Use typedefs for PSK, NPN, ALPN callback functions

author Rich Salz <rsalz@openssl.org>

Sun, 11 Dec 2016 20:01:28 +0000 (15:01 -0500)

committer Rich Salz <rsalz@openssl.org>

Tue, 10 Jan 2017 03:26:47 +0000 (22:26 -0500)
author Rich Salz <rsalz@openssl.org>
Sun, 11 Dec 2016 20:01:28 +0000 (15:01 -0500)
committer Rich Salz <rsalz@openssl.org>
Tue, 10 Jan 2017 03:26:47 +0000 (22:26 -0500)
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h

index 18d36922e39a1042b615bb2fb224daac2a77a403..9dc4a3f18358c7fdf38765e39b2245034bfda40c 100644 (file)
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -656,25 +656,30 @@ void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
                                                                 unsigned int
                                                                 cookie_len));
  # ifndef OPENSSL_NO_NEXTPROTONEG
-#  define SSL_CTX_set_npn_select_cb SSL_CTX_set_next_proto_select_cb
-#  define SSL_CTX_set_npn_advertised_cb SSL_CTX_set_next_protos_advertised_cb
-#  define SSL_get0_npn_negotiated SSL_get0_next_proto_negotiated
+
+typedef int (*SSL_CTX_npn_advertised_cb_func)(SSL *ssl,
+                                              const unsigned char **out,
+                                              unsigned int *outlen,
+                                              void *arg);
  void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s,
-                                           int (*cb) (SSL *ssl,
-                                                      const unsigned char **out,
-                                                      unsigned int *outlen,
-                                                      void *arg),
-                                           void *arg);
+                                   SSL_CTX_npn_advertised_cb_func cb,
+                                   void *arg);
+#  define SSL_CTX_set_npn_advertised_cb SSL_CTX_set_next_protos_advertised_cb
+
+typedef int (*SSL_CTX_npn_select_cb_func)(SSL *s,
+                                          unsigned char **out,
+                                          unsigned char *outlen,
+                                          const unsigned char *in,
+                                          unsigned int inlen,
+                                          void *arg);
  void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s,
-                                      int (*cb) (SSL *ssl,
-                                                 unsigned char **out,
-                                                 unsigned char *outlen,
-                                                 const unsigned char *in,
-                                                 unsigned int inlen,
-                                                 void *arg),
+                                      SSL_CTX_npn_select_cb_func cb,
                                        void *arg);
+#  define SSL_CTX_set_npn_select_cb SSL_CTX_set_next_proto_select_cb
+
  void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
                                      unsigned *len);
+#  define SSL_get0_npn_negotiated SSL_get0_next_proto_negotiated
  # endif
  
  __owur int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
@@ -690,13 +695,15 @@ __owur int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
                                     unsigned int protos_len);
  __owur int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
                                 unsigned int protos_len);
-void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
-                                int (*cb) (SSL *ssl,
+typedef int (*SSL_CTX_alpn_select_cb_func)(SSL *ssl,
                                             const unsigned char **out,
                                             unsigned char *outlen,
                                             const unsigned char *in,
                                             unsigned int inlen,
-                                           void *arg), void *arg);
+                                           void *arg);
+void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
+                                SSL_CTX_alpn_select_cb_func cb,
+                                void *arg);
  void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
                              unsigned int *len);
  
