unsigned int
cookie_len));
# ifndef OPENSSL_NO_NEXTPROTONEG
-# define SSL_CTX_set_npn_select_cb SSL_CTX_set_next_proto_select_cb
-# define SSL_CTX_set_npn_advertised_cb SSL_CTX_set_next_protos_advertised_cb
-# define SSL_get0_npn_negotiated SSL_get0_next_proto_negotiated
+
+typedef int (*SSL_CTX_npn_advertised_cb_func)(SSL *ssl,
+ const unsigned char **out,
+ unsigned int *outlen,
+ void *arg);
void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s,
- int (*cb) (SSL *ssl,
- const unsigned char **out,
- unsigned int *outlen,
- void *arg),
- void *arg);
+ SSL_CTX_npn_advertised_cb_func cb,
+ void *arg);
+# define SSL_CTX_set_npn_advertised_cb SSL_CTX_set_next_protos_advertised_cb
+
+typedef int (*SSL_CTX_npn_select_cb_func)(SSL *s,
+ unsigned char **out,
+ unsigned char *outlen,
+ const unsigned char *in,
+ unsigned int inlen,
+ void *arg);
void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s,
- int (*cb) (SSL *ssl,
- unsigned char **out,
- unsigned char *outlen,
- const unsigned char *in,
- unsigned int inlen,
- void *arg),
+ SSL_CTX_npn_select_cb_func cb,
void *arg);
+# define SSL_CTX_set_npn_select_cb SSL_CTX_set_next_proto_select_cb
+
void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
unsigned *len);
+# define SSL_get0_npn_negotiated SSL_get0_next_proto_negotiated
# endif
__owur int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
unsigned int protos_len);
__owur int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
unsigned int protos_len);
-void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
- int (*cb) (SSL *ssl,
+typedef int (*SSL_CTX_alpn_select_cb_func)(SSL *ssl,
const unsigned char **out,
unsigned char *outlen,
const unsigned char *in,
unsigned int inlen,
- void *arg), void *arg);
+ void *arg);
+void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
+ SSL_CTX_alpn_select_cb_func cb,
+ void *arg);
void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
unsigned int *len);
*/
# define PSK_MAX_IDENTITY_LEN 128
# define PSK_MAX_PSK_LEN 256
-void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
- unsigned int (*psk_client_callback) (SSL
- *ssl,
- const
- char
- *hint,
- char
- *identity,
- unsigned
- int
- max_identity_len,
- unsigned
- char
- *psk,
- unsigned
- int
- max_psk_len));
-void SSL_set_psk_client_callback(SSL *ssl,
- unsigned int (*psk_client_callback) (SSL
- *ssl,
- const
- char
- *hint,
- char
- *identity,
- unsigned
- int
- max_identity_len,
- unsigned
- char
- *psk,
- unsigned
- int
- max_psk_len));
-void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
- unsigned int (*psk_server_callback) (SSL
- *ssl,
- const
- char
- *identity,
- unsigned
- char
- *psk,
- unsigned
- int
- max_psk_len));
-void SSL_set_psk_server_callback(SSL *ssl,
- unsigned int (*psk_server_callback) (SSL
- *ssl,
- const
- char
- *identity,
- unsigned
- char
- *psk,
- unsigned
- int
- max_psk_len));
+typedef unsigned int (*SSL_psk_client_cb_func)(SSL *ssl,
+ const char *hint,
+ char *identity,
+ unsigned int max_identity_len,
+ unsigned char *psk,
+ unsigned int max_psk_len);
+void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, SSL_psk_client_cb_func cb);
+void SSL_set_psk_client_callback(SSL *ssl, SSL_psk_client_cb_func cb);
+
+typedef unsigned int (*SSL_psk_server_cb_func)(SSL *ssl,
+ const char *identity,
+ unsigned char *psk,
+ unsigned int max_psk_len);
+void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, SSL_psk_server_cb_func cb);
+void SSL_set_psk_server_callback(SSL *ssl, SSL_psk_server_cb_func cb);
+
__owur int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint);
__owur int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint);
const char *SSL_get_psk_identity_hint(const SSL *s);
* ServerHello.
