#include <openssl/ct.h>
#include "ssl_locl.h"
-
/* Find a custom extension from the list. */
static custom_ext_method *custom_ext_find(const custom_ext_methods *exts,
unsigned int ext_type)
if (!meth->parse_cb)
return 1;
- return meth->parse_cb(s, ext_type, ext_data, ext_size, al,
- meth->parse_arg);
+ return meth->parse_cb(s, ext_type, ext_data, ext_size, al, meth->parse_arg);
}
/*
* Request custom extension data from the application and add to the return
* buffer.
*/
-int custom_ext_add(SSL *s, int server,
- unsigned char **pret, unsigned char *limit, int *al)
+int custom_ext_add(SSL *s, int server, WPACKET *pkt, int *al)
{
custom_ext_methods *exts = server ? &s->cert->srv_ext : &s->cert->cli_ext;
custom_ext_method *meth;
- unsigned char *ret = *pret;
size_t i;
for (i = 0; i < exts->meths_count; i++) {
const unsigned char *out = NULL;
size_t outlen = 0;
+
meth = exts->meths + i;
if (server) {
if (cb_retval == 0)
continue; /* skip this extension */
}
- if (4 > limit - ret || outlen > (size_t)(limit - ret - 4))
+
+ if (!WPACKET_put_bytes_u16(pkt, meth->ext_type)
+ || !WPACKET_start_sub_packet_u16(pkt)
+ || (outlen > 0 && !WPACKET_memcpy(pkt, out, outlen))
+ || !WPACKET_close(pkt)) {
+ *al = SSL_AD_INTERNAL_ERROR;
return 0;
- s2n(meth->ext_type, ret);
- s2n(outlen, ret);
- if (outlen) {
- memcpy(ret, out, outlen);
- ret += outlen;
}
/*
* We can't send duplicates: code logic should prevent this.
if (meth->free_cb)
meth->free_cb(s, meth->ext_type, out, meth->add_arg);
}
- *pret = ret;
return 1;
}
if (src->meths_count) {
dst->meths =
OPENSSL_memdup(src->meths,
- sizeof(custom_ext_method) * src->meths_count);
+ sizeof(custom_ext_method) * src->meths_count);
if (dst->meths == NULL)
return 0;
dst->meths_count = src->meths_count;
custom_ext_add_cb add_cb,
custom_ext_free_cb free_cb,
void *add_arg,
- custom_ext_parse_cb parse_cb,
- void *parse_arg)
+ custom_ext_parse_cb parse_cb, void *parse_arg)
{
#ifndef OPENSSL_NO_CT
/*
custom_ext_add_cb add_cb,
custom_ext_free_cb free_cb,
void *add_arg,
- custom_ext_parse_cb parse_cb,
- void *parse_arg)
+ custom_ext_parse_cb parse_cb, void *parse_arg)
{
return custom_ext_meth_add(&ctx->cert->srv_ext, ext_type,
add_cb, free_cb, add_arg, parse_cb, parse_arg);
/* Internally supported extensions. */
case TLSEXT_TYPE_application_layer_protocol_negotiation:
case TLSEXT_TYPE_ec_point_formats:
- case TLSEXT_TYPE_elliptic_curves:
- case TLSEXT_TYPE_heartbeat:
+ case TLSEXT_TYPE_supported_groups:
#ifndef OPENSSL_NO_NEXTPROTONEG
case TLSEXT_TYPE_next_proto_neg:
#endif
#ifdef TLSEXT_TYPE_encrypt_then_mac
case TLSEXT_TYPE_encrypt_then_mac:
#endif
+ case TLSEXT_TYPE_key_share:
+ case TLSEXT_TYPE_supported_versions:
+ case TLSEXT_TYPE_extended_master_secret:
return 1;
default:
return 0;