From 8b41df41c2bb51d6ad52d1ca54734776cf592022 Mon Sep 17 00:00:00 2001 From: Ben Laurie Date: Thu, 1 Aug 2013 11:14:23 +0100 Subject: [PATCH] Make it build. (cherry picked from commit a6a48e87bc469f37ed1c53d0e4d22faaa0a5adf3) Conflicts: ssl/s3_clnt.c ssl/t1_lib.c --- apps/s_client.c | 4 ++-- apps/s_server.c | 4 ++-- ssl/s3_clnt.c | 10 +++++----- ssl/s3_srvr.c | 28 ++++++++++++++++------------ ssl/ssltest.c | 45 +++++++++++++++++++++++++++++++-------------- ssl/t1_lib.c | 13 ------------- 6 files changed, 56 insertions(+), 48 deletions(-) diff --git a/apps/s_client.c b/apps/s_client.c index d426bb1662..eece94f859 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -2471,7 +2471,7 @@ static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type, return 1; } } - //no auth extension to send + /* no auth extension to send */ return -1; } @@ -2506,7 +2506,7 @@ static int auth_suppdata_generate_cb(SSL *s, unsigned short supp_data_type, return 1; } } - //no supplemental data to send + /* no supplemental data to send */ return -1; } diff --git a/apps/s_server.c b/apps/s_server.c index efe261908b..7ac7df81e1 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -3590,7 +3590,7 @@ static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type, return 1; } } - //no auth extension to send + /* no auth extension to send */ return -1; } @@ -3625,7 +3625,7 @@ static int auth_suppdata_generate_cb(SSL *s, unsigned short supp_data_type, return 1; } } - //no supplemental data to send + /* no supplemental data to send */ return -1; } #endif diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index e58d3d107e..98ea3ec6c2 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -3652,7 +3652,7 @@ int tls1_send_client_supplemental_data(SSL *s, int *skip) { SSLerr(SSL_F_TLS1_SEND_CLIENT_SUPPLEMENTAL_DATA,ERR_R_BUF_LIB); return 0; - } + } /* if first entry, write handshake message type */ if (length == 0) { @@ -3685,9 +3685,9 @@ int tls1_send_client_supplemental_data(SSL *s, int *skip) } if (length > 0) { - //write handshake length + /* write handshake length */ l2n3(length - 4, size_loc); - //supp_data length + /* supp_data length */ l2n3(length - 7, size_loc); s->state = SSL3_ST_CW_SUPPLEMENTAL_DATA_B; s->init_num = length; @@ -3696,7 +3696,7 @@ int tls1_send_client_supplemental_data(SSL *s, int *skip) } } - //no supp data message sent + /* no supp data message sent */ *skip = 1; s->init_num = 0; s->init_off = 0; @@ -3743,7 +3743,7 @@ int tls1_get_server_supplemental_data(SSL *s) { n2s(p, supp_data_entry_type); n2s(p, supp_data_entry_len); - //if there is a callback for this supp data type, send it + /* if there is a callback for this supp data type, send it */ for (i=0; i < s->ctx->cli_supp_data_records_count; i++) { if (s->ctx->cli_supp_data_records[i].supp_data_type == supp_data_entry_type && diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index f9da5fa391..3d6c2d6104 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -3689,12 +3689,13 @@ int tls1_send_server_supplemental_data(SSL *s, int *skip) SSLerr(SSL_F_TLS1_SEND_SERVER_SUPPLEMENTAL_DATA,ERR_R_BUF_LIB); return 0; } - //write supp data entry... - //if first entry, write handshake message type - //jump back to write length at end + /* write supp data entry... + * if first entry, write handshake message type + * jump back to write length at end */ if (length == 0) { - //1 byte message type + 3 bytes for message length + /* 1 byte message type + 3 bytes for + * message length */ if (!BUF_MEM_grow_clean(s->init_buf, 4)) { SSLerr(SSL_F_TLS1_SEND_SERVER_SUPPLEMENTAL_DATA,ERR_R_BUF_LIB); @@ -3702,13 +3703,15 @@ int tls1_send_server_supplemental_data(SSL *s, int *skip) } p = (unsigned char *)s->init_buf->data; *(p++) = SSL3_MT_SUPPLEMENTAL_DATA; - //hold on to length field to update later + /* hold on to length field to update later */ size_loc = p; - //skip over handshake length field (3 bytes) and supp_data length field (3 bytes) + /* skip over handshake length field (3 + * bytes) and supp_data length field + * (3 bytes) */ p += 3 + 3; length += 1 +3 +3; } - //2 byte supp data type + 2 byte length + outlen + /* 2 byte supp data type + 2 byte length + outlen */ if (!BUF_MEM_grow(s->init_buf, outlen + 4)) { SSLerr(SSL_F_TLS1_SEND_SERVER_SUPPLEMENTAL_DATA,ERR_R_BUF_LIB); @@ -3717,15 +3720,16 @@ int