diff options
author | Ben Laurie <ben@links.org> | 2014-07-06 10:47:57 +0100 |
---|---|---|
committer | Ben Laurie <ben@links.org> | 2014-07-06 10:47:57 +0100 |
commit | 43fc5a2545bd0066793d73bab178b414c7194e77 (patch) | |
tree | ed5c4624ea21ade23ebdcf7681589e7cc70da7b8 | |
parent | 25a592d58b3fab0d7d1bb550daf8dd39f3e91959 (diff) | |
download | openssl-new-43fc5a2545bd0066793d73bab178b414c7194e77.tar.gz |
Make SSL_set_tlsext_opaque_prf_input() a real function.
-rw-r--r-- | ssl/s3_lib.c | 50 | ||||
-rw-r--r-- | ssl/ssl.h | 1 | ||||
-rw-r--r-- | ssl/tls1.h | 5 |
3 files changed, 29 insertions, 27 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 04c6ff42a8..fce65d491c 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3416,6 +3416,32 @@ void SSL_set_tlsext_status_ocsp_resp(SSL *s, unsigned char *resp, s->tlsext_ocsp_resplen = resplen; } +#ifdef TLSEXT_TYPE_opaque_prf_input +int SSL_set_tlsext_opaque_prf_input(SSL *s, const void *src, size_t len) + { + if (len > 12288) /* actual internal limit is 2^16 for the + * complete hello message (including the + * cert chain and everything) */ + { + SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG); + break; + } + if (s->tlsext_opaque_prf_input != NULL) + OPENSSL_free(s->tlsext_opaque_prf_input); + if (len == 0) + s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */ + else + s->tlsext_opaque_prf_input = BUF_memdup(parg, len); + if (s->tlsext_opaque_prf_input != NULL) + { + s->tlsext_opaque_prf_input_len = len; + return 1; + } + s->tlsext_opaque_prf_input_len = 0; + return 0; + } +#endif + #endif /* ndef OPENSSL_NO_TLSEXT */ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) @@ -3580,30 +3606,6 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) #endif /* !OPENSSL_NO_ECDH */ #ifndef OPENSSL_NO_TLSEXT -#ifdef TLSEXT_TYPE_opaque_prf_input - case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT: - if (larg > 12288) /* actual internal limit is 2^16 for the complete hello message - * (including the cert chain and everything) */ - { - SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG); - break; - } - if (s->tlsext_opaque_prf_input != NULL) - OPENSSL_free(s->tlsext_opaque_prf_input); - if ((size_t)larg == 0) - s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */ - else - s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg); - if (s->tlsext_opaque_prf_input != NULL) - { - s->tlsext_opaque_prf_input_len = (size_t)larg; - ret = 1; - } - else - s->tlsext_opaque_prf_input_len = 0; - break; -#endif - #ifndef OPENSSL_NO_HEARTBEATS case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT: if (SSL_IS_DTLS(s)) @@ -1802,7 +1802,6 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) #define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG 54 #define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58 #define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59 -#define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT 60 #define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB 61 #define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG 62 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB 63 diff --git a/ssl/tls1.h b/ssl/tls1.h index f51b4c29bd..3799cba737 100644 --- a/ssl/tls1.h +++ b/ssl/tls1.h @@ -354,6 +354,9 @@ size_t SSL_get_tlsext_status_ocsp_resp(SSL *s, const unsigned char **resp); * any previously set value. FIXME? */ void SSL_set_tlsext_status_ocsp_resp(SSL *s, unsigned char *resp, size_t resplen); +# ifdef TLSEXT_TYPE_opaque_prf_input +void SSL_set_tlsext_opaque_prf_input(SSL *s, const void *src, size_t len); +# endif #endif /* ndef OPENSSL_NO_TLSEXT */ #define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \ @@ -378,8 +381,6 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb) #define SSL_CTX_set_tlsext_status_arg(ssl, arg) \ SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg) -#define SSL_set_tlsext_opaque_prf_input(s, src, len) \ -SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT, len, src) #define SSL_CTX_set_tlsext_opaque_prf_input_callback(ctx, cb) \ SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB, (void (*)(void))cb) #define SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(ctx, arg) \ |