Fixes to NPN from Adam Langley.
diff --git a/ssl/s3_both.c b/ssl/s3_both.c index 89f7c42..be766aa 100644 --- a/ssl/s3_both.c +++ b/ssl/s3_both.c
@@ -202,7 +202,7 @@ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); } -#ifndef OPENSSL_NO_NPN +#ifndef OPENSSL_NO_NEXTPROTONEG /* ssl3_take_mac calculates the Finished MAC for the handshakes messages seen to far. */ static void ssl3_take_mac(SSL *s) { @@ -231,7 +231,7 @@ long n; unsigned char *p; -#ifdef OPENSSL_NO_NPN +#ifdef OPENSSL_NO_NEXTPROTONEG /* the mac has already been generated when we received the * change cipher spec message and is in s->s3->tmp.peer_finish_md */ @@ -540,7 +540,7 @@ n -= i; } -#ifndef OPENSSL_NO_NPN +#ifndef OPENSSL_NO_NEXTPROTONEG /* If receiving Finished, record MAC of prior handshake messages for * Finished verification. */ if (*s->init_buf->data == SSL3_MT_FINISHED)
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 601c2b1..ac21f19 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c
@@ -424,7 +424,7 @@ SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B); if (ret <= 0) goto end; -#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NPN) +#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG) s->state=SSL3_ST_CW_FINISHED_A; #else if (s->next_proto_negotiated) @@ -459,7 +459,7 @@ break; -#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NPN) +#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) case SSL3_ST_CW_NEXT_PROTO_A: case SSL3_ST_CW_NEXT_PROTO_B: ret=ssl3_send_next_proto(s); @@ -3018,7 +3018,7 @@ */ #ifndef OPENSSL_NO_TLSEXT -# ifndef OPENSSL_NO_NPN +# ifndef OPENSSL_NO_NEXTPROTONEG int ssl3_send_next_proto(SSL *s) { unsigned int len, padding_len;
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index da2ed9e..53bf4c2 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c
@@ -2231,7 +2231,7 @@ s->s3->in_read_app_data=0; s->version=SSL3_VERSION; -#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NPN) +#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) if (s->next_proto_negotiated) { OPENSSL_free(s->next_proto_negotiated);
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index 94ccfa0..8f08c16 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c
@@ -1375,7 +1375,7 @@ int ssl3_do_change_cipher_spec(SSL *s) { int i; -#ifdef OPENSSL_NO_NPN +#ifdef OPENSSL_NO_NEXTPROTONEG const char *sender; int slen; #endif @@ -1401,7 +1401,7 @@ if (!s->method->ssl3_enc->change_cipher_state(s,i)) return(0); -#ifdef OPENSSL_NO_NPN +#ifdef OPENSSL_NO_NEXTPROTONEG /* we have to record the message digest at * this point so we can get it before we read * the finished message */
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 5661199..de3f9d2 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c
@@ -538,7 +538,7 @@ * the client uses its key from the certificate * for key exchange. */ -#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NPN) +#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG) s->state=SSL3_ST_SR_FINISHED_A; #else if (s->s3->next_proto_neg_seen) @@ -588,7 +588,7 @@ ret=ssl3_get_cert_verify(s); if (ret <= 0) goto end; -#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NPN) +#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG) s->state=SSL3_ST_SR_FINISHED_A; #else if (s->s3->next_proto_neg_seen) @@ -599,7 +599,7 @@ s->init_num=0; break; -#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NPN) +#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) case SSL3_ST_SR_NEXT_PROTO_A: case SSL3_ST_SR_NEXT_PROTO_B: ret=ssl3_get_next_proto(s); @@ -680,7 +680,7 @@ s->state=SSL3_ST_SW_FLUSH; if (s->hit) { -#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NPN) +#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG) s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A; #else if (s->s3->next_proto_neg_seen) @@ -3242,7 +3242,7 @@ SSL3_ST_SR_NEXT_PROTO_A, SSL3_ST_SR_NEXT_PROTO_B, SSL3_MT_NEXT_PROTO, - 129, + 514, /* See the payload format below */ &ok); if (!ok)
diff --git a/ssl/ssl.h b/ssl/ssl.h index 20e49ec..e036390 100644 --- a/ssl/ssl.h +++ b/ssl/ssl.h
@@ -860,7 +860,7 @@ int (*tlsext_opaque_prf_input_callback)(SSL *, void *peerinput, size_t len, void *arg); void *tlsext_opaque_prf_input_callback_arg; -# ifndef OPENSSL_NO_NPN +# ifndef OPENSSL_NO_NEXTPROTONEG /* Next protocol negotiation information */ /* (for experimental NPN extension). */ @@ -949,7 +949,7 @@ #endif void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len)); void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len)); -#ifndef OPENSSL_NO_NPN +#ifndef OPENSSL_NO_NEXTPROTONEG void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s, int (*cb) (SSL *ssl, const unsigned char **out, @@ -1236,7 +1236,7 @@ SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */ -#ifndef OPENSSL_NO_NPN +#ifndef OPENSSL_NO_NEXTPROTONEG /* Next protocol negotiation. For the client, this is the protocol that * we sent in NextProtocol and is set when handling ServerHello * extensions.
diff --git a/ssl/ssl3.h b/ssl/ssl3.h index e98aac5..7c0a595 100644 --- a/ssl/ssl3.h +++ b/ssl/ssl3.h
@@ -455,7 +455,7 @@ void *server_opaque_prf_input; size_t server_opaque_prf_input_len; -#ifndef OPENSSL_NO_NPN +#ifndef OPENSSL_NO_NEXTPROTONEG /* Set if we saw the Next Protocol Negotiation extension from our peer. */ int next_proto_neg_seen; @@ -552,7 +552,7 @@ #define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT) #define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT) #define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT) -#ifndef OPENSSL_NO_NPN +#ifndef OPENSSL_NO_NEXTPROTONEG #define SSL3_ST_CW_NEXT_PROTO_A (0x200|SSL_ST_CONNECT) #define SSL3_ST_CW_NEXT_PROTO_B (0x201|SSL_ST_CONNECT) #endif @@ -601,7 +601,7 @@ #define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT) #define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT) #define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT) -#ifndef OPENSSL_NO_NPN +#ifndef OPENSSL_NO_NEXTPROTONEG #define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT) #define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT) #endif @@ -629,7 +629,7 @@ #define SSL3_MT_CLIENT_KEY_EXCHANGE 16 #define SSL3_MT_FINISHED 20 #define SSL3_MT_CERTIFICATE_STATUS 22 -#ifndef OPENSSL_NO_NPN +#ifndef OPENSSL_NO_NEXTPROTONEG #define SSL3_MT_NEXT_PROTO 67 #endif #define DTLS1_MT_HELLO_VERIFY_REQUEST 3
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index bc102ae..9990246 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c