*/
void SSL_CTX_set_npn_advertised_cb(SSL_CTX *ctx,
- int (*cb) (SSL *ssl,
- const unsigned char **out,
- unsigned int *outlen,
- void *arg),
+ SSL_CTX_npn_advertised_cb_func cb,
void *arg)
{
ctx->ext.npn_advertised_cb = cb;
* a value other than SSL_TLSEXT_ERR_OK.
*/
void SSL_CTX_set_npn_select_cb(SSL_CTX *ctx,
- int (*cb) (SSL *s, unsigned char **out,
- unsigned char *outlen,
- const unsigned char *in,
- unsigned int inlen,
- void *arg),
+ SSL_CTX_npn_select_cb_func cb,
void *arg)
{
ctx->ext.npn_select_cb = cb;
* from the client's list of offered protocols.
*/
void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
- int (*cb) (SSL *ssl,
- const unsigned char **out,
- unsigned char *outlen,
- const unsigned char *in,
- unsigned int inlen,
- void *arg), void *arg)
+ SSL_CTX_alpn_select_cb_func cb,
+ void *arg)
{
ctx->ext.alpn_select_cb = cb;
ctx->ext.alpn_select_cb_arg = arg;
return (s->session->psk_identity);
}
-void SSL_set_psk_client_callback(SSL *s,
- unsigned int (*cb) (SSL *ssl,
- const char *hint,
- char *identity,
- unsigned int
- max_identity_len,
- unsigned char *psk,
- unsigned int max_psk_len))
+void SSL_set_psk_client_callback(SSL *s, SSL_psk_client_cb_func cb)
{
s->psk_client_callback = cb;
}
-void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
- unsigned int (*cb) (SSL *ssl,
- const char *hint,
- char *identity,
- unsigned int
- max_identity_len,
- unsigned char *psk,
- unsigned int
- max_psk_len))
+void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, SSL_psk_client_cb_func cb)
{
ctx->psk_client_callback = cb;
}
-void SSL_set_psk_server_callback(SSL *s,
- unsigned int (*cb) (SSL *ssl,
- const char *identity,
- unsigned char *psk,
- unsigned int max_psk_len))
+void SSL_set_psk_server_callback(SSL *s, SSL_psk_server_cb_func cb)
{
s->psk_server_callback = cb;
}
-void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
- unsigned int (*cb) (SSL *ssl,
- const char *identity,
- unsigned char *psk,
- unsigned int
- max_psk_len))
+void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, SSL_psk_server_cb_func cb)
{
ctx->psk_server_callback = cb;
}
* For a server, this contains a callback function by which the set of
* advertised protocols can be provided.
*/
- int (*npn_advertised_cb) (SSL *s, const unsigned char **buf,
- unsigned int *len, void *arg);
+ SSL_CTX_npn_advertised_cb_func npn_advertised_cb;
void *npn_advertised_cb_arg;
/*
* For a client, this contains a callback function that selects the next
* protocol from the list provided by the server.
