Rename SSL_CTX_set_early_cb to SSL_CTX_set_client_hello_cb.
"Early callback" is a little ambiguous now that early data exists.
Perhaps "ClientHello callback"?
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4349)
diff --git a/test/handshake_helper.c b/test/handshake_helper.c
index dc020d9..5e5c311 100644
--- a/test/handshake_helper.c
+++ b/test/handshake_helper.c
@@ -137,7 +137,7 @@
}
}
-static int early_select_server_ctx(SSL *s, void *arg, int ignore)
+static int client_hello_select_server_ctx(SSL *s, void *arg, int ignore)
{
const char *servername;
const unsigned char *p;
@@ -149,7 +149,8 @@
* The server_name extension was given too much extensibility when it
* was written, so parsing the normal case is a bit complex.
*/
- if (!SSL_early_get0_ext(s, TLSEXT_TYPE_server_name, &p, &remaining) ||
+ if (!SSL_client_hello_get0_ext(s, TLSEXT_TYPE_server_name, &p,
+ &remaining) ||
remaining <= 2)
return 0;
/* Extract the length of the supplied list of names. */
@@ -219,44 +220,44 @@
return select_server_ctx(s, arg, 0);
}
-static int early_ignore_cb(SSL *s, int *al, void *arg)
+static int client_hello_ignore_cb(SSL *s, int *al, void *arg)
{
- if (!early_select_server_ctx(s, arg, 1)) {
+ if (!client_hello_select_server_ctx(s, arg, 1)) {
*al = SSL_AD_UNRECOGNIZED_NAME;
return 0;
}
return 1;
}
-static int early_reject_cb(SSL *s, int *al, void *arg)
+static int client_hello_reject_cb(SSL *s, int *al, void *arg)
{
- if (!early_select_server_ctx(s, arg, 0)) {
+ if (!client_hello_select_server_ctx(s, arg, 0)) {
*al = SSL_AD_UNRECOGNIZED_NAME;
return 0;
}
return 1;
}
-static int early_nov12_cb(SSL *s, int *al, void *arg)
+static int client_hello_nov12_cb(SSL *s, int *al, void *arg)
{
int ret;
unsigned int v;
const unsigned char *p;
- v = SSL_early_get0_legacy_version(s);
+ v = SSL_client_hello_get0_legacy_version(s);
if (v > TLS1_2_VERSION || v < SSL3_VERSION) {
*al = SSL_AD_PROTOCOL_VERSION;
return 0;
}
- (void)SSL_early_get0_session_id(s, &p);
+ (void)SSL_client_hello_get0_session_id(s, &p);
if (p == NULL ||
- SSL_early_get0_random(s, &p) == 0 ||
- SSL_early_get0_ciphers(s, &p) == 0 ||
- SSL_early_get0_compression_methods(s, &p) == 0) {
+ SSL_client_hello_get0_random(s, &p) == 0 ||
+ SSL_client_hello_get0_ciphers(s, &p) == 0 ||
+ SSL_client_hello_get0_compression_methods(s, &p) == 0) {
*al = SSL_AD_INTERNAL_ERROR;
return 0;
}
- ret = early_select_server_ctx(s, arg, 0);
+ ret = client_hello_select_server_ctx(s, arg, 0);
SSL_set_max_proto_version(s, TLS1_1_VERSION);
if (!ret)
*al = SSL_AD_UNRECOGNIZED_NAME;
@@ -489,7 +490,8 @@
/*
* Link the two contexts for SNI purposes.
- * Also do early callbacks here, as setting both early and SNI is bad.
+ * Also do ClientHello callbacks here, as setting both ClientHello and SNI
+ * is bad.
*/
switch (extra->server.servername_callback) {
case SSL_TEST_SERVERNAME_IGNORE_MISMATCH:
@@ -502,14 +504,14 @@
break;
case SSL_TEST_SERVERNAME_CB_NONE:
break;
- case SSL_TEST_SERVERNAME_EARLY_IGNORE_MISMATCH:
- SSL_CTX_set_early_cb(server_ctx, early_ignore_cb, server2_ctx);
+ case SSL_TEST_SERVERNAME_CLIENT_HELLO_IGNORE_MISMATCH:
+ SSL_CTX_set_client_hello_cb(server_ctx, client_hello_ignore_cb, server2_ctx);
break;
- case SSL_TEST_SERVERNAME_EARLY_REJECT_MISMATCH:
- SSL_CTX_set_early_cb(server_ctx, early_reject_cb, server2_ctx);
+ case SSL_TEST_SERVERNAME_CLIENT_HELLO_REJECT_MISMATCH:
+ SSL_CTX_set_client_hello_cb(server_ctx, client_hello_reject_cb, server2_ctx);
break;
- case SSL_TEST_SERVERNAME_EARLY_NO_V12:
- SSL_CTX_set_early_cb(server_ctx, early_nov12_cb, server2_ctx);
+ case SSL_TEST_SERVERNAME_CLIENT_HELLO_NO_V12:
+ SSL_CTX_set_client_hello_cb(server_ctx, client_hello_nov12_cb, server2_ctx);
}
if (extra->server.cert_status != SSL_TEST_CERT_STATUS_NONE) {
