Move extension data into sub-structs
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2052)
diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
index 0c65525..2568ac6 100644
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -457,11 +457,11 @@
if (!currext->present)
return 1;
- if (s->tlsext_debug_cb)
- s->tlsext_debug_cb(s, !s->server, currext->type,
- PACKET_data(&currext->data),
- PACKET_remaining(&currext->data),
- s->tlsext_debug_arg);
+ if (s->ext.debug_cb)
+ s->ext.debug_cb(s, !s->server, currext->type,
+ PACKET_data(&currext->data),
+ PACKET_remaining(&currext->data),
+ s->ext.debug_arg);
/* Skip if we've already parsed this extension */
if (currext->parsed)
@@ -714,13 +714,13 @@
int ret = SSL_TLSEXT_ERR_NOACK;
int altmp = SSL_AD_UNRECOGNIZED_NAME;
- if (s->ctx != NULL && s->ctx->tlsext_servername_callback != 0)
- ret = s->ctx->tlsext_servername_callback(s, &altmp,
- s->ctx->tlsext_servername_arg);
+ if (s->ctx != NULL && s->ctx->ext.servername_cb != 0)
+ ret = s->ctx->ext.servername_cb(s, &altmp,
+ s->ctx->ext.servername_arg);
else if (s->initial_ctx != NULL
- && s->initial_ctx->tlsext_servername_callback != 0)
- ret = s->initial_ctx->tlsext_servername_callback(s, &altmp,
- s->initial_ctx->tlsext_servername_arg);
+ && s->initial_ctx->ext.servername_cb != 0)
+ ret = s->initial_ctx->ext.servername_cb(s, &altmp,
+ s->initial_ctx->ext.servername_arg);
switch (ret) {
case SSL_TLSEXT_ERR_ALERT_FATAL:
@@ -757,20 +757,20 @@
* suite, then if server returns an EC point formats lists extension it
* must contain uncompressed.
*/
- if (s->tlsext_ecpointformatlist != NULL
- && s->tlsext_ecpointformatlist_length > 0
- && s->session->tlsext_ecpointformatlist != NULL
- && s->session->tlsext_ecpointformatlist_length > 0
+ if (s->ext.ecpointformats != NULL
+ && s->ext.ecpointformats_len > 0
+ && s->session->ext.ecpointformats != NULL
+ && s->session->ext.ecpointformats_len > 0
&& ((alg_k & SSL_kECDHE) || (alg_a & SSL_aECDSA))) {
/* we are using an ECC cipher */
size_t i;
- unsigned char *list = s->session->tlsext_ecpointformatlist;
+ unsigned char *list = s->session->ext.ecpointformats;
- for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++) {
+ for (i = 0; i < s->session->ext.ecpointformats_len; i++) {
if (*list++ == TLSEXT_ECPOINTFORMAT_uncompressed)
break;
}
- if (i == s->session->tlsext_ecpointformatlist_length) {
+ if (i == s->session->ext.ecpointformats_len) {
SSLerr(SSL_F_FINAL_EC_PT_FORMATS,
SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST);
return 0;
@@ -784,7 +784,7 @@
static int init_session_ticket(SSL *s, unsigned int context)
{
if (!s->server)
- s->tlsext_ticket_expected = 0;
+ s->ext.ticket_expected = 0;
return 1;
}
@@ -793,25 +793,43 @@
static int init_status_request(SSL *s, unsigned int context)
{
if (s->server) {
- s->tlsext_status_type = TLSEXT_STATUSTYPE_nothing;
+ s->ext.status_type = TLSEXT_STATUSTYPE_nothing;
} else {
/*
* Ensure we get sensible values passed to tlsext_status_cb in the event
* that we don't receive a status message
*/
OPENSSL_free(s->tlsext_ocsp_resp);
- s->tlsext_ocsp_resp = NULL;
- s->tlsext_ocsp_resplen = 0;
+ s->ext.ocsp_resp = NULL;
+ s->ext.ocsp_resplen = 0;
}
return 1;
}
+
+static int final_status_request(SSL *s, unsigned int context, int sent,
+ int *al)
+{
+ if (s->server)
+ return 1;
+
+ /*
+ * Ensure we get sensible values passed to ext.status_cb in the event
+ * that we don't receive a status message
+ */
+ OPENSSL_free(s->ext.ocsp.resp);
+ s->ext.ocsp.resp = NULL;
+ s->ext.ocsp.resp_len = 0;
+>>>>>>> Move extension data into sub-structs
+
+ return 1;
+}
#endif
#ifndef OPENSSL_NO_NEXTPROTONEG
static int init_npn(SSL *s, unsigned int context)
{
- s->s3->next_proto_neg_seen = 0;
+ s->s3->npn_seen = 0;
return 1;
}
@@ -838,11 +856,11 @@
if (!s->server)
return 1;
- if (s->ctx->alpn_select_cb != NULL && s->s3->alpn_proposed != NULL) {
- int r = s->ctx->alpn_select_cb(s, &selected, &selected_len,
- s->s3->alpn_proposed,
- (unsigned int)s->s3->alpn_proposed_len,
- s->ctx->alpn_select_cb_arg);
+ if (s->ctx->ext.alpn_select_cb != NULL && s->s3->alpn_proposed != NULL) {
+ int r = s->ctx->ext.alpn_select_cb(s, &selected, &selected_len,
+ s->s3->alpn_proposed,
+ (unsigned int)s->s3->alpn_proposed_len,
