From 30aeba432c99d2642bec89505fb9922518979214 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 1 Dec 2016 15:00:37 +0000 Subject: [PATCH] Extend tls_construct_extensions() to enable passing of a certificate The Certificate message in TLS1.3 has an extensions block for each Certificate. Therefore we need to extend tls_construct_extensions() to pass in the certificate we are working on. We also pass in the position in the chain (with 0 being the first certificate). Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2020) --- ssl/statem/extensions.c | 20 ++++---- ssl/statem/extensions_clnt.c | 48 +++++++++++-------- ssl/statem/extensions_srvr.c | 35 ++++++++------ ssl/statem/statem_clnt.c | 2 +- ssl/statem/statem_locl.h | 89 ++++++++++++++++++++++++------------ ssl/statem/statem_srvr.c | 6 ++- 6 files changed, 127 insertions(+), 73 deletions(-) diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index 8ccb76f09b..2dee62e9d5 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -60,9 +60,10 @@ typedef struct extensions_definition_st { /* Parse extension send from server to client */ int (*parse_stoc)(SSL *s, PACKET *pkt, int *al); /* Construct extension sent from server to client */ - int (*construct_stoc)(SSL *s, WPACKET *pkt, int *al); + int (*construct_stoc)(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al); /* Construct extension sent from client to server */ - int (*construct_ctos)(SSL *s, WPACKET *pkt, int *al); + int (*construct_ctos)(SSL *s, WPACKET *pkt, X509 *x, size_t chain, int *al); /* * Finalise extension after parsing. Always called where an extensions was * initialised even if the extension was not present. |sent| is set to 1 if @@ -545,12 +546,15 @@ int tls_parse_all_extensions(SSL *s, int context, RAW_EXTENSION *exts, int *al) /* * Construct all the extensions relevant to the current |context| and write - * them to |pkt|. Returns 1 on success or 0 on failure. If a failure occurs then - * |al| is populated with a suitable alert code. On a failure construction stops - * at the first extension to fail to construct. + * them to |pkt|. If this is an extension for a Certificate in a Certificate + * message, then |x| will be set to the Certificate we are handling, and |chain| + * will indicate the position in the chain we are processing (with 0 being the + * first in the chain). Returns 1 on success or 0 on failure. If a failure + * occurs then |al| is populated with a suitable alert code. On a failure + * construction stops at the first extension to fail to construct. */ int tls_construct_extensions(SSL *s, WPACKET *pkt, unsigned int context, - int *al) + X509 *x, size_t chain, int *al) { size_t i; int addcustom = 0, min_version, max_version = 0, reason, tmpal; @@ -605,7 +609,7 @@ int tls_construct_extensions(SSL *s, WPACKET *pkt, unsigned int context, } for (i = 0, thisexd = ext_defs; i < OSSL_NELEM(ext_defs); i++, thisexd++) { - int (*construct)(SSL *s, WPACKET *pkt, int *al); + int (*construct)(SSL *s, WPACKET *pkt, X509 *x, size_t chain, int *al); /* Skip if not relevant for our context */ if ((thisexd->context & context) == 0) @@ -632,7 +636,7 @@ int tls_construct_extensions(SSL *s, WPACKET *pkt, unsigned int context, || construct == NULL) continue; - if (!construct(s, pkt, &tmpal)) + if (!construct(s, pkt, x, chain, &tmpal)) goto err; } diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c