Further TLS extension improvements
authorBodo Möller <bodo@openssl.org>
Fri, 13 Jan 2006 09:21:10 +0000 (09:21 +0000)
committerBodo Möller <bodo@openssl.org>
Fri, 13 Jan 2006 09:21:10 +0000 (09:21 +0000)
Submitted by: Peter Sylvester

ssl/s3_clnt.c
ssl/s3_srvr.c
ssl/ssl_locl.h
ssl/t1_lib.c

index d50f588..995c829 100644 (file)
@@ -255,25 +255,7 @@ int ssl3_connect(SSL *s)
                case SSL3_ST_CR_SRVR_HELLO_B:
                        ret=ssl3_get_server_hello(s);
                        if (ret <= 0) goto end;
-#ifndef OPENSSL_NO_TLSEXT
-                       {
-                               int al;
-                               switch (ssl_check_tlsext(s,&al))
-                                       {
-                               case SSL_TLSEXT_ERR_ALERT_FATAL:
-                                       ssl3_send_alert(s,SSL3_AL_FATAL,al);
-                                       SSLerr(SSL_F_SSL3_CONNECT,SSL_R_SERVERHELLO_TLS_EXT);
-                                       ret = -1;
-                                       goto end;
 
-                               case SSL_TLSEXT_ERR_ALERT_WARNING:
-                                       ssl3_send_alert(s,SSL3_AL_WARNING,al); 
-                                       
-                               default:
-                                       ;
-                                       }
-                       }
-#endif
                        if (s->hit)
                                s->state=SSL3_ST_CR_FINISHED_A;
                        else
@@ -822,6 +804,11 @@ int ssl3_get_server_hello(SSL *s)
                        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_PARSE_TLS_EXT);
                        goto f_err; 
                        }
+               if (ssl_check_tlsext(s,0) <= 0)
+                       {
+                       SSLerr(SSL_F_SSL3_CONNECT,SSL_R_SERVERHELLO_TLS_EXT);
+                               goto err;
+                       }
                }
 #endif
 
index 28d425a..479b281 100644 (file)
@@ -281,25 +281,7 @@ int ssl3_accept(SSL *s)
                        s->shutdown=0;
                        ret=ssl3_get_client_hello(s);
                        if (ret <= 0) goto end;
-#ifndef OPENSSL_NO_TLSEXT
-                       {
-                               int al;
-                               switch (ssl_check_tlsext(s,&al))
-                                       {
-                               case SSL_TLSEXT_ERR_ALERT_FATAL:
-                                       ssl3_send_alert(s,SSL3_AL_FATAL,al); 
-                                       SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_CLIENTHELLO_TLS_EXT);
-                                       ret = -1;
-                                       goto end;
-
-                               case SSL_TLSEXT_ERR_ALERT_WARNING:
-                                       ssl3_send_alert(s,SSL3_AL_WARNING,al); 
-                                       
-                               default:
-                                       break;
-                                       }
-                       }
-#endif
+                       
                        s->new_session = 2;
                        s->state=SSL3_ST_SW_SRVR_HELLO_A;
                        s->init_num=0;
@@ -914,6 +896,23 @@ int ssl3_get_client_hello(SSL *s)
                goto f_err;
                }
 
+#ifndef OPENSSL_NO_TLSEXT
+       /* TLS extensions*/
+       if (s->version > SSL3_VERSION)
+               {
+               if (!ssl_parse_clienthello_tlsext(s,&p,d,n, &al))
+                       {
+                       /* 'al' set by ssl_parse_clienthello_tlsext */
+                       SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_PARSE_TLS_EXT);
+                       goto f_err;
+                       }
+               }
+               if (ssl_check_tlsext(s,1) <= 0) {
+                       SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_CLIENTHELLO_TLS_EXT);
+                       goto err;
+               }
+#endif
+
        /* Worst case, we will use the NULL compression, but if we have other
         * options, we will now look for them.  We have i-1 compression
         * algorithms from the client, starting at q. */
@@ -945,19 +944,6 @@ int ssl3_get_client_hello(SSL *s)
                }
 #endif
 
-#ifndef OPENSSL_NO_TLSEXT
-       /* TLS extensions*/
-       if (s->version > SSL3_VERSION)
-               {
-               if (!ssl_parse_clienthello_tlsext(s,&p,d,n, &al))
-                       {
-                       /* 'al' set by ssl_parse_clienthello_tlsext */
-                       SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_PARSE_TLS_EXT);
-                       goto f_err;
-                       }
-               }
-#endif
-
        /* Given s->session->ciphers and SSL_get_ciphers, we must
         * pick a cipher */
 
index ccc490a..f8ec859 100644 (file)
@@ -945,6 +945,6 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
 unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit); 
 int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n, int *al);
 int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n, int *al);
-int ssl_check_tlsext(SSL *s,int *al);
+int ssl_check_tlsext(SSL *s, int is_server);
 #endif
 #endif
index 1aa5e90..abbde22 100644 (file)
@@ -387,19 +387,30 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
        return 1;
 }
 
-int ssl_check_tlsext(SSL *s,int *al)
+int ssl_check_tlsext(SSL *s, int is_server)
        {
        int ret=SSL_TLSEXT_ERR_NOACK;
 
-       *al = SSL_AD_UNRECOGNIZED_NAME;
+       int al = SSL_AD_UNRECOGNIZED_NAME;
 
        if (s->ctx != NULL && s->ctx->tlsext_servername_callback != 0) 
-               ret = s->ctx->tlsext_servername_callback(s, al, s->ctx->tlsext_servername_arg);
+               ret = s->ctx->tlsext_servername_callback(s, &al, s->ctx->tlsext_servername_arg);
        else if (s->initial_ctx != NULL && s->initial_ctx->tlsext_servername_callback != 0)             
-               ret = s->initial_ctx->tlsext_servername_callback(s, al, s->initial_ctx->tlsext_servername_arg);
+               ret = s->initial_ctx->tlsext_servername_callback(s, &al, s->initial_ctx->tlsext_servername_arg);
 
-       if (ret == SSL_TLSEXT_ERR_NOACK) 
-               s->servername_done=0;
-       return ret;
+       switch (ret) {
+               case SSL_TLSEXT_ERR_ALERT_FATAL:
+                       ssl3_send_alert(s,SSL3_AL_FATAL,al); 
+                       return -1;
+
+               case SSL_TLSEXT_ERR_ALERT_WARNING:
+                       ssl3_send_alert(s,SSL3_AL_WARNING,al);
+                       return 1; 
+                                       
+               case SSL_TLSEXT_ERR_NOACK:
+                       s->servername_done=0;
+                       default:
+               return 1;
        }
+}
 #endif