tls1_send_server_supplemental_data(SSL *s, int *skip) s2n(record->supp_data_type, p); s2n(outlen, p); memcpy(p, out, outlen); - //update length to supp data type (2 bytes) + supp data length (2 bytes) + supp data + /* update length to supp data type (2 bytes) + + * supp data length (2 bytes) + supp data */ length += (outlen + 4); p += outlen; } if (length > 0) { - //write handshake length + /* write handshake length */ l2n3(length - 4, size_loc); - //supp_data length + /* supp_data length */ l2n3(length - 7, size_loc); s->state = SSL3_ST_SW_SUPPLEMENTAL_DATA_B; s->init_num = length; @@ -3735,7 +3739,7 @@ int tls1_send_server_supplemental_data(SSL *s, int *skip) } } - //no supp data message sent + /* no supp data message sent */ *skip = 1; s->init_num = 0; s->init_off = 0; @@ -3782,7 +3786,7 @@ int tls1_get_client_supplemental_data(SSL *s) { n2s(p, supp_data_entry_type); n2s(p, supp_data_entry_len); - //if there is a callback for this supp data type, send it + /* if there is a callback for this supp data type, send it */ for (i=0; i < s->ctx->srv_supp_data_records_count; i++) { if (s->ctx->srv_supp_data_records[i].supp_data_type == supp_data_entry_type && s->ctx->srv_supp_data_records[i].fn2) diff --git a/ssl/ssltest.c b/ssl/ssltest.c index 1cba422ea9..8bffe14aae 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -1649,20 +1649,37 @@ bad: if (suppdata) { - //TEST CASES - //client and server both send and receive, verify additional arg passed back - SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_0, supp_data_0_srv_first_cb, supp_data_0_srv_second_cb, s_ssl); - SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_0, supp_data_0_cli_first_cb, supp_data_0_cli_second_cb, c_ssl); - - //-1 response from sending server/client doesn't receive, -1 response from sending client/server doesn't receive - SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_1, supp_data_1_srv_first_cb, supp_data_1_srv_second_cb, NULL); - SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_1, supp_data_1_cli_first_cb, supp_data_1_cli_second_cb, NULL); - - //null sending server/client doesn't receive, null sending client/server doesn't receive - SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_2, /*supp_data_2_srv_first_cb*/NULL, supp_data_2_srv_second_cb, NULL); - SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_2, supp_data_2_cli_first_cb, /*supp_data_2_cli_second_cb*/NULL, NULL); - - //alerts set to non-zero and zero return values not tested + /* TEST CASES */ + /* client and server both send and receive, verify + * additional arg passed back */ + SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_0, + supp_data_0_srv_first_cb, + supp_data_0_srv_second_cb, s_ssl); + SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_0, + supp_data_0_cli_first_cb, + supp_data_0_cli_second_cb, c_ssl); + + /* -1 response from sending server/client doesn't + * receive, -1 response from sending client/server + * doesn't receive */ + SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_1, + supp_data_1_srv_first_cb, + supp_data_1_srv_second_cb, NULL); + SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_1, + supp_data_1_cli_first_cb, + supp_data_1_cli_second_cb, NULL); + + /* null sending server/client doesn't receive, null + sending client/server doesn't receive */ + SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_2, + /*supp_data_2_srv_first_cb*/NULL, + supp_data_2_srv_second_cb, NULL); + SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_2, + supp_data_2_cli_first_cb, + /*supp_data_2_cli_second_cb*/NULL, + NULL); + + /* alerts set to non-zero and zero return values not tested */ } #ifndef OPENSSL_NO_KRB5 if (c_ssl && c_ssl->kssl_ctx) diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index bf96ae25c3..db9a14870c 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1089,19 +1089,6 @@ void ssl_set_client_disabled(SSL *s) c->valid = 1; } -/* byte_compare is a compare function for qsort(3) that compares bytes. */ -static int byte_compare(const void *in_a, const void *in_b) - { - unsigned char a = *((const unsigned char*) in_a); - unsigned char b = *((const unsigned char*) in_b); - - if (a > b) - return 1; - else if (a < b) - return -1; - return 0; -} - unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit, int *al) { int extdatalen=0; -- 2.25.1