New function SSL_extension_supported().

Reviewed-by: Emilia Käsper <emilia@openssl.org>

diff --git a/ssl/ssl.h b/ssl/ssl.h
index 2a0d9283c0c4397d8c21f7c1e9f61bc528545b71..f363e8f3bcedb74b92ac38421e11057acdcd55bf 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1264,6 +1264,9 @@ int SSL_CTX_set_custom_srv_ext(SSL_CTX *ctx, unsigned int ext_type,
                               custom_ext_free_cb free_cb,
                                void *add_arg,
                               custom_ext_parse_cb parse_cb, void *parse_arg);
+
+int SSL_extension_supported(unsigned int ext_type);
+
 #endif
 
 #define SSL_NOTHING    1

diff --git a/ssl/t1_ext.c b/ssl/t1_ext.c
index 115e4345eaae54e7e1ae7380653972f6acacad69..0cca8d55069688f397a8e13f0720bfe76f6e1d1a 100644 (file)
--- a/ssl/t1_ext.c
+++ b/ssl/t1_ext.c
@@ -218,30 +218,9 @@ static int custom_ext_set(custom_ext_methods *exts,
                        custom_ext_parse_cb parse_cb, void *parse_arg)
        {
        custom_ext_method *meth;
-       /* See if it is a supported internally */
-       switch(ext_type)
-               {
-       case TLSEXT_TYPE_application_layer_protocol_negotiation:
-       case TLSEXT_TYPE_ec_point_formats:
-       case TLSEXT_TYPE_elliptic_curves:
-       case TLSEXT_TYPE_heartbeat:
-       case TLSEXT_TYPE_next_proto_neg:
-       case TLSEXT_TYPE_padding:
-       case TLSEXT_TYPE_renegotiate:
-       case TLSEXT_TYPE_server_name:
-       case TLSEXT_TYPE_session_ticket:
-       case TLSEXT_TYPE_signature_algorithms:
-       case TLSEXT_TYPE_srp:
-       case TLSEXT_TYPE_status_request:
-       case TLSEXT_TYPE_use_srtp:
-#ifdef TLSEXT_TYPE_opaque_prf_input
-       case TLSEXT_TYPE_opaque_prf_input:
-#endif
-#ifdef TLSEXT_TYPE_encrypt_then_mac
-       case TLSEXT_TYPE_encrypt_then_mac:
-#endif
+       /* Don't add if extension supported internall */
+       if (SSL_extension_supported(ext_type))
                return 0;
-               }
        /* Extension type must fit in 16 bits */
        if (ext_type > 0xffff)
                return 0;
@@ -293,4 +272,34 @@ int SSL_CTX_set_custom_srv_ext(SSL_CTX *ctx, unsigned int ext_type,
                                add_cb, free_cb, add_arg,
                                parse_cb, parse_arg);
        }
+
+int SSL_extension_supported(unsigned int ext_type)
+       {
+       /* See if it is a supported internally */
+       switch(ext_type)
+               {
+       case TLSEXT_TYPE_application_layer_protocol_negotiation:
+       case TLSEXT_TYPE_ec_point_formats:
+       case TLSEXT_TYPE_elliptic_curves:
+       case TLSEXT_TYPE_heartbeat:
+       case TLSEXT_TYPE_next_proto_neg:
+       case TLSEXT_TYPE_padding:
+       case TLSEXT_TYPE_renegotiate:
+       case TLSEXT_TYPE_server_name:
+       case TLSEXT_TYPE_session_ticket:
+       case TLSEXT_TYPE_signature_algorithms:
+       case TLSEXT_TYPE_srp:
+       case TLSEXT_TYPE_status_request:
+       case TLSEXT_TYPE_use_srtp:
+#ifdef TLSEXT_TYPE_opaque_prf_input
+       case TLSEXT_TYPE_opaque_prf_input:
+#endif
+#ifdef TLSEXT_TYPE_encrypt_then_mac
+       case TLSEXT_TYPE_encrypt_then_mac:
+#endif
+               return 1;
+       default:
+               return 0;
+               }
+       }
 #endif