+ s->ctx->ext.alpn_select_cb_arg);
if (r == SSL_TLSEXT_ERR_OK) {
OPENSSL_free(s->s3->alpn_selected);
@@ -854,7 +872,7 @@
s->s3->alpn_selected_len = selected_len;
#ifndef OPENSSL_NO_NEXTPROTONEG
/* ALPN takes precedence over NPN. */
- s->s3->next_proto_neg_seen = 0;
+ s->s3->npn_seen = 0;
#endif
} else {
*al = SSL_AD_NO_APPLICATION_PROTOCOL;
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index 277e062..be0c979 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -34,7 +34,7 @@
int tls_construct_ctos_server_name(SSL *s, WPACKET *pkt, X509 *x,
size_t chainidx, int *al)
{
- if (s->tlsext_hostname == NULL)
+ if (s->ext.hostname == NULL)
return 1;
/* Add TLS extension servername to the Client Hello message */
@@ -44,8 +44,8 @@
/* Sub-packet for servername list (always 1 hostname)*/
|| !WPACKET_start_sub_packet_u16(pkt)
|| !WPACKET_put_bytes_u8(pkt, TLSEXT_NAMETYPE_host_name)
- || !WPACKET_sub_memcpy_u16(pkt, s->tlsext_hostname,
- strlen(s->tlsext_hostname))
+ || !WPACKET_sub_memcpy_u16(pkt, s->ext.hostname,
+ strlen(s->ext.hostname))
|| !WPACKET_close(pkt)
|| !WPACKET_close(pkt)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_SERVER_NAME, ERR_R_INTERNAL_ERROR);
@@ -145,7 +145,7 @@
* Add TLS extension supported_groups to the ClientHello message
*/
/* TODO(TLS1.3): Add support for DHE groups */
- pcurves = s->tlsext_supportedgroupslist;
+ pcurves = s->ext.supportedgroups;
if (!tls1_get_curvelist(s, 0, &pcurves, &num_curves)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_GROUPS,
ERR_R_INTERNAL_ERROR);
@@ -191,30 +191,30 @@
return 1;
if (!s->new_session && s->session != NULL
- && s->session->tlsext_tick != NULL) {
- ticklen = s->session->tlsext_ticklen;
- } else if (s->session && s->tlsext_session_ticket != NULL
- && s->tlsext_session_ticket->data != NULL) {
- ticklen = s->tlsext_session_ticket->length;
- s->session->tlsext_tick = OPENSSL_malloc(ticklen);
- if (s->session->tlsext_tick == NULL) {
+ && s->session->ext.tick != NULL) {
+ ticklen = s->session->ext.ticklen;
+ } else if (s->session && s->ext.session_ticket != NULL
+ && s->ext.session_ticket->data != NULL) {
+ ticklen = s->ext.session_ticket->length;
+ s->session->ext.tick = OPENSSL_malloc(ticklen);
+ if (s->session->ext.tick == NULL) {
SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_SESSION_TICKET,
ERR_R_INTERNAL_ERROR);
return 0;
}
- memcpy(s->session->tlsext_tick,
- s->tlsext_session_ticket->data, ticklen);
- s->session->tlsext_ticklen = ticklen;
+ memcpy(s->session->ext.tick,
+ s->ext.session_ticket->data, ticklen);
+ s->session->ext.ticklen = ticklen;
} else {
ticklen = 0;
}
- if (ticklen == 0 && s->tlsext_session_ticket != NULL &&
- s->tlsext_session_ticket->data == NULL)
+ if (ticklen == 0 && s->ext.session_ticket != NULL &&
+ s->ext.session_ticket->data == NULL)
return 1;
if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_session_ticket)
- || !WPACKET_sub_memcpy_u16(pkt, s->session->tlsext_tick, ticklen)) {
+ || !WPACKET_sub_memcpy_u16(pkt, s->session->ext.tick, ticklen)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_SESSION_TICKET, ERR_R_INTERNAL_ERROR);
return 0;
}
@@ -257,7 +257,7 @@
if (x != NULL)
return 1;
- if (s->tlsext_status_type != TLSEXT_STATUSTYPE_ocsp)
+ if (s->ext.status_type != TLSEXT_STATUSTYPE_ocsp)
return 1;
if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_status_request)
@@ -269,9 +269,9 @@
SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_STATUS_REQUEST, ERR_R_INTERNAL_ERROR);
return 0;
}
- for (i = 0; i < sk_OCSP_RESPID_num(s->tlsext_ocsp_ids); i++) {
+ for (i = 0; i < sk_OCSP_RESPID_num(s->ext.ocsp.ids); i++) {
unsigned char *idbytes;
- OCSP_RESPID *id = sk_OCSP_RESPID_value(s->tlsext_ocsp_ids, i);
+ OCSP_RESPID *id = sk_OCSP_RESPID_value(s->ext.ocsp.ids, i);
int idlen = i2d_OCSP_RESPID(id, NULL);
if (idlen <= 0
@@ -288,9 +288,9 @@
SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_STATUS_REQUEST, ERR_R_INTERNAL_ERROR);
return 0;
}
- if (s->tlsext_ocsp_exts) {
+ if (s->ext.ocsp.exts) {
unsigned char *extbytes;
- int extlen = i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, NULL);
+ int extlen = i2d_X509_EXTENSIONS(s->ext.ocsp.exts, NULL);
if (extlen < 0) {
SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_STATUS_REQUEST,
