summaryrefslogtreecommitdiff
path: root/lib/libssl
diff options
context:
space:
mode:
authorBob Beck <beck@cvs.openbsd.org>2019-01-24 01:50:42 +0000
committerBob Beck <beck@cvs.openbsd.org>2019-01-24 01:50:42 +0000
commita4c7f176fee410a20dcfe8fea6b48bee7a98620d (patch)
treeaebf5aa6ebef5451a9a36ce23df4c7c10719359d /lib/libssl
parentf94cd2224f1a38bf2c4bb8c589e518f21710debc (diff)
move the extensions_seen into the handshake struct
ok jsing@
Diffstat (limited to 'lib/libssl')
-rw-r--r--lib/libssl/s3_lib.c4
-rw-r--r--lib/libssl/ssl_locl.h5
-rw-r--r--lib/libssl/ssl_tlsext.c9
3 files changed, 12 insertions, 6 deletions
diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c
index 496bf7394c4..36142f04152 100644
--- a/lib/libssl/s3_lib.c
+++ b/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.180 2019/01/23 18:24:40 beck Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.181 2019/01/24 01:50:41 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -1606,6 +1606,8 @@ ssl3_clear(SSL *s)
freezero(S3I(s)->hs_tls13.x25519_public, X25519_KEY_LENGTH);
freezero(S3I(s)->hs_tls13.x25519_peer_public, X25519_KEY_LENGTH);
+ S3I(s)->hs.extensions_seen = 0;
+
rp = S3I(s)->rbuf.buf;
wp = S3I(s)->wbuf.buf;
rlen = S3I(s)->rbuf.len;
diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h
index 8447484ec7a..5d560f59351 100644
--- a/lib/libssl/ssl_locl.h
+++ b/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.231 2019/01/23 18:39:28 beck Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.232 2019/01/24 01:50:41 beck Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -429,6 +429,9 @@ typedef struct ssl_handshake_st {
/* key_block is the record-layer key block for TLS 1.2 and earlier. */
int key_block_len;
unsigned char *key_block;
+
+ /* Extensions seen in this handshake. */
+ uint32_t extensions_seen;
} SSL_HANDSHAKE;
typedef struct ssl_handshake_tls13_st {
diff --git a/lib/libssl/ssl_tlsext.c b/lib/libssl/ssl_tlsext.c
index 2214a61ed3d..35c764f646e 100644
--- a/lib/libssl/ssl_tlsext.c
+++ b/lib/libssl/ssl_tlsext.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_tlsext.c,v 1.34 2019/01/23 18:39:28 beck Exp $ */
+/* $OpenBSD: ssl_tlsext.c,v 1.35 2019/01/24 01:50:41 beck Exp $ */
/*
* Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org>
* Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -1675,11 +1675,12 @@ tlsext_parse(SSL *s, CBS *cbs, int *alert, int is_server, uint16_t msg_type)
struct tls_extension_funcs *ext;
struct tls_extension *tlsext;
CBS extensions, extension_data;
- uint32_t extensions_seen = 0;
uint16_t type;
size_t idx;
uint16_t version;
+ S3I(s)->hs.extensions_seen = 0;
+
if (is_server)
version = s->version;
else
@@ -1718,9 +1719,9 @@ tlsext_parse(SSL *s, CBS *cbs, int *alert, int is_server, uint16_t msg_type)
}
/* Check for duplicate known extensions. */
- if ((extensions_seen & (1 << idx)) != 0)
+ if ((S3I(s)->hs.extensions_seen & (1 << idx)) != 0)
return 0;
- extensions_seen |= (1 << idx);
+ S3I(s)->hs.extensions_seen |= (1 << idx);
ext = tlsext_funcs(tlsext, is_server);
if (!ext->parse(s, &extension_data, alert))