New function SSL_extension_supported().
authorDr. Stephen Henson <steve@openssl.org>
Tue, 19 Aug 2014 12:33:51 +0000 (13:33 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Thu, 28 Aug 2014 17:10:21 +0000 (18:10 +0100)
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit c846a5f5678a7149bc6cbd37dbdae886a5108364)

ssl/ssl.h
ssl/t1_ext.c

index 189d2e89c15f925be4adaf9bd3d6a96e22e11507..03dfc5bebeb8295ba6eda6827158cac3ab90322b 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1257,6 +1257,9 @@ int SSL_CTX_set_custom_srv_ext(SSL_CTX *ctx, unsigned int ext_type,
                               custom_ext_free_cb free_cb,
                                void *add_arg,
                               custom_ext_parse_cb parse_cb, void *parse_arg);
+
+int SSL_extension_supported(unsigned int ext_type);
+
 #endif
 
 #define SSL_NOTHING    1
index 115e4345eaae54e7e1ae7380653972f6acacad69..0cca8d55069688f397a8e13f0720bfe76f6e1d1a 100644 (file)
@@ -218,30 +218,9 @@ static int custom_ext_set(custom_ext_methods *exts,
                        custom_ext_parse_cb parse_cb, void *parse_arg)
        {
        custom_ext_method *meth;
-       /* See if it is a supported internally */
-       switch(ext_type)
-               {
-       case TLSEXT_TYPE_application_layer_protocol_negotiation:
-       case TLSEXT_TYPE_ec_point_formats:
-       case TLSEXT_TYPE_elliptic_curves:
-       case TLSEXT_TYPE_heartbeat:
-       case TLSEXT_TYPE_next_proto_neg:
-       case TLSEXT_TYPE_padding:
-       case TLSEXT_TYPE_renegotiate:
-       case TLSEXT_TYPE_server_name:
-       case TLSEXT_TYPE_session_ticket:
-       case TLSEXT_TYPE_signature_algorithms:
-       case TLSEXT_TYPE_srp:
-       case TLSEXT_TYPE_status_request:
-       case TLSEXT_TYPE_use_srtp:
-#ifdef TLSEXT_TYPE_opaque_prf_input
-       case TLSEXT_TYPE_opaque_prf_input:
-#endif
-#ifdef TLSEXT_TYPE_encrypt_then_mac
-       case TLSEXT_TYPE_encrypt_then_mac:
-#endif
+       /* Don't add if extension supported internall */
+       if (SSL_extension_supported(ext_type))
                return 0;
-               }
        /* Extension type must fit in 16 bits */
        if (ext_type > 0xffff)
                return 0;
@@ -293,4 +272,34 @@ int SSL_CTX_set_custom_srv_ext(SSL_CTX *ctx, unsigned int ext_type,
                                add_cb, free_cb, add_arg,
                                parse_cb, parse_arg);
        }
+
+int SSL_extension_supported(unsigned int ext_type)
+       {
+       /* See if it is a supported internally */
+       switch(ext_type)
+               {
+       case TLSEXT_TYPE_application_layer_protocol_negotiation:
+       case TLSEXT_TYPE_ec_point_formats:
+       case TLSEXT_TYPE_elliptic_curves:
+       case TLSEXT_TYPE_heartbeat:
+       case TLSEXT_TYPE_next_proto_neg:
+       case TLSEXT_TYPE_padding:
+       case TLSEXT_TYPE_renegotiate:
+       case TLSEXT_TYPE_server_name:
+       case TLSEXT_TYPE_session_ticket:
+       case TLSEXT_TYPE_signature_algorithms:
+       case TLSEXT_TYPE_srp:
+       case TLSEXT_TYPE_status_request:
+       case TLSEXT_TYPE_use_srtp:
+#ifdef TLSEXT_TYPE_opaque_prf_input
+       case TLSEXT_TYPE_opaque_prf_input:
+#endif
+#ifdef TLSEXT_TYPE_encrypt_then_mac
+       case TLSEXT_TYPE_encrypt_then_mac:
+#endif
+               return 1;
+       default:
+               return 0;
+               }
+       }
 #endif