@@ -707,64 +714,22 @@ void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
   */
  #  define PSK_MAX_IDENTITY_LEN 128
  #  define PSK_MAX_PSK_LEN 256
-void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
-                                     unsigned int (*psk_client_callback) (SSL
-                                                                          *ssl,
-                                                                          const
-                                                                          char
-                                                                          *hint,
-                                                                          char
-                                                                          *identity,
-                                                                          unsigned
-                                                                          int
-                                                                          max_identity_len,
-                                                                          unsigned
-                                                                          char
-                                                                          *psk,
-                                                                          unsigned
-                                                                          int
-                                                                          max_psk_len));
-void SSL_set_psk_client_callback(SSL *ssl,
-                                 unsigned int (*psk_client_callback) (SSL
-                                                                      *ssl,
-                                                                      const
-                                                                      char
-                                                                      *hint,
-                                                                      char
-                                                                      *identity,
-                                                                      unsigned
-                                                                      int
-                                                                      max_identity_len,
-                                                                      unsigned
-                                                                      char
-                                                                      *psk,
-                                                                      unsigned
-                                                                      int
-                                                                      max_psk_len));
-void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
-                                     unsigned int (*psk_server_callback) (SSL
-                                                                          *ssl,
-                                                                          const
-                                                                          char
-                                                                          *identity,
-                                                                          unsigned
-                                                                          char
-                                                                          *psk,
-                                                                          unsigned
-                                                                          int
-                                                                          max_psk_len));
-void SSL_set_psk_server_callback(SSL *ssl,
-                                 unsigned int (*psk_server_callback) (SSL
-                                                                      *ssl,
-                                                                      const
-                                                                      char
-                                                                      *identity,
-                                                                      unsigned
-                                                                      char
-                                                                      *psk,
-                                                                      unsigned
-                                                                      int
-                                                                      max_psk_len));
+typedef unsigned int (*SSL_psk_client_cb_func)(SSL *ssl,
+                                               const char *hint,
+                                               char *identity,
+                                               unsigned int max_identity_len,
+                                               unsigned char *psk,
+                                               unsigned int max_psk_len);
+void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, SSL_psk_client_cb_func cb);
+void SSL_set_psk_client_callback(SSL *ssl, SSL_psk_client_cb_func cb);
+
+typedef unsigned int (*SSL_psk_server_cb_func)(SSL *ssl,
+                                               const char *identity,
+                                               unsigned char *psk,
+                                               unsigned int max_psk_len);
+void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, SSL_psk_server_cb_func cb);
+void SSL_set_psk_server_callback(SSL *ssl, SSL_psk_server_cb_func cb);
+
  __owur int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint);
  __owur int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint);
  const char *SSL_get_psk_identity_hint(const SSL *s);
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c

index ddc2ff78e7d0209230c074a3402e05fcc5f38d34..58873456c8134693e1f0eb7a89138f7e7cea50b8 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2267,10 +2267,7 @@ void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
   * ServerHello.
   */
  void SSL_CTX_set_npn_advertised_cb(SSL_CTX *ctx,
-                                   int (*cb) (SSL *ssl,
-                                              const unsigned char **out,
-                                              unsigned int *outlen,
-                                              void *arg),
+                                   SSL_CTX_npn_advertised_cb_func cb,
                                     void *arg)
  {
      ctx->ext.npn_advertised_cb = cb;
@@ -2288,11 +2285,7 @@ void SSL_CTX_set_npn_advertised_cb(SSL_CTX *ctx,
   * a value other than SSL_TLSEXT_ERR_OK.
   */
  void SSL_CTX_set_npn_select_cb(SSL_CTX *ctx,
-                               int (*cb) (SSL *s, unsigned char **out,
-                                          unsigned char *outlen,
-                                          const unsigned char *in,
-                                          unsigned int inlen,
-                                          void *arg),
+                               SSL_CTX_npn_select_cb_func cb,
                                 void *arg)
  {
      ctx->ext.npn_select_cb = cb;
@@ -2344,12 +2337,8 @@ int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
   * from the client's list of offered protocols.
   */
  void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
-                                int (*cb) (SSL *ssl,
-                                           const unsigned char **out,
-                                           unsigned char *outlen,
-                                           const unsigned char *in,
-                                           unsigned int inlen,
-                                           void *arg), void *arg)
+                                SSL_CTX_alpn_select_cb_func cb,
+                                void *arg)
  {
      ctx->ext.alpn_select_cb = cb;
      ctx->ext.alpn_select_cb_arg = arg;
@@ -3726,46 +3715,22 @@ const char *SSL_get_psk_identity(const SSL *s)
      return (s->session->psk_identity);
  }
  
-void SSL_set_psk_client_callback(SSL *s,
-                                 unsigned int (*cb) (SSL *ssl,
-                                                     const char *hint,
-                                                     char *identity,
-                                                     unsigned int
-                                                     max_identity_len,
-                                                     unsigned char *psk,
-                                                     unsigned int max_psk_len))
+void SSL_set_psk_client_callback(SSL *s, SSL_psk_client_cb_func cb)
  {
      s->psk_client_callback = cb;
  }
  