@@ -298,7 +298,7 @@
return 0;
}
if (!WPACKET_allocate_bytes(pkt, extlen, &extbytes)
- || i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, &extbytes)
+ || i2d_X509_EXTENSIONS(s->ext.ocsp.exts, &extbytes)
!= extlen) {
SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_STATUS_REQUEST,
ERR_R_INTERNAL_ERROR);
@@ -318,7 +318,7 @@
int tls_construct_ctos_npn(SSL *s, WPACKET *pkt, X509 *x, size_t chainidx,
int *al)
{
- if (s->ctx->next_proto_select_cb == NULL || s->s3->tmp.finish_md_len != 0)
+ if (s->ctx->ext.npn_select_cb == NULL || s->s3->tmp.finish_md_len != 0)
return 1;
/*
@@ -344,15 +344,14 @@
* finish_md_len is non-zero during a renegotiation, so
* this avoids sending ALPN during the renegotiation
*/
- if (s->alpn_client_proto_list == NULL || s->s3->tmp.finish_md_len != 0)
+ if (s->ext.alpn == NULL || s->s3->tmp.finish_md_len != 0)
return 1;
if (!WPACKET_put_bytes_u16(pkt,
TLSEXT_TYPE_application_layer_protocol_negotiation)
/* Sub-packet ALPN extension */
|| !WPACKET_start_sub_packet_u16(pkt)
- || !WPACKET_sub_memcpy_u16(pkt, s->alpn_client_proto_list,
- s->alpn_client_proto_list_len)
+ || !WPACKET_sub_memcpy_u16(pkt, s->ext.alpn, s->ext.alpn_len)
|| !WPACKET_close(pkt)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_ALPN, ERR_R_INTERNAL_ERROR);
return 0;
@@ -516,7 +515,7 @@
return 0;
}
- pcurves = s->tlsext_supportedgroupslist;
+ pcurves = s->ext.supportedgroups;
if (!tls1_get_curvelist(s, 0, &pcurves, &num_curves)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE, ERR_R_INTERNAL_ERROR);
return 0;
@@ -698,18 +697,18 @@
int tls_parse_stoc_server_name(SSL *s, PACKET *pkt, X509 *x, size_t chainidx,
int *al)
{
- if (s->tlsext_hostname == NULL || PACKET_remaining(pkt) > 0) {
+ if (s->ext.hostname == NULL || PACKET_remaining(pkt) > 0) {
*al = SSL_AD_UNRECOGNIZED_NAME;
return 0;
}
if (!s->hit) {
- if (s->session->tlsext_hostname != NULL) {
+ if (s->session->ext.hostname != NULL) {
*al = SSL_AD_INTERNAL_ERROR;
return 0;
}
- s->session->tlsext_hostname = OPENSSL_strdup(s->tlsext_hostname);
- if (s->session->tlsext_hostname == NULL) {
+ s->session->ext.hostname = OPENSSL_strdup(s->ext.hostname);
+ if (s->session->ext.hostname == NULL) {
*al = SSL_AD_INTERNAL_ERROR;
return 0;
}
@@ -722,7 +721,7 @@
int tls_parse_stoc_ec_pt_formats(SSL *s, PACKET *pkt, X509 *x, size_t chainidx,
int *al)
{
- unsigned int ecpointformatlist_length;
+ unsigned int ecpointformats_len;
PACKET ecptformatlist;
if (!PACKET_as_length_prefixed_1(pkt, &ecptformatlist)) {
@@ -730,22 +729,21 @@
return 0;
}
if (!s->hit) {
- ecpointformatlist_length = PACKET_remaining(&ecptformatlist);
- s->session->tlsext_ecpointformatlist_length = 0;
+ ecpointformats_len = PACKET_remaining(&ecptformatlist);
+ s->session->ext.ecpointformats_len = 0;
- OPENSSL_free(s->session->tlsext_ecpointformatlist);
- s->session->tlsext_ecpointformatlist =
- OPENSSL_malloc(ecpointformatlist_length);
- if (s->session->tlsext_ecpointformatlist == NULL) {
+ OPENSSL_free(s->session->ext.ecpointformats);
+ s->session->ext.ecpointformats = OPENSSL_malloc(ecpointformats_len);
+ if (s->session->ext.ecpointformats == NULL) {
*al = SSL_AD_INTERNAL_ERROR;
return 0;
}
- s->session->tlsext_ecpointformatlist_length = ecpointformatlist_length;
+ s->session->ext.ecpointformats_len = ecpointformats_len;
if (!PACKET_copy_bytes(&ecptformatlist,
- s->session->tlsext_ecpointformatlist,
- ecpointformatlist_length)) {
+ s->session->ext.ecpointformats,
+ ecpointformats_len)) {
*al = SSL_AD_INTERNAL_ERROR;
return 0;
}
@@ -758,10 +756,10 @@
int tls_parse_stoc_session_ticket(SSL *s, PACKET *pkt, X509 *x, size_t chainidx,
int *al)
{
- if (s->tls_session_ticket_ext_cb != NULL &&
- !s->tls_session_ticket_ext_cb(s, PACKET_data(pkt),
- PACKET_remaining(pkt),
- s->tls_session_ticket_ext_cb_arg)) {
+ if (s->ext.session_ticket_cb != NULL &&
+ !s->ext.session_ticket_cb(s, PACKET_data(pkt),
+ PACKET_remaining(pkt),
+ s->ext.session_ticket_cb_arg)) {
*al = SSL_AD_INTERNAL_ERROR;
return 0;
}
@@ -771,7 +769,7 @@
return 0;
}
- s->tlsext_ticket_expected = 1;
+ s->ext.ticket_expected = 1;
return 1;
}
@@ -784,7 +782,7 @@
* MUST only be sent if we've requested a status
* request message. In TLS <= 1.2 it must also be empty.
