Google Git
Sign in
flutter/third_party/openssl/ac20719d994729970eb3b775c7bffa81f0e9f960^!/./ssl/ssltest.c
commit
ac20719d994729970eb3b775c7bffa81f0e9f960
[log]
author
Scott Deboy <sdeboy@secondstryke.com>
Thu Sep 12 12:03:40 2013 -0700
committer
Ben Laurie <ben@links.org>
Wed Feb 05 18:25:46 2014 +0000
tree
968d561cc089196fff817ca36bee1bdc9cbc2f78
parent
a51f767645c117667d337f77fe1dd9c0a66d8410 [diff] [blame]
Update custom TLS extension and supplemental data 'generate' callbacks to support sending an alert.

If multiple TLS extensions are expected but not received, the TLS extension and supplemental data 'generate' callbacks are the only chance for the receive-side to trigger a specific TLS alert during the handshake.

Removed logic which no-op'd TLS extension generate callbacks (as the generate callbacks need to always be called in order to trigger alerts), and updated the serverinfo-specific custom TLS extension callbacks to track which custom TLS extensions were received by the client, where no-ops for 'generate' callbacks are appropriate.

diff --git a/ssl/ssltest.c b/ssl/ssltest.c
index 5e2fed8..abdb1b8 100644
--- a/ssl/ssltest.c
+++ b/ssl/ssltest.c

@@ -564,7 +564,7 @@
 
 static int custom_ext_0_cli_first_cb(SSL *s, unsigned short ext_type,
 				     const unsigned char **out,
-				     unsigned short *outlen, void *arg)
+                                     unsigned short *outlen, int *al, void *arg)
 	{
 	if (ext_type != CUSTOM_EXT_TYPE_0)
 		custom_ext_error = 1;
@@ -582,7 +582,7 @@
 
 static int custom_ext_1_cli_first_cb(SSL *s, unsigned short ext_type,
 				     const unsigned char **out,
-				     unsigned short *outlen, void *arg)
+                                     unsigned short *outlen, int *al, void *arg)
 	{
 	if (ext_type != CUSTOM_EXT_TYPE_1)
 		custom_ext_error = 1;
@@ -602,7 +602,7 @@
 
 static int custom_ext_2_cli_first_cb(SSL *s, unsigned short ext_type,
 				     const unsigned char **out,
-				     unsigned short *outlen, void *arg)
+                                     unsigned short *outlen, int *al, void *arg)
 	{
 	if (ext_type != CUSTOM_EXT_TYPE_2)
 		custom_ext_error = 1;
@@ -625,7 +625,7 @@
 
 static int custom_ext_3_cli_first_cb(SSL *s, unsigned short ext_type,
 				     const unsigned char **out,
-				     unsigned short *outlen, void *arg)
+                                     unsigned short *outlen, int *al, void *arg)
 	{
 	if (ext_type != CUSTOM_EXT_TYPE_3)
 		custom_ext_error = 1;
@@ -648,7 +648,7 @@
 	return 1;
 	}
 
-
+//custom_ext_0_cli_first_cb returns -1 - the server won't receive a callback for this extension
 static int custom_ext_0_srv_first_cb(SSL *s, unsigned short ext_type,
 				     const unsigned char *in,
 				     unsigned short inlen, int *al,
@@ -658,12 +658,12 @@
 	return 0; /* Shouldn't be called */
 	}
 
+//'generate' callbacks are always called, even if the 'receive' callback isn't called
 static int custom_ext_0_srv_second_cb(SSL *s, unsigned short ext_type,
 				      const unsigned char **out,
-				      unsigned short *outlen, void *arg)
+                                      unsigned short *outlen, int *al, void *arg)
 	{
-	custom_ext_error = 1;
-	return 0; /* Shouldn't be called */
+        return -1; /* Don't send an extension */
 	}
 
 static int custom_ext_1_srv_first_cb(SSL *s, unsigned short ext_type,
@@ -683,7 +683,7 @@
 
 static int custom_ext_1_srv_second_cb(SSL *s, unsigned short ext_type,
 				      const unsigned char **out,
-				      unsigned short *outlen, void *arg)
+                                      unsigned short *outlen, int *al, void *arg)
 	{
 	return -1; /* Don't send an extension */
 	}
@@ -705,7 +705,7 @@
 
 static int custom_ext_2_srv_second_cb(SSL *s, unsigned short ext_type,
 				      const unsigned char **out,
-				      unsigned short *outlen, void *arg)
+                                      unsigned short *outlen, int *al, void *arg)
 	{
 	*out = NULL;
 	*outlen = 0;
@@ -729,7 +729,7 @@
 
 static int custom_ext_3_srv_second_cb(SSL *s, unsigned short ext_type,
 				      const unsigned char **out,
-				      unsigned short *outlen, void *arg)
+                                      unsigned short *outlen, int *al, void *arg)
 	{
 	*out = (const unsigned char*)custom_ext_srv_string;
 	*outlen = strlen(custom_ext_srv_string);
@@ -738,7 +738,7 @@
 
 static int supp_data_0_srv_first_cb(SSL *s, unsigned short supp_data_type,
 				    const unsigned char **out,
-				    unsigned short *outlen, void *arg)
+                                    unsigned short *outlen, int *al, void *arg)
 	{
 	*out = (const unsigned char*)supp_data_0_string;
 	*outlen = strlen(supp_data_0_string);
@@ -765,7 +765,7 @@
 
 static int supp_data_1_srv_first_cb(SSL *s, unsigned short supp_data_type,
 				    const unsigned char **out,
-				    unsigned short *outlen, void *arg)
+                                    unsigned short *outlen, int *al, void *arg)
 	{
 	return -1;
 	}
@@ -806,7 +806,7 @@
 
 static int supp_data_0_cli_second_cb(SSL *s, unsigned short supp_data_type,
 				     const unsigned char **out,
-				     unsigned short *outlen, void *arg)
+                                     unsigned short *outlen, int *al, void *arg)
 	{
 	*out = (const unsigned char*)supp_data_0_string;
 	*outlen = strlen(supp_data_0_string);
@@ -826,7 +826,7 @@
 
 static int supp_data_1_cli_second_cb(SSL *s, unsigned short supp_data_type,
 				     const unsigned char **out,
-				     unsigned short *outlen, void *arg)
+                                     unsigned short *outlen, int *al, void *arg)
 	{
 	return -1;
 	}