generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Update custom TLS extension and supplemental data 'generate' callbacks to support sending an alert.

Browse Source 
If multiple TLS extensions are expected but not received, the TLS extension and supplemental data 'generate' callbacks are the only chance for the receive-side to trigger a specific TLS alert during the handshake.

Removed logic which no-op'd TLS extension generate callbacks (as the generate callbacks need to always be called in order to trigger alerts), and updated the serverinfo-specific custom TLS extension callbacks to track which custom TLS extensions were received by the client, where no-ops for 'generate' callbacks are appropriate.

(cherry picked from commit ac20719d99)
Conflicts:
	ssl/t1_lib.c
This commit is contained in:
Scott Deboy
2013-09-12 12:03:40 -07:00
parent 7198c5af1f
commit fc213217e8
12 changed files with 130 additions and 122 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
apps/s_server.c
View File

@@ -336,11 +336,11 @@ static int suppdata_cb(SSL *s, unsigned short supp_data_type,
static int auth_suppdata_generate_cb(SSL *s, unsigned short supp_data_type,
const unsigned char **out,
unsigned short *outlen, void *arg);
unsigned short *outlen, int *al, void *arg);
static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type,
const unsigned char **out, unsigned short *outlen,
void *arg);
int *al, void *arg);
static int authz_tlsext_cb(SSL *s, unsigned short ext_type,
const unsigned char *in,
@@ -3576,7 +3576,7 @@ static int authz_tlsext_cb(SSL *s, unsigned short ext_type,
static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type,
const unsigned char **out, unsigned short *outlen,
void *arg)
int *al, void *arg)
{
if (c_auth && client_provided_client_authz && client_provided_server_authz)
{
@@ -3609,7 +3609,7 @@ static int suppdata_cb(SSL *s, unsigned short supp_data_type,
static int auth_suppdata_generate_cb(SSL *s, unsigned short supp_data_type,
const unsigned char **out,
unsigned short *outlen, void *arg)
unsigned short *outlen, int *al, void *arg)
{
if (c_auth && client_provided_client_authz && client_provided_server_authz)
{