Add custom extension sanity checks.
authorDr. Stephen Henson <steve@openssl.org>
Tue, 12 Aug 2014 13:25:49 +0000 (14:25 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Thu, 28 Aug 2014 16:06:52 +0000 (17:06 +0100)
commit28ea0a0c6a5e4e217c405340fa22a8503c7a17db
tree4ea1ae8b8c4bf685622d2f2627b15f43f8c15b50
parentecf4d660902dcef6e0afc51d52926f00d409ee6b
Add custom extension sanity checks.

Reject attempts to use extensions handled internally.

Add flags to each extension structure to indicate if an extension
has been sent or received. Enforce RFC5246 compliance by rejecting
duplicate extensions and unsolicited extensions and only send a
server extension if we have sent the corresponding client extension.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
ssl/ssl.h
ssl/ssl_locl.h
ssl/t1_ext.c
ssl/t1_lib.c