summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
6c79faa)
Some TLS extensions were disabled for DTLS. Possibly because they caused
problems with the old duplicated code. Enable them again.
#ifndef OPENSSL_NO_EC
/* See if we support any ECC ciphersuites */
int using_ecc = 0;
#ifndef OPENSSL_NO_EC
/* See if we support any ECC ciphersuites */
int using_ecc = 0;
- if (s->version != DTLS1_VERSION && s->version >= TLS1_VERSION)
+ if (s->version >= TLS1_VERSION || SSL_IS_DTLS(s))
{
int i;
unsigned long alg_k, alg_a;
{
int i;
unsigned long alg_k, alg_a;
}
#ifdef TLSEXT_TYPE_opaque_prf_input
}
#ifdef TLSEXT_TYPE_opaque_prf_input
- if (s->s3->client_opaque_prf_input != NULL &&
- s->version != DTLS1_VERSION)
+ if (s->s3->client_opaque_prf_input != NULL)
{
size_t col = s->s3->client_opaque_prf_input_len;
{
size_t col = s->s3->client_opaque_prf_input_len;
- if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp &&
- s->version != DTLS1_VERSION)
+ if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp)
{
int i;
long extlen, idlen, itmp;
{
int i;
long extlen, idlen, itmp;
- if (using_ecc && s->version != DTLS1_VERSION)
{
const unsigned char *plist;
size_t plistlen;
{
const unsigned char *plist;
size_t plistlen;
}
#ifdef TLSEXT_TYPE_opaque_prf_input
}
#ifdef TLSEXT_TYPE_opaque_prf_input
- if (s->s3->server_opaque_prf_input != NULL &&
- s->version != DTLS1_VERSION)
+ if (s->s3->server_opaque_prf_input != NULL)
{
size_t sol = s->s3->server_opaque_prf_input_len;
{
size_t sol = s->s3->server_opaque_prf_input_len;
#endif
#ifndef OPENSSL_NO_EC
#endif
#ifndef OPENSSL_NO_EC
- else if (type == TLSEXT_TYPE_ec_point_formats &&
- s->version != DTLS1_VERSION)
+ else if (type == TLSEXT_TYPE_ec_point_formats)
{
unsigned char *sdata = data;
int ecpointformatlist_length = *(sdata++);
{
unsigned char *sdata = data;
int ecpointformatlist_length = *(sdata++);
fprintf(stderr,"\n");
#endif
}
fprintf(stderr,"\n");
#endif
}
- else if (type == TLSEXT_TYPE_elliptic_curves &&
- s->version != DTLS1_VERSION)
+ else if (type == TLSEXT_TYPE_elliptic_curves)
{
unsigned char *sdata = data;
int ellipticcurvelist_length = (*(sdata++) << 8);
{
unsigned char *sdata = data;
int ellipticcurvelist_length = (*(sdata++) << 8);
}
#endif /* OPENSSL_NO_EC */
#ifdef TLSEXT_TYPE_opaque_prf_input
}
#endif /* OPENSSL_NO_EC */
#ifdef TLSEXT_TYPE_opaque_prf_input
- else if (type == TLSEXT_TYPE_opaque_prf_input &&
- s->version != DTLS1_VERSION)
+ else if (type == TLSEXT_TYPE_opaque_prf_input)
{
unsigned char *sdata = data;
{
unsigned char *sdata = data;
- else if (type == TLSEXT_TYPE_status_request &&
- s->version != DTLS1_VERSION && s->ctx->tlsext_status_cb)
+ else if (type == TLSEXT_TYPE_status_request
+ && s->ctx->tlsext_status_cb)
- else if (type == TLSEXT_TYPE_ec_point_formats &&
- s->version != DTLS1_VERSION)
+ else if (type == TLSEXT_TYPE_ec_point_formats)
{
unsigned char *sdata = data;
int ecpointformatlist_length = *(sdata++);
{
unsigned char *sdata = data;
int ecpointformatlist_length = *(sdata++);
s->tlsext_ticket_expected = 1;
}
#ifdef TLSEXT_TYPE_opaque_prf_input
s->tlsext_ticket_expected = 1;
}
#ifdef TLSEXT_TYPE_opaque_prf_input
- else if (type == TLSEXT_TYPE_opaque_prf_input &&
- s->version != DTLS1_VERSION)
+ else if (type == TLSEXT_TYPE_opaque_prf_input)
{
unsigned char *sdata = data;
{
unsigned char *sdata = data;
- else if (type == TLSEXT_TYPE_status_request &&
- s->version != DTLS1_VERSION)
+ else if (type == TLSEXT_TYPE_status_request)
{
/* MUST be empty and only sent if we've requested
* a status request message.
{
/* MUST be empty and only sent if we've requested
* a status request message.