 1; | ||||
| 	return 1; | ||||
|   | ||||
							
								
								
									
										58
									
								
								ssl/t1_lib.c
									
									
									
									
									
								
							
							
						
						
									
										58
									
								
								ssl/t1_lib.c
									
									
									
									
									
								
							| @@ -1453,8 +1453,8 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha | ||||
| 				{ | ||||
| 				int cb_retval = 0; | ||||
| 				cb_retval = record->fn1(s, record->ext_type, | ||||
|                                                         &out, &outlen, al, | ||||
| 							record->arg); | ||||
| 										&out, &outlen, al, | ||||
| 										record->arg); | ||||
| 				if (cb_retval == 0) | ||||
| 					return NULL; /* error */ | ||||
| 				if (cb_retval == -1) | ||||
| @@ -1513,8 +1513,8 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha | ||||
| 	{ | ||||
| 	int extdatalen=0; | ||||
| 	unsigned char *ret = p; | ||||
|         size_t i; | ||||
|         custom_srv_ext_record *record; | ||||
| 	size_t i; | ||||
| 	custom_srv_ext_record *record; | ||||
| #ifndef OPENSSL_NO_NEXTPROTONEG | ||||
| 	int next_proto_neg_seen; | ||||
| #endif | ||||
| @@ -1698,29 +1698,29 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha | ||||
| 		} | ||||
| #endif | ||||
|  | ||||
|         for (i = 0; i < s->ctx->custom_srv_ext_records_count; i++) | ||||
| 	for (i = 0; i < s->ctx->custom_srv_ext_records_count; i++) | ||||
| 		{ | ||||
|                 record = &s->ctx->custom_srv_ext_records[i]; | ||||
|                 const unsigned char *out = NULL; | ||||
|                 unsigned short outlen = 0; | ||||
|                 int cb_retval = 0; | ||||
| 		record = &s->ctx->custom_srv_ext_records[i]; | ||||
| 		const unsigned char *out = NULL; | ||||
| 		unsigned short outlen = 0; | ||||
| 		int cb_retval = 0; | ||||
|  | ||||
|                 /* NULL callback or -1 omits extension */ | ||||
|                 if (!record->fn2) | ||||
|                         break; | ||||
|                 cb_retval = record->fn2(s, record->ext_type, | ||||
|                 &out, &outlen, al, | ||||
|                 record->arg); | ||||
|                 if (cb_retval == 0) | ||||
|                         return NULL; /* error */ | ||||
|                 if (cb_retval == -1) | ||||
|                         break; /* skip this extension */ | ||||
|                 if (limit < ret + 4 + outlen) | ||||
|                         return NULL; | ||||
|                 s2n(record->ext_type, ret); | ||||
|                 s2n(outlen, ret); | ||||
|                 memcpy(ret, out, outlen); | ||||
|                 ret += outlen; | ||||
| 		/* NULL callback or -1 omits extension */ | ||||
| 		if (!record->fn2) | ||||
| 			break; | ||||
| 		cb_retval = record->fn2(s, record->ext_type, | ||||
| 								&out, &outlen, al, | ||||
| 								record->arg); | ||||
| 		if (cb_retval == 0) | ||||
| 			return NULL; /* error */ | ||||
| 		if (cb_retval == -1) | ||||
| 			break; /* skip this extension */ | ||||
| 		if (limit < ret + 4 + outlen) | ||||
| 			return NULL; | ||||
| 		s2n(record->ext_type, ret); | ||||
| 		s2n(outlen, ret); | ||||
| 		memcpy(ret, out, outlen); | ||||
| 		ret += outlen; | ||||
| 		} | ||||
| #ifdef TLSEXT_TYPE_encrypt_then_mac | ||||
| 	if (s->s3->flags & TLS1_FLAGS_ENCRYPT_THEN_MAC) | ||||
| @@ -1935,11 +1935,11 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char | ||||
| 		} | ||||
|  | ||||
| 	/* Clear observed custom extensions */ | ||||
|         s->s3->serverinfo_client_tlsext_custom_types_count = 0; | ||||
|         if (s->s3->serverinfo_client_tlsext_custom_types != NULL) | ||||
| 	s->s3->serverinfo_client_tlsext_custom_types_count = 0; | ||||
| 	if (s->s3->serverinfo_client_tlsext_custom_types != NULL) | ||||
| 		{ | ||||
|                 OPENSSL_free(s->s3->serverinfo_client_tlsext_custom_types); | ||||
|                 s->s3->serverinfo_client_tlsext_custom_types = NULL; | ||||
| 		OPENSSL_free(s->s3->serverinfo_client_tlsext_custom_types); | ||||
| 		s->s3->serverinfo_client_tlsext_custom_types = NULL; | ||||
| 		} | ||||
|  | ||||
| #ifndef OPENSSL_NO_HEARTBEATS | ||||
|   | ||||
		Reference in New Issue
	
	Block a user
	 Scott Deboy
					Scott Deboy