Type-checked (and modern C compliant) OBJ_bsearch.

[openssl.git] / ssl / s23_clnt.c

diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c
index 1181d055bb82606084b1a7092eb0a092efdec835..cc6c527f19fdcc9507e06682fc0d9dc2cfaffd7e 100644 (file)
--- a/ssl/s23_clnt.c
+++ b/ssl/s23_clnt.c
@@ -276,6 +276,22 @@ static int ssl23_client_hello(SSL *s)
                {
                version = SSL2_VERSION;
                }
+#ifndef OPENSSL_NO_TLSEXT
+       if (version != SSL2_VERSION)
+               {
+               /* have to disable SSL 2.0 compatibility if we need TLS extensions */
+
+               if (s->tlsext_hostname != NULL)
+                       ssl2_compat = 0;
+               if (s->tlsext_status_type != -1)
+                       ssl2_compat = 0;
+               
+#ifdef TLSEXT_TYPE_opaque_prf_input
+               if (s->ctx->tlsext_opaque_prf_input_callback != 0 || s->tlsext_opaque_prf_input != NULL)
+                       ssl2_compat = 0;
+#endif
+               }
+#endif
 
        buf=(unsigned char *)s->init_buf->data;
        if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
@@ -420,6 +436,12 @@ static int ssl23_client_hello(SSL *s)
                        *(p++)=0; /* Add the NULL method */
 
 #ifndef OPENSSL_NO_TLSEXT
+                       /* TLS extensions*/
+                       if (ssl_prepare_clienthello_tlsext(s) <= 0)
+                               {
+                               SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT);
+                               return -1;
+                               }
                        if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH)) == NULL)
                                {
                                SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
@@ -619,6 +641,9 @@ static int ssl23_get_server_hello(SSL *s)
                 * for SSLv3 */
                s->rstate=SSL_ST_READ_HEADER;
                s->packet_length=n;
+               if (s->s3->rbuf.buf == NULL)
+                       if (!ssl3_setup_read_buffer(s))
+                               goto err;
                s->packet= &(s->s3->rbuf.buf[0]);
                memcpy(s->packet,buf,n);
                s->s3->rbuf.left=n;