*/
- if (s->tlsext_status_type == TLSEXT_STATUSTYPE_nothing
+ if (s->ext.status_type == TLSEXT_STATUSTYPE_nothing
|| (!SSL_IS_TLS13(s) && PACKET_remaining(pkt) > 0)) {
*al = SSL_AD_UNSUPPORTED_EXTENSION;
return 0;
@@ -800,7 +798,7 @@
}
/* Set flag to expect CertificateStatus message */
- s->tlsext_status_expected = 1;
+ s->ext.status_expected = 1;
return 1;
}
@@ -819,14 +817,14 @@
size_t size = PACKET_remaining(pkt);
/* Simply copy it off for later processing */
- OPENSSL_free(s->tlsext_scts);
- s->tlsext_scts = NULL;
+ OPENSSL_free(s->ext.scts);
+ s->ext.scts = NULL;
- s->tlsext_scts_len = size;
+ s->ext.scts_len = size;
if (size > 0) {
- s->tlsext_scts = OPENSSL_malloc(size);
- if (s->tlsext_scts == NULL
- || !PACKET_copy_bytes(pkt, s->tlsext_scts, size)) {
+ s->ext.scts = OPENSSL_malloc(size);
+ if (s->ext.scts == NULL
+ || !PACKET_copy_bytes(pkt, s->ext.scts, size)) {
*al = SSL_AD_INTERNAL_ERROR;
return 0;
}
@@ -872,7 +870,7 @@
return 1;
/* We must have requested it. */
- if (s->ctx->next_proto_select_cb == NULL) {
+ if (s->ctx->ext.npn_select_cb == NULL) {
*al = SSL_AD_UNSUPPORTED_EXTENSION;
return 0;
}
@@ -883,10 +881,10 @@
*al = SSL_AD_DECODE_ERROR;
return 0;
}
- if (s->ctx->next_proto_select_cb(s, &selected, &selected_len,
- PACKET_data(pkt),
- PACKET_remaining(pkt),
- s->ctx->next_proto_select_cb_arg) !=
+ if (s->ctx->ext.npn_select_cb(s, &selected, &selected_len,
+ PACKET_data(pkt),
+ PACKET_remaining(pkt),
+ s->ctx->ext.npn_select_cb_arg) !=
SSL_TLSEXT_ERR_OK) {
*al = SSL_AD_INTERNAL_ERROR;
return 0;
@@ -896,16 +894,16 @@
* Could be non-NULL if server has sent multiple NPN extensions in
* a single Serverhello
*/
- OPENSSL_free(s->next_proto_negotiated);
- s->next_proto_negotiated = OPENSSL_malloc(selected_len);
- if (s->next_proto_negotiated == NULL) {
+ OPENSSL_free(s->ext.npn);
+ s->ext.npn = OPENSSL_malloc(selected_len);
+ if (s->ext.npn == NULL) {
*al = SSL_AD_INTERNAL_ERROR;
return 0;
}
- memcpy(s->next_proto_negotiated, selected, selected_len);
- s->next_proto_negotiated_len = selected_len;
- s->s3->next_proto_neg_seen = 1;
+ memcpy(s->ext.npn, selected, selected_len);
+ s->ext.npn_len = selected_len;
+ s->s3->npn_seen = 1;
return 1;
}
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index dfe5fc5..c868bb9 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -116,7 +116,7 @@
return 0;
}
- if (!PACKET_strndup(&hostname, &s->session->tlsext_hostname)) {
+ if (!PACKET_strndup(&hostname, &s->session->ext.hostname)) {
*al = TLS1_AD_INTERNAL_ERROR;
return 0;
}
@@ -127,9 +127,9 @@
* TODO(openssl-team): if the SNI doesn't match, we MUST
* fall back to a full handshake.
*/
- s->servername_done = s->session->tlsext_hostname
- && PACKET_equal(&hostname, s->session->tlsext_hostname,
- strlen(s->session->tlsext_hostname));
+ s->servername_done = s->session->ext.hostname
+ && PACKET_equal(&hostname, s->session->ext.hostname,
+ strlen(s->session->ext.hostname));
}
return 1;
@@ -173,8 +173,8 @@
if (!s->hit) {
if (!PACKET_memdup(&ec_point_format_list,
- &s->session->tlsext_ecpointformatlist,
- &s->session->tlsext_ecpointformatlist_length)) {
+ &s->session->ext.ecpointformats,
+ &s->session->ext.ecpointformats_len)) {
*al = TLS1_AD_INTERNAL_ERROR;
return 0;
}
@@ -187,10 +187,10 @@
int tls_parse_ctos_session_ticket(SSL *s, PACKET *pkt, X509 *x, size_t chainidx,
int *al)
{
- if (s->tls_session_ticket_ext_cb &&
- !s->tls_session_ticket_ext_cb(s, PACKET_data(pkt),
- PACKET_remaining(pkt),
- s->tls_session_ticket_ext_cb_arg)) {
+ if (s->ext.session_ticket_cb &&
+ !s->ext.session_ticket_cb(s, PACKET_data(pkt),
+ PACKET_remaining(pkt),
+ s->ext.session_ticket_cb_arg)) {
*al = TLS1_AD_INTERNAL_ERROR;
return 0;
}
@@ -229,16 +229,16 @@
if (x != NULL)
return 1;
- if (!PACKET_get_1(pkt, (unsigned int *)&s->tlsext_status_type)) {
+ if (!PACKET_get_1(pkt, (unsigned int *)&s->ext.status_type)) {
*al = SSL_AD_DECODE_ERROR;
return 0;
}
- if (s->tlsext_status_type != TLSEXT_STATUSTYPE_ocsp) {
+ if (s->ext.status_type != TLSEXT_STATUSTYPE_ocsp) {
/*
* We don't know what to do with any other type so ignore it.
