diff options
author | Ben Laurie <ben@links.org> | 2014-07-06 10:31:18 +0100 |
---|---|---|
committer | Ben Laurie <ben@links.org> | 2014-07-06 10:31:18 +0100 |
commit | 837310418f0381e18c0d9259d9738ad497d4aba5 (patch) | |
tree | 97ea8aa8c9250ae2122c77719a34224173fe31a5 | |
parent | 5cc73618ffe52690b94ebb6560debf4c62f81742 (diff) | |
download | openssl-new-837310418f0381e18c0d9259d9738ad497d4aba5.tar.gz |
Make SSL_set_tlsext_status_ocsp_resp() a real function.
-rw-r--r-- | ssl/s3_lib.c | 17 | ||||
-rw-r--r-- | ssl/tls1.h | 7 |
2 files changed, 13 insertions, 11 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index f7b56cdf25..904c30dddd 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3407,6 +3407,15 @@ size_t SSL_get_tlsext_status_ocsp_resp(SSL *s, const unsigned char **resp) return s->tlsext_ocsp_resplen; } +void SSL_set_tlsext_status_ocsp_resp(SSL *s, unsigned char *resp, + size_t resplen) + { + if (s->tlsext_ocsp_resp) + OPENSSL_free(s->tlsext_ocsp_resp); + s->tlsext_ocsp_resp = resp; + s->tlsext_ocsp_resplen = resplen; + } + #endif /* ndef OPENSSL_NO_TLSEXT */ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) @@ -3595,14 +3604,6 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) break; #endif - case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: - if (s->tlsext_ocsp_resp) - OPENSSL_free(s->tlsext_ocsp_resp); - s->tlsext_ocsp_resp = parg; - s->tlsext_ocsp_resplen = larg; - ret = 1; - break; - #ifndef OPENSSL_NO_HEARTBEATS case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT: if (SSL_IS_DTLS(s)) diff --git a/ssl/tls1.h b/ssl/tls1.h index fe92fc0689..f51b4c29bd 100644 --- a/ssl/tls1.h +++ b/ssl/tls1.h @@ -350,11 +350,12 @@ void SSL_set_tlsext_status_exts(SSL *s, STACK_OF(X509_EXTENSION) *exts); void SSL_get_tlsext_status_ids(SSL *s, STACK_OF(OCSP_RESPID) **ids); void SSL_set_tlsext_status_ids(SSL *s, STACK_OF(OCSP_RESPID) *ids); size_t SSL_get_tlsext_status_ocsp_resp(SSL *s, const unsigned char **resp); +/* Note that this does NOT copy its argument, however it DOES OPENSSL_free() + * any previously set value. FIXME? */ +void SSL_set_tlsext_status_ocsp_resp(SSL *s, unsigned char *resp, + size_t resplen); #endif /* ndef OPENSSL_NO_TLSEXT */ -#define SSL_set_tlsext_status_ocsp_resp(ssl, arg, arglen) \ -SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP,arglen, (void *)arg) - #define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \ SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,(void (*)(void))cb) |