*/
- int (*npn_select_cb) (SSL *s, unsigned char **out,
- unsigned char *outlen,
- const unsigned char *in,
- unsigned int inlen, void *arg);
+ SSL_CTX_npn_select_cb_func npn_select_cb;
void *npn_select_cb_arg;
# endif
} ext;
# ifndef OPENSSL_NO_PSK
- unsigned int (*psk_client_callback) (SSL *ssl, const char *hint,
- char *identity,
- unsigned int max_identity_len,
- unsigned char *psk,
- unsigned int max_psk_len);
- unsigned int (*psk_server_callback) (SSL *ssl, const char *identity,
- unsigned char *psk,
- unsigned int max_psk_len);
+ SSL_psk_client_cb_func psk_client_callback;
+ SSL_psk_server_cb_func psk_server_callback;
# endif
# ifndef OPENSSL_NO_SRP
/* actual code */
int error_code;
# ifndef OPENSSL_NO_PSK
- unsigned int (*psk_client_callback) (SSL *ssl, const char *hint,
- char *identity,
- unsigned int max_identity_len,
- unsigned char *psk,
- unsigned int max_psk_len);
- unsigned int (*psk_server_callback) (SSL *ssl, const char *identity,
- unsigned char *psk,
- unsigned int max_psk_len);
+ SSL_psk_client_cb_func psk_client_callback;
+ SSL_psk_server_cb_func psk_server_callback;
# endif
SSL_CTX *ctx;
/* Verified chain of peer */
* Ensure we get sensible values passed to tlsext_status_cb in the event
* that we don't receive a status message
*/
- OPENSSL_free(s->tlsext_ocsp_resp);
- s->ext.ocsp_resp = NULL;
- s->ext.ocsp_resplen = 0;
+ OPENSSL_free(s->ext.ocsp.resp);
+ s->ext.ocsp.resp = NULL;
+ s->ext.ocsp.resp_len = 0;
}
return 1;
}
-
-static int final_status_request(SSL *s, unsigned int context, int sent,
- int *al)
-{
- if (s->server)
- return 1;
-
- /*
- * Ensure we get sensible values passed to ext.status_cb in the event
- * that we don't receive a status message
- */
- OPENSSL_free(s->ext.ocsp.resp);
- s->ext.ocsp.resp = NULL;
- s->ext.ocsp.resp_len = 0;
->>>>>>> Move extension data into sub-structs
-
- return 1;
-}
#endif
#ifndef OPENSSL_NO_NEXTPROTONEG
SSLerr(SSL_F_TLS_PROCESS_CERT_STATUS_BODY, SSL_R_LENGTH_MISMATCH);
return 0;
}
- s->tlsext_ocsp_resp = OPENSSL_malloc(resplen);
- if (s->ext.ocsp_resp == NULL) {
+ s->ext.ocsp.resp = OPENSSL_malloc(resplen);
+ if (s->ext.ocsp.resp == NULL) {
*al = SSL_AD_INTERNAL_ERROR;
SSLerr(SSL_F_TLS_PROCESS_CERT_STATUS_BODY, ERR_R_MALLOC_FAILURE);
return 0;
}
- if (!PACKET_copy_bytes(pkt, s->ext.ocsp_resp, resplen)) {
+ if (!PACKET_copy_bytes(pkt, s->ext.ocsp.resp, resplen)) {
*al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_TLS_PROCESS_CERT_STATUS_BODY, SSL_R_LENGTH_MISMATCH);
return 0;
}
- s->ext.ocsp_resplen = resplen;
+ s->ext.ocsp.resp_len = resplen;
return 1;
}
*/
int tls_construct_cert_status_body(SSL *s, WPACKET *pkt)
{
-<<<<<<< 3b72dcd5fb4d2c756a830dba1fc34f4a7ae61b73
- if (!WPACKET_put_bytes_u8(pkt, s->tlsext_status_type)
- || !WPACKET_sub_memcpy_u24(pkt, s->tlsext_ocsp_resp,
- s->tlsext_ocsp_resplen)) {
+ if (!WPACKET_put_bytes_u8(pkt, s->ext.status_type)
+ || !WPACKET_sub_memcpy_u24(pkt, s->ext.ocsp.resp,
+ s->ext.ocsp.resp_len)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CERT_STATUS_BODY, ERR_R_INTERNAL_ERROR);
return 0;
}
int tls_construct_cert_status(SSL *s, WPACKET *pkt)
{
if (!tls_construct_cert_status_body(s, pkt)) {
-=======
- if (!WPACKET_put_bytes_u8(pkt, s->ext.status_type)
- || !WPACKET_sub_memcpy_u24(pkt, s->ext.ocsp.resp,
- s->ext.ocsp.resp_len)) {
- SSLerr(SSL_F_TLS_CONSTRUCT_CERT_STATUS, ERR_R_INTERNAL_ERROR);
->>>>>>> Move extension data into sub-structs
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
return 0;
}