*/
- s->tlsext_status_type = TLSEXT_STATUSTYPE_nothing;
+ s->ext.status_type = TLSEXT_STATUSTYPE_nothing;
return 1;
}
@@ -251,15 +251,15 @@
* We remove any OCSP_RESPIDs from a previous handshake
* to prevent unbounded memory growth - CVE-2016-6304
*/
- sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
+ sk_OCSP_RESPID_pop_free(s->ext.ocsp.ids, OCSP_RESPID_free);
if (PACKET_remaining(&responder_id_list) > 0) {
- s->tlsext_ocsp_ids = sk_OCSP_RESPID_new_null();
- if (s->tlsext_ocsp_ids == NULL) {
+ s->ext.ocsp.ids = sk_OCSP_RESPID_new_null();
+ if (s->ext.ocsp.ids == NULL) {
*al = SSL_AD_INTERNAL_ERROR;
return 0;
}
} else {
- s->tlsext_ocsp_ids = NULL;
+ s->ext.ocsp.ids = NULL;
}
while (PACKET_remaining(&responder_id_list) > 0) {
@@ -288,7 +288,7 @@
return 0;
}
- if (!sk_OCSP_RESPID_push(s->tlsext_ocsp_ids, id)) {
+ if (!sk_OCSP_RESPID_push(s->ext.ocsp.ids, id)) {
OCSP_RESPID_free(id);
*al = SSL_AD_INTERNAL_ERROR;
return 0;
@@ -304,11 +304,11 @@
if (PACKET_remaining(&exts) > 0) {
const unsigned char *ext_data = PACKET_data(&exts);
- sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts,
+ sk_X509_EXTENSION_pop_free(s->ext.ocsp.exts,
X509_EXTENSION_free);
- s->tlsext_ocsp_exts =
+ s->ext.ocsp.exts =
d2i_X509_EXTENSIONS(NULL, &ext_data, (int)PACKET_remaining(&exts));
- if (s->tlsext_ocsp_exts == NULL || ext_data != PACKET_end(&exts)) {
+ if (s->ext.ocsp.exts == NULL || ext_data != PACKET_end(&exts)) {
*al = SSL_AD_DECODE_ERROR;
return 0;
}
@@ -339,7 +339,7 @@
* Finished message could have been computed.)
*/
if (s->s3->tmp.finish_md_len == 0)
- s->s3->next_proto_neg_seen = 1;
+ s->s3->npn_seen = 1;
return 1;
}
@@ -643,8 +643,8 @@
if (!s->hit
&& !PACKET_memdup(&supported_groups_list,
- &s->session->tlsext_supportedgroupslist,
- &s->session->tlsext_supportedgroupslist_length)) {
+ &s->session->ext.supportedgroups,
+ &s->session->ext.supportedgroups_len)) {
*al = SSL_AD_DECODE_ERROR;
return 0;
}
@@ -695,7 +695,7 @@
size_t chainidx, int *al)
{
if (s->hit || s->servername_done != 1
- || s->session->tlsext_hostname == NULL)
+ || s->session->ext.hostname == NULL)
return 1;
if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_server_name)
@@ -714,7 +714,7 @@
unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth;
int using_ecc = ((alg_k & SSL_kECDHE) || (alg_a & SSL_aECDSA))
- && (s->session->tlsext_ecpointformatlist != NULL);
+ && (s->session->ext.ecpointformats != NULL);
const unsigned char *plist;
size_t plistlen;
@@ -737,8 +737,8 @@
int tls_construct_stoc_session_ticket(SSL *s, WPACKET *pkt, X509 *x,
size_t chainidx, int *al)
{
- if (!s->tlsext_ticket_expected || !tls_use_ticket(s)) {
- s->tlsext_ticket_expected = 0;
+ if (!s->ext.ticket_expected || !tls_use_ticket(s)) {
+ s->ext.ticket_expected = 0;
return 1;
}
@@ -755,7 +755,7 @@
int tls_construct_stoc_status_request(SSL *s, WPACKET *pkt, X509 *x,
size_t chainidx, int *al)
{
- if (!s->tlsext_status_expected)
+ if (!s->ext.status_expected)
return 1;
if (SSL_IS_TLS13(s) && chainidx != 0)
@@ -789,14 +789,14 @@
const unsigned char *npa;
unsigned int npalen;
int ret;
- int next_proto_neg_seen = s->s3->next_proto_neg_seen;
+ int npn_seen = s->s3->npn_seen;
- s->s3->next_proto_neg_seen = 0;
