commit 58ece83395dadd910842926f367474bfefcb982a
author Bodo Möller <bodo@openssl.org> Fri Jan 13 09:21:10 2006 +0000
committer Bodo Möller <bodo@openssl.org> Fri Jan 13 09:21:10 2006 +0000
tree 12a44d7ae46481f22f2a14edcf2cc180c836c0de
parent c75c096aa8469523f394ed2980efbdde44d17c6f

Further TLS extension improvements

Submitted by: Peter Sylvester

ssl/t1_lib.c

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 1aa5e90..abbde22 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -387,19 +387,30 @@
 	return 1;
 }
 
-int ssl_check_tlsext(SSL *s,int *al)
+int ssl_check_tlsext(SSL *s, int is_server)
 	{
 	int ret=SSL_TLSEXT_ERR_NOACK;
 
-	*al = SSL_AD_UNRECOGNIZED_NAME;
+	int al = SSL_AD_UNRECOGNIZED_NAME;
 
 	if (s->ctx != NULL && s->ctx->tlsext_servername_callback != 0) 
-		ret = s->ctx->tlsext_servername_callback(s, al, s->ctx->tlsext_servername_arg);
+		ret = s->ctx->tlsext_servername_callback(s, &al, s->ctx->tlsext_servername_arg);
 	else if (s->initial_ctx != NULL && s->initial_ctx->tlsext_servername_callback != 0) 		
-		ret = s->initial_ctx->tlsext_servername_callback(s, al, s->initial_ctx->tlsext_servername_arg);
+		ret = s->initial_ctx->tlsext_servername_callback(s, &al, s->initial_ctx->tlsext_servername_arg);
 
-	if (ret == SSL_TLSEXT_ERR_NOACK) 
-		s->servername_done=0;
-	return ret;
+	switch (ret) {
+		case SSL_TLSEXT_ERR_ALERT_FATAL:
+			ssl3_send_alert(s,SSL3_AL_FATAL,al); 
+			return -1;
+
+		case SSL_TLSEXT_ERR_ALERT_WARNING:
+			ssl3_send_alert(s,SSL3_AL_WARNING,al);
+			return 1; 
+					
+		case SSL_TLSEXT_ERR_NOACK:
+			s->servername_done=0;
+			default:
+		return 1;
 	}
+}
 #endif