@@ -354,7 +354,7 @@ s->tlsext_ocsp_resplen = -1; CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX); s->initial_ctx=ctx; -# ifndef OPENSSL_NO_NPN +# ifndef OPENSSL_NO_NEXTPROTONEG s->next_proto_negotiated = NULL; # endif #endif @@ -590,7 +590,7 @@ kssl_ctx_free(s->kssl_ctx); #endif /* OPENSSL_NO_KRB5 */ -#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NPN) +#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) if (s->next_proto_negotiated) OPENSSL_free(s->next_proto_negotiated); #endif @@ -1497,7 +1497,7 @@ return -1; } -# ifndef OPENSSL_NO_NPN +# ifndef OPENSSL_NO_NEXTPROTONEG /* SSL_select_next_proto implements the standard protocol selection. It is * expected that this function is called from the callback set by * SSL_CTX_set_next_proto_select_cb. @@ -1778,7 +1778,7 @@ ret->tlsext_status_cb = 0; ret->tlsext_status_arg = NULL; -# ifndef OPENSSL_NO_NPN +# ifndef OPENSSL_NO_NEXTPROTONEG ret->next_protos_advertised_cb = 0; ret->next_proto_select_cb = 0; # endif
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 95ec8a6..45a567d 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h
@@ -968,7 +968,7 @@ int ssl3_check_cert_and_algorithm(SSL *s); #ifndef OPENSSL_NO_TLSEXT int ssl3_check_finished(SSL *s); -# ifndef OPENSSL_NO_NPN +# ifndef OPENSSL_NO_NEXTPROTONEG int ssl3_send_next_proto(SSL *s); # endif #endif @@ -989,7 +989,7 @@ int ssl3_get_client_certificate(SSL *s); int ssl3_get_client_key_exchange(SSL *s); int ssl3_get_cert_verify(SSL *s); -#ifndef OPENSSL_NO_NPN +#ifndef OPENSSL_NO_NEXTPROTONEG int ssl3_get_next_proto(SSL *s); #endif
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 849dad7..74638cc 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c
@@ -494,7 +494,7 @@ i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, &ret); } -#ifndef OPENSSL_NO_NPN +#ifndef OPENSSL_NO_NEXTPROTONEG if (s->ctx->next_proto_select_cb && !s->s3->tmp.finish_md_len) { /* The client advertises an emtpy extension to indicate its @@ -517,8 +517,8 @@ { int extdatalen=0; unsigned char *ret = p; -#ifndef OPENSSL_NO_NPN - char next_proto_neg_seen; +#ifndef OPENSSL_NO_NEXTPROTONEG + int next_proto_neg_seen; #endif /* don't add extensions for SSLv3, unless doing secure renegotiation */ @@ -633,7 +633,7 @@ } -#ifndef OPENSSL_NO_NPN +#ifndef OPENSSL_NO_NEXTPROTONEG next_proto_neg_seen = s->s3->next_proto_neg_seen; s->s3->next_proto_neg_seen = 0; if (next_proto_neg_seen && s->ctx->next_protos_advertised_cb) @@ -995,7 +995,7 @@ else s->tlsext_status_type = -1; } -#ifndef OPENSSL_NO_NPN +#ifndef OPENSSL_NO_NEXTPROTONEG else if (type == TLSEXT_TYPE_next_proto_neg && s->s3->tmp.finish_md_len == 0) { @@ -1040,11 +1040,11 @@ return 1; } -#ifndef OPENSSL_NO_NPN +#ifndef OPENSSL_NO_NEXTPROTONEG /* ssl_next_proto_validate validates a Next Protocol Negotiation block. No * elements of zero length are allowed and the set of elements must exactly fill * the length of the block. */ -static char ssl_next_proto_validate(unsigned char *d, unsigned len) +static int ssl_next_proto_validate(unsigned char *d, unsigned len) { unsigned int off = 0; @@ -1194,7 +1194,7 @@ /* Set flag to expect CertificateStatus message */ s->tlsext_status_expected = 1; } -#ifndef OPENSSL_NO_NPN +#ifndef OPENSSL_NO_NEXTPROTONEG else if (type == TLSEXT_TYPE_next_proto_neg) { unsigned char *selected;
diff --git a/ssl/tls1.h b/ssl/tls1.h index c1b6546..0a8d4f7 100644 --- a/ssl/tls1.h +++ b/ssl/tls1.h
@@ -208,7 +208,7 @@ /* Temporary extension type */ #define TLSEXT_TYPE_renegotiate 0xff01 -#ifndef OPENSSL_NO_NPN +#ifndef OPENSSL_NO_NEXTPROTONEG /* This is not an IANA defined extension number */ #define TLSEXT_TYPE_next_proto_neg 13172 #endif