commit b83294fe3022b9d5d525ccdcfeb53d39c25b05bd
author Dr. Stephen Henson <steve@openssl.org> Tue Aug 05 15:21:36 2014 +0100
committer Dr. Stephen Henson <steve@openssl.org> Fri Aug 15 12:20:04 2014 +0100
tree 07f4153b12ead528c0113c6598e56e87cc77d68f
parent 06f5d12f511ad81a05e82b3473832a1d1d560172

Revision of custom extension code.

Move custom extension structures from SSL_CTX to CERT structure.

This change means the form can be revised in future without binary
compatibility issues. Also since CERT is part of SSL structures
so per-SSL custom extensions could be supported in future as well as
per SSL_CTX.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>

ssl/ssl_locl.h

diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 7b28886..4a12aec 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -532,6 +532,20 @@
 #define SSL_CERT_FLAGS_CHECK_TLS_STRICT \
 	(SSL_CERT_FLAG_SUITEB_128_LOS|SSL_CERT_FLAG_TLS_STRICT)
 
+typedef struct {
+	unsigned short ext_type;
+	custom_cli_ext_first_cb_fn fn1; 
+	custom_cli_ext_second_cb_fn fn2; 
+	void *arg;
+} custom_cli_ext_record;
+
+typedef struct {
+	unsigned short ext_type;
+	custom_srv_ext_first_cb_fn fn1; 
+	custom_srv_ext_second_cb_fn fn2; 
+	void *arg;
+} custom_srv_ext_record;
+
 typedef struct cert_st
 	{
 	/* Current active set */
@@ -628,6 +642,12 @@
 	unsigned char *ciphers_raw;
 	size_t ciphers_rawlen;
 
+	/* Arrays containing the callbacks for custom TLS Extensions. */
+	custom_cli_ext_record *custom_cli_ext_records;
+	size_t custom_cli_ext_records_count;
+	custom_srv_ext_record *custom_srv_ext_records;
+	size_t custom_srv_ext_records_count;
+
 	/* Security callback */
 	int (*sec_cb)(SSL *s, SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex);
 	/* Security level */