- if (!next_proto_neg_seen || s->ctx->next_protos_advertised_cb == NULL)
+ s->s3->npn_seen = 0;
+ if (!npn_seen || s->ctx->ext.npn_advertised_cb == NULL)
return 1;
- ret = s->ctx->next_protos_advertised_cb(s, &npa, &npalen,
- s->ctx->next_protos_advertised_cb_arg);
+ ret = s->ctx->ext.npn_advertised_cb(s, &npa, &npalen,
+ s->ctx->ext.npn_advertised_cb_arg);
if (ret == SSL_TLSEXT_ERR_OK) {
if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_next_proto_neg)
|| !WPACKET_sub_memcpy_u16(pkt, npa, npalen)) {
@@ -804,7 +804,7 @@
ERR_R_INTERNAL_ERROR);
return 0;
}
- s->s3->next_proto_neg_seen = 1;
+ s->s3->npn_seen = 1;
}
return 1;
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index a3133ad..82713d2 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -225,7 +225,7 @@
case TLS_ST_CR_SRVR_HELLO:
if (s->hit) {
- if (s->tlsext_ticket_expected) {
+ if (s->ext.ticket_expected) {
if (mt == SSL3_MT_NEWSESSION_TICKET) {
st->hand_state = TLS_ST_CR_SESSION_TICKET;
return 1;
@@ -239,8 +239,8 @@
st->hand_state = DTLS_ST_CR_HELLO_VERIFY_REQUEST;
return 1;
} else if (s->version >= TLS1_VERSION
- && s->tls_session_secret_cb != NULL
- && s->session->tlsext_tick != NULL
+ && s->ext.session_secret_cb != NULL
+ && s->session->ext.tick != NULL
&& mt == SSL3_MT_CHANGE_CIPHER_SPEC) {
/*
* Normally, we can tell if the server is resuming the session
@@ -282,9 +282,9 @@
case TLS_ST_CR_CERT:
/*
* The CertificateStatus message is optional even if
- * |tlsext_status_expected| is set
+ * |ext.status_expected| is set
*/
- if (s->tlsext_status_expected && mt == SSL3_MT_CERTIFICATE_STATUS) {
+ if (s->ext.status_expected && mt == SSL3_MT_CERTIFICATE_STATUS) {
st->hand_state = TLS_ST_CR_CERT_STATUS;
return 1;
}
@@ -321,7 +321,7 @@
break;
case TLS_ST_CW_FINISHED:
- if (s->tlsext_ticket_expected) {
+ if (s->ext.ticket_expected) {
if (mt == SSL3_MT_NEWSESSION_TICKET) {
st->hand_state = TLS_ST_CR_SESSION_TICKET;
return 1;
@@ -478,7 +478,7 @@
#if defined(OPENSSL_NO_NEXTPROTONEG)
st->hand_state = TLS_ST_CW_FINISHED;
#else
- if (!SSL_IS_DTLS(s) && s->s3->next_proto_neg_seen)
+ if (!SSL_IS_DTLS(s) && s->s3->npn_seen)
st->hand_state = TLS_ST_CW_NEXT_PROTO;
else
st->hand_state = TLS_ST_CW_FINISHED;
@@ -872,7 +872,7 @@
* In the case of EAP-FAST, we can have a pre-shared
* "ticket" without a session ID.
*/
- (!sess->session_id_length && !sess->tlsext_tick) ||
+ (!sess->session_id_length && !sess->ext.tick) ||
(sess->not_resumable)) {
if (!ssl_get_new_session(s, 0))
return 0;
@@ -1122,7 +1122,7 @@
* server wants to resume.
*/
if (s->version >= TLS1_VERSION && !SSL_IS_TLS13(s)
- && s->tls_session_secret_cb != NULL && s->session->tlsext_tick) {
+ && s->ext.session_secret_cb != NULL && s->session->ext.tick) {
const SSL_CIPHER *pref_cipher = NULL;
/*
* s->session->master_key_length is a size_t, but this is an int for
@@ -1130,10 +1130,10 @@
*/
int master_key_length;
master_key_length = sizeof(s->session->master_key);
- if (s->tls_session_secret_cb(s, s->session->master_key,
+ if (s->ext.session_secret_cb(s, s->session->master_key,
&master_key_length,
NULL, &pref_cipher,
- s->tls_session_secret_cb_arg)
+ s->ext.session_secret_cb_arg)
&& master_key_length > 0) {
s->session->master_key_length = master_key_length;
s->session->cipher = pref_cipher ?