-void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
-                                     unsigned int (*cb) (SSL *ssl,
-                                                         const char *hint,
-                                                         char *identity,
-                                                         unsigned int
-                                                         max_identity_len,
-                                                         unsigned char *psk,
-                                                         unsigned int
-                                                         max_psk_len))
+void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, SSL_psk_client_cb_func cb)
  {
      ctx->psk_client_callback = cb;
  }
  
-void SSL_set_psk_server_callback(SSL *s,
-                                 unsigned int (*cb) (SSL *ssl,
-                                                     const char *identity,
-                                                     unsigned char *psk,
-                                                     unsigned int max_psk_len))
+void SSL_set_psk_server_callback(SSL *s, SSL_psk_server_cb_func cb)
  {
      s->psk_server_callback = cb;
  }
  
-void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
-                                     unsigned int (*cb) (SSL *ssl,
-                                                         const char *identity,
-                                                         unsigned char *psk,
-                                                         unsigned int
-                                                         max_psk_len))
+void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, SSL_psk_server_cb_func cb)
  {
      ctx->psk_server_callback = cb;
  }
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h

index 06557bb4b2fdd4466810c649dca64ec7ff297e42..84a91a125f81f9fac072b0d6c7bff9030d1b734f 100644 (file)
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -843,30 +843,20 @@ struct ssl_ctx_st {
           * For a server, this contains a callback function by which the set of
           * advertised protocols can be provided.
           */
-        int (*npn_advertised_cb) (SSL *s, const unsigned char **buf,
-                                          unsigned int *len, void *arg);
+        SSL_CTX_npn_advertised_cb_func npn_advertised_cb;
          void *npn_advertised_cb_arg;
          /*
           * For a client, this contains a callback function that selects the next
           * protocol from the list provided by the server.
           */
-        int (*npn_select_cb) (SSL *s, unsigned char **out,
-                                     unsigned char *outlen,
-                                     const unsigned char *in,
-                                     unsigned int inlen, void *arg);
+        SSL_CTX_npn_select_cb_func npn_select_cb;
          void *npn_select_cb_arg;
  # endif
      } ext;
  
  # ifndef OPENSSL_NO_PSK
-    unsigned int (*psk_client_callback) (SSL *ssl, const char *hint,
-                                         char *identity,
-                                         unsigned int max_identity_len,
-                                         unsigned char *psk,
-                                         unsigned int max_psk_len);
-    unsigned int (*psk_server_callback) (SSL *ssl, const char *identity,
-                                         unsigned char *psk,
-                                         unsigned int max_psk_len);
+    SSL_psk_client_cb_func psk_client_callback;
+    SSL_psk_server_cb_func psk_server_callback;
  # endif
  
  # ifndef OPENSSL_NO_SRP
@@ -1002,14 +992,8 @@ struct ssl_st {
      /* actual code */
      int error_code;
  # ifndef OPENSSL_NO_PSK
-    unsigned int (*psk_client_callback) (SSL *ssl, const char *hint,
-                                         char *identity,
-                                         unsigned int max_identity_len,
-                                         unsigned char *psk,
-                                         unsigned int max_psk_len);
-    unsigned int (*psk_server_callback) (SSL *ssl, const char *identity,
-                                         unsigned char *psk,
-                                         unsigned int max_psk_len);
+    SSL_psk_client_cb_func psk_client_callback;
+    SSL_psk_server_cb_func psk_server_callback;
  # endif
      SSL_CTX *ctx;
      /* Verified chain of peer */
diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c

index 2568ac65733a7340fd36623557a6d8d0fbffb063..a68dd4883514cf5c18ce4b561c628a13afdf00d6 100644 (file)
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -799,31 +799,13 @@ static int init_status_request(SSL *s, unsigned int context)
           * Ensure we get sensible values passed to tlsext_status_cb in the event
           * that we don't receive a status message
           */
-        OPENSSL_free(s->tlsext_ocsp_resp);
-        s->ext.ocsp_resp = NULL;
-        s->ext.ocsp_resplen = 0;
+        OPENSSL_free(s->ext.ocsp.resp);
+        s->ext.ocsp.resp = NULL;
+        s->ext.ocsp.resp_len = 0;
      }
  
      return 1;
  }
-
-static int final_status_request(SSL *s, unsigned int context, int sent,
-                                        int *al)
-{
-    if (s->server)
-        return 1;
-
-    /*
-     * Ensure we get sensible values passed to ext.status_cb in the event
-     * that we don't receive a status message
-     */
-    OPENSSL_free(s->ext.ocsp.resp);
-    s->ext.ocsp.resp = NULL;
-    s->ext.ocsp.resp_len = 0;
->>>>>>> Move extension data into sub-structs
-
-    return 1;
-}
  #endif
  
