Introduce TLSEXT_STATUSTYPE_nothing constant

author Matt Caswell <matt@openssl.org>

Wed, 7 Dec 2016 17:27:22 +0000 (17:27 +0000)

committer Matt Caswell <matt@openssl.org>

Thu, 8 Dec 2016 17:21:09 +0000 (17:21 +0000)
author Matt Caswell <matt@openssl.org>
Wed, 7 Dec 2016 17:27:22 +0000 (17:27 +0000)
committer Matt Caswell <matt@openssl.org>
Thu, 8 Dec 2016 17:21:09 +0000 (17:21 +0000)
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c

index 4d41b17fa070e324b75dd7775e64fa8adfb881c1..65e3ba1824dbc3b8c252982582a322ddf3fe3d70 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2556,7 +2556,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
       */
      ret->options |= SSL_OP_NO_COMPRESSION;
  
-    ret->tlsext_status_type = -1;
+    ret->tlsext_status_type = TLSEXT_STATUSTYPE_nothing;
  
      return ret;
   err:
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h

index c18fec33a6f1aa900fe2196f9267afe14ca921e5..6b603dd5fbab456c9f59ee740ae527dcc5a27913 100644 (file)
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -1671,6 +1671,12 @@ typedef enum tlsext_index_en {
      TLSEXT_IDX_padding
  } TLSEXT_INDEX;
  
+/*
+ * Dummy status type for the status_type extension. Indicates no status type
+ * set
+ */
+#define TLSEXT_STATUSTYPE_nothing  -1
+
  #define MAX_COMPRESSIONS_SIZE   255
  
  typedef struct {
diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c

index 5c0dda411d586bfd6bdff4e53fe668ae22aafb41..15a47e0b840c453ed1989d4ff8c2f2693afb76bb 100644 (file)
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -764,7 +764,7 @@ static int init_session_ticket(SSL *s, unsigned int context)
  static int init_status_request(SSL *s, unsigned int context)
  {
      if (s->server)
-        s->tlsext_status_type = -1;
+        s->tlsext_status_type = TLSEXT_STATUSTYPE_nothing;
  
      return 1;
  }
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c

index 950f1990ccaa7628b48c7a1afd61d718a2660aee..71187f66565a88ec87bc96a39cdc448c5618411d 100644 (file)
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -754,7 +754,8 @@ int tls_parse_stoc_status_request(SSL *s, PACKET *pkt, int *al)
       * MUST be empty and only sent if we've requested a status
       * request message.
       */
-    if (s->tlsext_status_type == -1 || PACKET_remaining(pkt) > 0) {
+    if (s->tlsext_status_type == TLSEXT_STATUSTYPE_nothing
+            || PACKET_remaining(pkt) > 0) {
          *al = SSL_AD_UNSUPPORTED_EXTENSION;
          return 0;
      }
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c

index 1eeae096d6cda54f01fbd4892a4b94b5e20c7828..bf569d280acc8a4c747bcb36e8c724ca32adbebb 100644 (file)
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -228,7 +228,7 @@ int tls_parse_ctos_status_request(SSL *s, PACKET *pkt, int *al)
          /*
           * We don't know what to do with any other type so ignore it.
           */
-        s->tlsext_status_type = -1;
+        s->tlsext_status_type = TLSEXT_STATUSTYPE_nothing;
          return 1;
      }
  
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c

index 7017615af344b937fdad74561493370b471107d4..18430ea315015151f07addc596a32e82cb22419e 100644 (file)
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2227,7 +2227,8 @@ int tls_process_initial_server_flight(SSL *s, int *al)
       * |tlsext_ocsp_resplen| values will be set if we actually received a status
       * message, or NULL and -1 otherwise
       */
-    if (s->tlsext_status_type != -1 && s->ctx->tlsext_status_cb != NULL) {
+    if (s->tlsext_status_type != TLSEXT_STATUSTYPE_nothing
+            && s->ctx->tlsext_status_cb != NULL) {
          int ret;
          ret = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
          if (ret == 0) {
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c

index 12d16702789d3f0757ab081eb2fa75a0210208df..56f39987039547ecf3936a8acc513a7e513d9a03 100644 (file)
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -1704,7 +1704,7 @@ static int tls_handle_status_request(SSL *s, int *al)
       * and must be called after the cipher has been chosen because this may
       * influence which certificate is sent
       */
-    if (s->tlsext_status_type != -1 && s->ctx != NULL
+    if (s->tlsext_status_type != TLSEXT_STATUSTYPE_nothing && s->ctx != NULL
              && s->ctx->tlsext_status_cb != NULL) {
          int ret;
          CERT_PKEY *certpkey = ssl_get_server_send_pkey(s);
author	Matt Caswell <matt@openssl.org>
	Wed, 7 Dec 2016 17:27:22 +0000 (17:27 +0000)
committer	Matt Caswell <matt@openssl.org>
	Thu, 8 Dec 2016 17:21:09 +0000 (17:21 +0000)
ssl/ssl_lib.c		patch \| blob \| history
ssl/ssl_locl.h		patch \| blob \| history
ssl/statem/extensions.c		patch \| blob \| history
ssl/statem/extensions_clnt.c		patch \| blob \| history
ssl/statem/extensions_srvr.c		patch \| blob \| history
ssl/statem/statem_clnt.c		patch \| blob \| history
ssl/statem/statem_srvr.c		patch \| blob \| history