@@ -2134,22 +2134,23 @@
s->session = new_sess;
}
- OPENSSL_free(s->session->tlsext_tick);
- s->session->tlsext_ticklen = 0;
+ OPENSSL_free(s->session->ext.tick);
+ s->session->ext.tick = NULL;
+ s->session->ext.ticklen = 0;
- s->session->tlsext_tick = OPENSSL_malloc(ticklen);
- if (s->session->tlsext_tick == NULL) {
+ s->session->ext.tick = OPENSSL_malloc(ticklen);
+ if (s->session->ext.tick == NULL) {
SSLerr(SSL_F_TLS_PROCESS_NEW_SESSION_TICKET, ERR_R_MALLOC_FAILURE);
goto err;
}
- if (!PACKET_copy_bytes(pkt, s->session->tlsext_tick, ticklen)) {
+ if (!PACKET_copy_bytes(pkt, s->session->ext.tick, ticklen)) {
al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_TLS_PROCESS_NEW_SESSION_TICKET, SSL_R_LENGTH_MISMATCH);
goto f_err;
}
- s->session->tlsext_tick_lifetime_hint = ticket_lifetime_hint;
- s->session->tlsext_ticklen = ticklen;
+ s->session->ext.tick_lifetime_hint = ticket_lifetime_hint;
+ s->session->ext.ticklen = ticklen;
/*
* There are two ways to detect a resumed ticket session. One is to set
* an appropriate session ID and then the server must return a match in
@@ -2165,7 +2166,7 @@
* TODO(size_t): we use sess_len here because EVP_Digest expects an int
* but s->session->session_id_length is a size_t
*/
- if (!EVP_Digest(s->session->tlsext_tick, ticklen,
+ if (!EVP_Digest(s->session->ext.tick, ticklen,
s->session->session_id, &sess_len,
EVP_sha256(), NULL)) {
SSLerr(SSL_F_TLS_PROCESS_NEW_SESSION_TICKET, ERR_R_EVP_LIB);
@@ -2204,17 +2205,17 @@
return 0;
}
s->tlsext_ocsp_resp = OPENSSL_malloc(resplen);
- if (s->tlsext_ocsp_resp == NULL) {
+ if (s->ext.ocsp_resp == NULL) {
*al = SSL_AD_INTERNAL_ERROR;
SSLerr(SSL_F_TLS_PROCESS_CERT_STATUS_BODY, ERR_R_MALLOC_FAILURE);
return 0;
}
- if (!PACKET_copy_bytes(pkt, s->tlsext_ocsp_resp, resplen)) {
+ if (!PACKET_copy_bytes(pkt, s->ext.ocsp_resp, resplen)) {
*al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_TLS_PROCESS_CERT_STATUS_BODY, SSL_R_LENGTH_MISMATCH);
return 0;
}
- s->tlsext_ocsp_resplen = resplen;
+ s->ext.ocsp_resplen = resplen;
return 1;
}
@@ -2251,14 +2252,14 @@
}
/*
- * Call the ocsp status callback if needed. The |tlsext_ocsp_resp| and
- * |tlsext_ocsp_resplen| values will be set if we actually received a status
+ * Call the ocsp status callback if needed. The |ext.ocsp.resp| and
+ * |ext.ocsp.resp_len| values will be set if we actually received a status
* message, or NULL and -1 otherwise
*/
- if (s->tlsext_status_type != TLSEXT_STATUSTYPE_nothing
- && s->ctx->tlsext_status_cb != NULL) {
- int ret;
- ret = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
+ if (s->ext.status_type != TLSEXT_STATUSTYPE_nothing
+ && s->ctx->ext.status_cb != NULL) {
+ int ret = s->ctx->ext.status_cb(s, s->ctx->ext.status_arg);
+
if (ret == 0) {
*al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
SSLerr(SSL_F_TLS_PROCESS_INITIAL_SERVER_FLIGHT,
@@ -3112,10 +3113,10 @@
size_t len, padding_len;
unsigned char *padding = NULL;
- len = s->next_proto_negotiated_len;
+ len = s->ext.npn_len;
padding_len = 32 - ((len + 2) % 32);
- if (!WPACKET_sub_memcpy_u8(pkt, s->next_proto_negotiated, len)
+ if (!WPACKET_sub_memcpy_u8(pkt, s->ext.npn, len)
|| !WPACKET_sub_allocate_bytes_u8(pkt, padding_len, &padding)) {
SSLerr(SSL_F_TLS_CONSTRUCT_NEXT_PROTO, ERR_R_INTERNAL_ERROR);
goto err;
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index b3d6419..475f405 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -255,7 +255,7 @@
case TLS_ST_SR_CHANGE:
#ifndef OPENSSL_NO_NEXTPROTONEG
- if (s->s3->next_proto_neg_seen) {
+ if (s->s3->npn_seen) {
if (mt == SSL3_MT_NEXT_PROTO) {
st->hand_state = TLS_ST_SR_NEXT_PROTO;
return 1;
@@ -488,7 +488,7 @@
case TLS_ST_SW_SRVR_HELLO:
if (s->hit) {
- if (s->tlsext_ticket_expected)
+ if (s->ext.ticket_expected)
st->hand_state = TLS_ST_SW_SESSION_TICKET;
else
st->hand_state = TLS_ST_SW_CHANGE;
@@ -509,7 +509,7 @@
return WRITE_TRAN_CONTINUE;
case TLS_ST_SW_CERT:
- if (s->tlsext_status_expected) {
+ if (s->ext.status_expected) {
st->hand_state = TLS_ST_SW_CERT_STATUS;
return WRITE_TRAN_CONTINUE;
}
@@ -541,7 +541,7 @@
st->hand_state = TLS_ST_OK;
ossl_statem_set_in_init(s, 0);
return WRITE_TRAN_CONTINUE;
- } else if (s->tlsext_ticket_expected) {
+ } else if (s->ext.ticket_expected) {
st->hand_state = TLS_ST_SW_SESSION_TICKET;
} else {
st->hand_state = TLS_ST_SW_CHANGE;
@@ -1527,7 +1527,7 @@
}
}
- if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) {
+ if (!s->hit && s->version >= TLS1_VERSION && s->ext.session_secret_cb) {
const SSL_CIPHER *pref_cipher = NULL;
/*
* s->session->master_key_length is a size_t, but this is an int for
@@ -1536,10 +1536,10 @@
int master_key_length;
master_key_length = sizeof(s->session->master_key);
- if (s->tls_session_secret_cb(s, s->session->master_key,
+ if (s->ext.session_secret_cb(s, s->session->master_key,
&master_key_length, ciphers,
&pref_cipher,
- s->tls_session_secret_cb_arg)
+ s->ext.session_secret_cb_arg)
&& master_key_length > 0) {
s->session->master_key_length = master_key_length;
s->hit = 1;
@@ -1691,7 +1691,7 @@
*/
static int tls_handle_status_request(SSL *s, int *al)
{
- s->tlsext_status_expected = 0;
+ s->ext.status_expected = 0;
/*
* If status request then ask callback what to do. Note: this must be
@@ -1699,8 +1699,8 @@
* and must be called after the cipher has been chosen because this may
* influence which certificate is sent
*/
- if (s->tlsext_status_type != TLSEXT_STATUSTYPE_nothing && s->ctx != NULL
- && s->ctx->tlsext_status_cb != NULL) {
+ if (s->ext.status_type != TLSEXT_STATUSTYPE_nothing && s->ctx != NULL
+ && s->ctx->ext.status_cb != NULL) {
int ret;
CERT_PKEY *certpkey = ssl_get_server_send_pkey(s);
@@ -1711,16 +1711,16 @@
* et al can pick it up.