  #ifndef OPENSSL_NO_NEXTPROTONEG
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c

index 82713d2dfbd243eb78b37e334cf8278e82e21da1..9fa16b1417f06653e32fec7dbf0ec8b9303862e5 100644 (file)
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2204,18 +2204,18 @@ int tls_process_cert_status_body(SSL *s, PACKET *pkt, int *al)
          SSLerr(SSL_F_TLS_PROCESS_CERT_STATUS_BODY, SSL_R_LENGTH_MISMATCH);
          return 0;
      }
-    s->tlsext_ocsp_resp = OPENSSL_malloc(resplen);
-    if (s->ext.ocsp_resp == NULL) {
+    s->ext.ocsp.resp = OPENSSL_malloc(resplen);
+    if (s->ext.ocsp.resp == NULL) {
          *al = SSL_AD_INTERNAL_ERROR;
          SSLerr(SSL_F_TLS_PROCESS_CERT_STATUS_BODY, ERR_R_MALLOC_FAILURE);
          return 0;
      }
-    if (!PACKET_copy_bytes(pkt, s->ext.ocsp_resp, resplen)) {
+    if (!PACKET_copy_bytes(pkt, s->ext.ocsp.resp, resplen)) {
          *al = SSL_AD_DECODE_ERROR;
          SSLerr(SSL_F_TLS_PROCESS_CERT_STATUS_BODY, SSL_R_LENGTH_MISMATCH);
          return 0;
      }
-    s->ext.ocsp_resplen = resplen;
+    s->ext.ocsp.resp_len = resplen;
  
      return 1;
  }
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c

index 475f405768b9cc8ae3af40b3b9388e97bc9f4ef8..224b1581923602c79326f728c96e6e03b9914240 100644 (file)
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -3465,10 +3465,9 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
   */
  int tls_construct_cert_status_body(SSL *s, WPACKET *pkt)
  {
-<<<<<<< 3b72dcd5fb4d2c756a830dba1fc34f4a7ae61b73
-    if (!WPACKET_put_bytes_u8(pkt, s->tlsext_status_type)
-            || !WPACKET_sub_memcpy_u24(pkt, s->tlsext_ocsp_resp,
-                                       s->tlsext_ocsp_resplen)) {
+    if (!WPACKET_put_bytes_u8(pkt, s->ext.status_type)
+            || !WPACKET_sub_memcpy_u24(pkt, s->ext.ocsp.resp,
+                                       s->ext.ocsp.resp_len)) {
          SSLerr(SSL_F_TLS_CONSTRUCT_CERT_STATUS_BODY, ERR_R_INTERNAL_ERROR);
          return 0;
      }
@@ -3479,12 +3478,6 @@ int tls_construct_cert_status_body(SSL *s, WPACKET *pkt)
  int tls_construct_cert_status(SSL *s, WPACKET *pkt)
  {
      if (!tls_construct_cert_status_body(s, pkt)) {
-=======
-    if (!WPACKET_put_bytes_u8(pkt, s->ext.status_type)
-            || !WPACKET_sub_memcpy_u24(pkt, s->ext.ocsp.resp,
-                                       s->ext.ocsp.resp_len)) {
-        SSLerr(SSL_F_TLS_CONSTRUCT_CERT_STATUS, ERR_R_INTERNAL_ERROR);
->>>>>>> Move extension data into sub-structs
          ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
          return 0;
      }
author	Rich Salz <rsalz@openssl.org>
	Sun, 11 Dec 2016 20:01:28 +0000 (15:01 -0500)
committer	Rich Salz <rsalz@openssl.org>
	Tue, 10 Jan 2017 03:26:47 +0000 (22:26 -0500)
include/openssl/ssl.h		patch \| blob \| history
ssl/ssl_lib.c		patch \| blob \| history
ssl/ssl_locl.h		patch \| blob \| history
ssl/statem/extensions.c		patch \| blob \| history
ssl/statem/statem_clnt.c		patch \| blob \| history
ssl/statem/statem_srvr.c		patch \| blob \| history