index f291e5ff15..713999f190 100644 --- a/ssl/statem/extensions_clnt.c +++ b/ssl/statem/extensions_clnt.c @@ -12,7 +12,8 @@ #include "../ssl_locl.h" #include "statem_locl.h" -int tls_construct_ctos_renegotiate(SSL *s, WPACKET *pkt, int *al) +int tls_construct_ctos_renegotiate(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al) { /* Add RI if renegotiating */ if (!s->renegotiate) @@ -30,7 +31,8 @@ int tls_construct_ctos_renegotiate(SSL *s, WPACKET *pkt, int *al) return 1; } -int tls_construct_ctos_server_name(SSL *s, WPACKET *pkt, int *al) +int tls_construct_ctos_server_name(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al) { if (s->tlsext_hostname == NULL) return 1; @@ -54,7 +56,7 @@ int tls_construct_ctos_server_name(SSL *s, WPACKET *pkt, int *al) } #ifndef OPENSSL_NO_SRP -int tls_construct_ctos_srp(SSL *s, WPACKET *pkt, int *al) +int tls_construct_ctos_srp(SSL *s, WPACKET *pkt, X509 *x, size_t chain, int *al) { /* Add SRP username if there is one */ if (s->srp_ctx.login == NULL) @@ -105,7 +107,8 @@ static int use_ecc(SSL *s) return i < end; } -int tls_construct_ctos_ec_pt_formats(SSL *s, WPACKET *pkt, int *al) +int tls_construct_ctos_ec_pt_formats(SSL *s, WPACKET *pkt, X509 *x, + size_t chain, int *al) { const unsigned char *pformats; size_t num_formats; @@ -128,8 +131,8 @@ int tls_construct_ctos_ec_pt_formats(SSL *s, WPACKET *pkt, int *al) return 1; } - -int tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt, int *al) +int tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt, X509 *x, + size_t chain, int *al) { const unsigned char *pcurves = NULL, *pcurvestmp; size_t num_curves = 0, i; @@ -178,7 +181,8 @@ int tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt, int *al) } #endif -int tls_construct_ctos_session_ticket(SSL *s, WPACKET *pkt, int *al) +int tls_construct_ctos_session_ticket(SSL *s, WPACKET *pkt, X509 *x, + size_t chain, int *al) { size_t ticklen; @@ -217,7 +221,8 @@ int tls_construct_ctos_session_ticket(SSL *s, WPACKET *pkt, int *al) return 1; } -int tls_construct_ctos_sig_algs(SSL *s, WPACKET *pkt, int *al) +int tls_construct_ctos_sig_algs(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al) { size_t salglen; const unsigned char *salg; @@ -242,7 +247,8 @@ int tls_construct_ctos_sig_algs(SSL *s, WPACKET *pkt, int *al) } #ifndef OPENSSL_NO_OCSP -int tls_construct_ctos_status_request(SSL *s, WPACKET *pkt, int *al) +int tls_construct_ctos_status_request(SSL *s, WPACKET *pkt, X509 *x, + size_t chain, int *al) { int i; @@ -304,7 +310,7 @@ int tls_construct_ctos_status_request(SSL *s, WPACKET *pkt, int *al) #endif #ifndef OPENSSL_NO_NEXTPROTONEG -int tls_construct_ctos_npn(SSL *s, WPACKET *pkt, int *al) +int tls_construct_ctos_npn(SSL *s, WPACKET *pkt, X509 *x, size_t chain, int *al) { if (s->ctx->next_proto_select_cb == NULL || s->s3->tmp.finish_md_len != 0) return 1; @@ -323,7 +329,8 @@ int tls_construct_ctos_npn(SSL *s, WPACKET *pkt, int *al) } #endif -int tls_construct_ctos_alpn(SSL *s, WPACKET *pkt, int *al) +int tls_construct_ctos_alpn(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al) { s->s3->alpn_sent = 0; @@ -351,7 +358,8 @@ int tls_construct_ctos_alpn(SSL *s, WPACKET *pkt, int *al) #ifndef OPENSSL_NO_SRTP -int tls_construct_ctos_use_srtp(SSL *s, WPACKET *pkt, int *al) +int tls_construct_ctos_use_srtp(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al) { STACK_OF(SRTP_PROTECTION_PROFILE) *clnt = SSL_get_srtp_profiles(s); int i, end; @@ -390,7 +398,7 @@ int tls_construct_ctos_use_srtp(SSL *s, WPACKET *pkt, int *al) } #endif -int tls_construct_ctos_etm(SSL *s, WPACKET *pkt, int *al) +int tls_construct_ctos_etm(SSL *s, WPACKET *pkt, X509 *x, size_t chain, int *al) { if (s->options & SSL_OP_NO_ENCRYPT_THEN_MAC) return 1; @@ -405,7 +413,7 @@ int tls_construct_ctos_etm(SSL *s, WPACKET *pkt, int *al) } #ifndef OPENSSL_NO_CT -int tls_construct_ctos_sct(SSL *s, WPACKET *pkt, int *al) +int tls_construct_ctos_sct(SSL *s, WPACKET *pkt, X509 *x, size_t chain, int *al) { if (s->ct_validation_callback == NULL) return 1; @@ -420,7 +428,7 @@ int tls_construct_ctos_sct(SSL *s, WPACKET *pkt, int *al) } #endif -int tls_construct_ctos_ems(SSL *s, WPACKET *pkt, int *al) +int tls_construct_ctos_ems(SSL *s, WPACKET *pkt, X509 *x, size_t chain, int *al) { if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_extended_master_secret) || !WPACKET_put_bytes_u16(pkt, 0)) { @@ -431,7 +439,8 @@ int tls_construct_ctos_ems(SSL *s, WPACKET *pkt, int *al) return 1; } -int tls_construct_ctos_supported_versions(SSL *s, WPACKET *pkt, int *al) +int tls_construct_ctos_supported_versions(SSL *s, WPACKET *pkt, X509 *x, + size_t chain, int *al) { int currv, min_version, max_version, reason; @@ -477,8 +486,8 @@ int tls_construct_ctos_supported_versions(SSL *s, WPACKET *pkt, int *al) return 1; } - -int tls_construct_ctos_key_share(SSL *s, WPACKET *pkt, int *al) +int tls_construct_ctos_key_share(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al) { #ifndef OPENSSL_NO_TLS1_3 size_t i, sharessent = 0, num_curves = 0; @@ -568,7 +577,8 @@ int tls_construct_ctos_key_share(SSL *s, WPACKET *pkt, int *al) #define F5_WORKAROUND_MIN_MSG_LEN 0xff #define F5_WORKAROUND_MAX_MSG_LEN 0x200 -int tls_construct_ctos_padding(SSL *s, WPACKET *pkt, int *al) +int tls_construct_ctos_padding(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al) { unsigned char *padbytes; size_t hlen; diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index 74db91d291..7f0b80c039 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -656,7 +656,8 @@ int tls_parse_ctos_ems(SSL *s, PACKET *pkt, int *al) /* * Add the server's renegotiation binding */ -int tls_construct_stoc_renegotiate(SSL *s, WPACKET *pkt, int *al) +int tls_construct_stoc_renegotiate(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al) { if (!s->s3->send_connection_binding) return 1; @@ -677,7 +678,8 @@ int tls_construct_stoc_renegotiate(SSL *s, WPACKET *pkt, int *al) return 1; } -int tls_construct_stoc_server_name(SSL *s, WPACKET *pkt, int *al) +int tls_construct_stoc_server_name(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al) { if (s->hit || s->servername_done != 1 || s->session->tlsext_hostname == NULL) @@ -693,7 +695,8 @@ int tls_construct_stoc_server_name(SSL *s, WPACKET *pkt, int *al) } #ifndef OPENSSL_NO_EC -int tls_construct_stoc_ec_pt_formats(SSL *s, WPACKET *pkt, int *al) +int tls_construct_stoc_ec_pt_formats(SSL *s, WPACKET *pkt, X509 *x, + size_t chain, int *al) { unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey; unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth; @@ -718,7 +721,8 @@ int tls_construct_stoc_ec_pt_formats(SSL *s, WPACKET *pkt, int *al) } #endif -int tls_construct_stoc_session_ticket(SSL *s, WPACKET *pkt, int *al) +int tls_construct_stoc_session_ticket(SSL *s, WPACKET *pkt, X509 *x, + size_t chain, int *al) { if (!s->tlsext_ticket_expected || !tls_use_ticket(s)) { s->tlsext_ticket_expected = 0; @@ -735,7 +739,8 @@ int tls_construct_stoc_session_ticket(SSL *s, WPACKET *pkt, int *al) } #ifndef OPENSSL_NO_OCSP -int tls_construct_stoc_status_request(SSL *s, WPACKET *pkt, int *al) +int tls_construct_stoc_status_request(SSL *s, WPACKET *pkt, X509 *x, + size_t chain, int *al) { if (!s->tlsext_status_expected) return 1; @@ -750,9 +755,9 @@ int tls_construct_stoc_status_request(SSL *s, WPACKET *pkt, int *al) } #endif - #ifndef OPENSSL_NO_NEXTPROTONEG -int tls_construct_stoc_next_proto_neg(SSL *s, WPACKET *pkt, int *al) +int tls_construct_stoc_next_proto_neg(SSL *s, WPACKET *pkt, X509 *x, + size_t chain, int *al) { const unsigned char *npa; unsigned int npalen; @@ -779,7 +784,8 @@ int tls_construct_stoc_next_proto_neg(SSL *s, WPACKET *pkt, int *al) } #endif -int tls_construct_stoc_alpn(SSL *s, WPACKET *pkt, int *al) +int tls_construct_stoc_alpn(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al) { if (s->s3->alpn_selected == NULL) return 1; @@ -800,7 +806,8 @@ int tls_construct_stoc_alpn(SSL *s, WPACKET *pkt, int *al) } #ifndef OPENSSL_NO_SRTP -int tls_construct_stoc_use_srtp(SSL *s, WPACKET *pkt, int *al) +int tls_construct_stoc_use_srtp(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al) { if (s->srtp_profile == NULL) return 1; @@ -819,7 +826,7 @@ int tls_construct_stoc_use_srtp(SSL *s, WPACKET *pkt, int *al) } #endif -int tls_construct_stoc_etm(SSL *s, WPACKET *pkt, int *al) +int tls_construct_stoc_etm(SSL *s, WPACKET *pkt, X509 *x, size_t chain, int *al) { if ((s->s3->flags & TLS1_FLAGS_ENCRYPT_THEN_MAC) == 0) return 1; @@ -845,7 +852,7 @@ int tls_construct_stoc_etm(SSL *s, WPACKET *pkt, int *al) return 1; } -int tls_construct_stoc_ems(SSL *s, WPACKET *pkt, int *al) +int tls_construct_stoc_ems(SSL *s, WPACKET *pkt, X509 *x, size_t chain, int *al) { if ((s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS) == 0) return 1; @@ -859,7 +866,8 @@ int tls_construct_stoc_ems(SSL *s, WPACKET *pkt, int *al) return 1; } -int tls_construct_stoc_key_share(SSL *s, WPACKET *pkt, int *al) +int tls_construct_stoc_key_share(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al) { #ifndef OPENSSL_NO_TLS1_3 unsigned char *encodedPoint; @@ -915,7 +923,8 @@ int tls_construct_stoc_key_share(SSL *s, WPACKET *pkt, int *al) return 1; } -int tls_construct_stoc_cryptopro_bug(SSL *s, WPACKET *pkt, int *al) +int tls_construct_stoc_cryptopro_bug(SSL *s, WPACKET *pkt, X509 *x, + size_t chain, int *al) { const unsigned char cryptopro_ext[36] = { 0xfd, 0xe8, /* 65000 */ diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index a80d670cbb..3d9fe79335 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -1011,7 +1011,7 @@ int tls_construct_client_hello(SSL *s, WPACKET *pkt) } /* TLS extensions */ - if (!tls_construct_extensions(s, pkt, EXT_CLIENT_HELLO, &al)) { + if (!tls_construct_extensions(s, pkt, EXT_CLIENT_HELLO, NULL, 0, &al)) { ssl3_send_alert(s, SSL3_AL_FATAL, al); SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); return 0; diff --git a/ssl/statem/statem_locl.h b/ssl/statem/statem_locl.h index 94e64b577b..7e34aade12 100644 --- a/ssl/statem/statem_locl.h +++ b/ssl/statem/statem_locl.h @@ -160,7 +160,7 @@ __owur int tls_parse_extension(SSL *s, TLSEXT_INDEX idx, int context, __owur int tls_parse_all_extensions(SSL *s, int context, RAW_EXTENSION *exts, int *al); __owur int tls_construct_extensions(SSL *s, WPACKET *pkt, unsigned int context, - int *al); + X509 *x, size_t chain, int *al); /* Server Extension processing */ int tls_parse_ctos_renegotiate(SSL *s, PACKET *pkt, int *al); @@ -188,62 +188,91 @@ int tls_parse_ctos_etm(SSL *s, PACKET *pkt, int *al); int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, int *al); int tls_parse_ctos_ems(SSL *s, PACKET *pkt, int *al); -int tls_construct_stoc_renegotiate(SSL *s, WPACKET *pkt, int *al); -int tls_construct_stoc_server_name(SSL *s, WPACKET *pkt, int *al); +int tls_construct_stoc_renegotiate(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al); +int tls_construct_stoc_server_name(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al); #ifndef OPENSSL_NO_EC -int tls_construct_stoc_ec_pt_formats(SSL *s, WPACKET *pkt, int *al); +int tls_construct_stoc_ec_pt_formats(SSL *s, WPACKET *pkt, X509 *x, + size_t chain, int *al); #endif -int tls_construct_stoc_session_ticket(SSL *s, WPACKET *pkt, int *al); +int tls_construct_stoc_session_ticket(SSL *s, WPACKET *pkt, X509 *x, + size_t chain, int *al); #ifndef OPENSSL_NO_OCSP -int tls_construct_stoc_status_request(SSL *s, WPACKET *pkt, int *al); +int tls_construct_stoc_status_request(SSL *s, WPACKET *pkt, X509 *x, + size_t chain, int *al); #endif #ifndef OPENSSL_NO_NEXTPROTONEG -int tls_construct_stoc_next_proto_neg(SSL *s, WPACKET *pkt, int *al); +int tls_construct_stoc_next_proto_neg(SSL *s, WPACKET *pkt, X509 *x, + size_t chain, int *al); #endif -int tls_construct_stoc_alpn(SSL *s, WPACKET *pkt, int *al); +int tls_construct_stoc_alpn(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al); #ifndef OPENSSL_NO_SRTP -int tls_construct_stoc_use_srtp(SSL *s, WPACKET *pkt, int *al); +int tls_construct_stoc_use_srtp(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al); #endif -int tls_construct_stoc_etm(SSL *s, WPACKET *pkt, int *al); -int tls_construct_stoc_ems(SSL *s, WPACKET *pkt, int *al); -int tls_construct_stoc_key_share(SSL *s, WPACKET *pkt, int *al); +int tls_construct_stoc_etm(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al); +int tls_construct_stoc_ems(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al); +int tls_construct_stoc_key_share(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al); /* * Not in public headers as this is not an official extension. Only used when * SSL_OP_CRYPTOPRO_TLSEXT_BUG is set. */ #define TLSEXT_TYPE_cryptopro_bug 0xfde8 -int tls_construct_stoc_cryptopro_bug(SSL *s, WPACKET *pkt, int *al); +int tls_construct_stoc_cryptopro_bug(SSL *s, WPACKET *pkt, X509 *x, + size_t chain, int *al); /* Client Extension processing */ -int tls_construct_ctos_renegotiate(SSL *s, WPACKET *pkt, int *al); -int tls_construct_ctos_server_name(SSL *s, WPACKET *pkt, int *al); +int tls_construct_ctos_renegotiate(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al); +int tls_construct_ctos_server_name(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al); #ifndef OPENSSL_NO_SRP -int tls_construct_ctos_srp(SSL *s, WPACKET *pkt, int *al); +int tls_construct_ctos_srp(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al); #endif #ifndef OPENSSL_NO_EC -int tls_construct_ctos_ec_pt_formats(SSL *s, WPACKET *pkt, int *al); -int tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt, int *al); +int tls_construct_ctos_ec_pt_formats(SSL *s, WPACKET *pkt, X509 *x, + size_t chain, int *al); +int tls_construct_ctos_supported_groups(SSL *s, WPACKET *pkt, X509 *x, + size_t chain, int *al); #endif -int tls_construct_ctos_session_ticket(SSL *s, WPACKET *pkt, int *al); -int tls_construct_ctos_sig_algs(SSL *s, WPACKET *pkt, int *al); +int tls_construct_ctos_session_ticket(SSL *s, WPACKET *pkt, X509 *x, + size_t chain, int *al); +int tls_construct_ctos_sig_algs(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al); #ifndef OPENSSL_NO_OCSP -int tls_construct_ctos_status_request(SSL *s, WPACKET *pkt, int *al); +int tls_construct_ctos_status_request(SSL *s, WPACKET *pkt, X509 *x, + size_t chain, int *al); #endif #ifndef OPENSSL_NO_NEXTPROTONEG -int tls_construct_ctos_npn(SSL *s, WPACKET *pkt, int *al); +int tls_construct_ctos_npn(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al); #endif -int tls_construct_ctos_alpn(SSL *s, WPACKET *pkt, int *al); +int tls_construct_ctos_alpn(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al); #ifndef OPENSSL_NO_SRTP -int tls_construct_ctos_use_srtp(SSL *s, WPACKET *pkt, int *al); +int tls_construct_ctos_use_srtp(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al); #endif -int tls_construct_ctos_etm(SSL *s, WPACKET *pkt, int *al); +int tls_construct_ctos_etm(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al); #ifndef OPENSSL_NO_CT -int tls_construct_ctos_sct(SSL *s, WPACKET *pkt, int *al); +int tls_construct_ctos_sct(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al); #endif -int tls_construct_ctos_ems(SSL *s, WPACKET *pkt, int *al); -int tls_construct_ctos_supported_versions(SSL *s, WPACKET *pkt, int *al); -int tls_construct_ctos_key_share(SSL *s, WPACKET *pkt, int *al); -int tls_construct_ctos_padding(SSL *s, WPACKET *pkt, int *al); +int tls_construct_ctos_ems(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al); +int tls_construct_ctos_supported_versions(SSL *s, WPACKET *pkt, X509 *x, + size_t chain, int *al); +int tls_construct_ctos_key_share(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al); +int tls_construct_ctos_padding(SSL *s, WPACKET *pkt, X509 *x, size_t chain, + int *al); int tls_parse_stoc_renegotiate(SSL *s, PACKET *pkt, int *al); int tls_parse_stoc_server_name(SSL *s, PACKET *pkt, int *al); #ifndef OPENSSL_NO_EC diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 56f3998703..d21628f287 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -1912,7 +1912,8 @@ int tls_construct_server_hello(SSL *s, WPACKET *pkt) || !tls_construct_extensions(s, pkt, SSL_IS_TLS13(s) ? EXT_TLS1_3_SERVER_HELLO - : EXT_TLS1_2_SERVER_HELLO, &al)) { + : EXT_TLS1_2_SERVER_HELLO, + NULL, 0, &al)) { SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_HELLO, ERR_R_INTERNAL_ERROR); goto err; } @@ -3497,7 +3498,8 @@ static int tls_construct_encrypted_extensions(SSL *s, WPACKET *pkt) * message. */ if (!tls_construct_extensions(s, pkt, EXT_TLS1_3_ENCRYPTED_EXTENSIONS - | EXT_TLS1_3_CERTIFICATE, &al)) { + | EXT_TLS1_3_CERTIFICATE, + NULL, 0, &al)) { ssl3_send_alert(s, SSL3_AL_FATAL, al); SSLerr(SSL_F_TLS_CONSTRUCT_ENCRYPTED_EXTENSIONS, ERR_R_INTERNAL_ERROR); ssl3_send_alert(s, SSL3_AL_FATAL, al); -- 2.25.1