*/
s->cert->key = certpkey;
- ret = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
+ ret = s->ctx->ext.status_cb(s, s->ctx->ext.status_arg);
switch (ret) {
/* We don't want to send a status request response */
case SSL_TLSEXT_ERR_NOACK:
- s->tlsext_status_expected = 0;
+ s->ext.status_expected = 0;
break;
/* status request response should be sent */
case SSL_TLSEXT_ERR_OK:
- if (s->tlsext_ocsp_resp)
- s->tlsext_status_expected = 1;
+ if (s->ext.ocsp.resp)
+ s->ext.status_expected = 1;
break;
/* something bad happened */
case SSL_TLSEXT_ERR_ALERT_FATAL:
@@ -1773,7 +1773,7 @@
!= 0));
if (s->session->not_resumable)
/* do not send a session ticket */
- s->tlsext_ticket_expected = 0;
+ s->ext.ticket_expected = 0;
} else {
/* Session-id reuse */
s->s3->tmp.new_cipher = s->session->cipher;
@@ -3371,9 +3371,9 @@
* Initialize HMAC and cipher contexts. If callback present it does
* all the work otherwise use generated values from parent ctx.
*/
- if (tctx->tlsext_ticket_key_cb) {
+ if (tctx->ext.ticket_key_cb) {
/* if 0 is returned, write an empty ticket */
- int ret = tctx->tlsext_ticket_key_cb(s, key_name, iv, ctx,
+ int ret = tctx->ext.ticket_key_cb(s, key_name, iv, ctx,
hctx, 1);
if (ret == 0) {
@@ -3400,14 +3400,14 @@
if (RAND_bytes(iv, iv_len) <= 0)
goto err;
if (!EVP_EncryptInit_ex(ctx, cipher, NULL,
- tctx->tlsext_tick_aes_key, iv))
+ tctx->ext.tick_aes_key, iv))
goto err;
- if (!HMAC_Init_ex(hctx, tctx->tlsext_tick_hmac_key,
- sizeof(tctx->tlsext_tick_hmac_key),
+ if (!HMAC_Init_ex(hctx, tctx->ext.tick_hmac_key,
+ sizeof(tctx->ext.tick_hmac_key),
EVP_sha256(), NULL))
goto err;
- memcpy(key_name, tctx->tlsext_tick_key_name,
- sizeof(tctx->tlsext_tick_key_name));
+ memcpy(key_name, tctx->ext.tick_key_name,
+ sizeof(tctx->ext.tick_key_name));
}
/*
@@ -3465,6 +3465,7 @@
*/
int tls_construct_cert_status_body(SSL *s, WPACKET *pkt)
{
+<<<<<<< 3b72dcd5fb4d2c756a830dba1fc34f4a7ae61b73
if (!WPACKET_put_bytes_u8(pkt, s->tlsext_status_type)
|| !WPACKET_sub_memcpy_u24(pkt, s->tlsext_ocsp_resp,
s->tlsext_ocsp_resplen)) {
@@ -3478,6 +3479,12 @@
int tls_construct_cert_status(SSL *s, WPACKET *pkt)
{
if (!tls_construct_cert_status_body(s, pkt)) {
+=======
+ if (!WPACKET_put_bytes_u8(pkt, s->ext.status_type)
+ || !WPACKET_sub_memcpy_u24(pkt, s->ext.ocsp.resp,
+ s->ext.ocsp.resp_len)) {
+ SSLerr(SSL_F_TLS_CONSTRUCT_CERT_STATUS, ERR_R_INTERNAL_ERROR);
+>>>>>>> Move extension data into sub-structs
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
return 0;
}
@@ -3509,12 +3516,12 @@
goto err;
}
- if (!PACKET_memdup(&next_proto, &s->next_proto_negotiated, &next_proto_len)) {
- s->next_proto_negotiated_len = 0;
+ if (!PACKET_memdup(&next_proto, &s->ext.npn, &next_proto_len)) {
+ s->ext.npn_len = 0;
goto err;
}
- s->next_proto_negotiated_len = (unsigned char)next_proto_len;
+ s->ext.npn_len = (unsigned char)next_proto_len;
return MSG_PROCESS_CONTINUE_READING;
err: