diff options
author | Bob Beck <beck@cvs.openbsd.org> | 2019-01-24 01:50:42 +0000 |
---|---|---|
committer | Bob Beck <beck@cvs.openbsd.org> | 2019-01-24 01:50:42 +0000 |
commit | a4c7f176fee410a20dcfe8fea6b48bee7a98620d (patch) | |
tree | aebf5aa6ebef5451a9a36ce23df4c7c10719359d /lib/libssl | |
parent | f94cd2224f1a38bf2c4bb8c589e518f21710debc (diff) |
move the extensions_seen into the handshake struct
ok jsing@
Diffstat (limited to 'lib/libssl')
-rw-r--r-- | lib/libssl/s3_lib.c | 4 | ||||
-rw-r--r-- | lib/libssl/ssl_locl.h | 5 | ||||
-rw-r--r-- | lib/libssl/ssl_tlsext.c | 9 |
3 files changed, 12 insertions, 6 deletions
diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index 496bf7394c4..36142f04152 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.180 2019/01/23 18:24:40 beck Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.181 2019/01/24 01:50:41 beck Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1606,6 +1606,8 @@ ssl3_clear(SSL *s) freezero(S3I(s)->hs_tls13.x25519_public, X25519_KEY_LENGTH); freezero(S3I(s)->hs_tls13.x25519_peer_public, X25519_KEY_LENGTH); + S3I(s)->hs.extensions_seen = 0; + rp = S3I(s)->rbuf.buf; wp = S3I(s)->wbuf.buf; rlen = S3I(s)->rbuf.len; diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h index 8447484ec7a..5d560f59351 100644 --- a/lib/libssl/ssl_locl.h +++ b/lib/libssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.231 2019/01/23 18:39:28 beck Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.232 2019/01/24 01:50:41 beck Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -429,6 +429,9 @@ typedef struct ssl_handshake_st { /* key_block is the record-layer key block for TLS 1.2 and earlier. */ int key_block_len; unsigned char *key_block; + + /* Extensions seen in this handshake. */ + uint32_t extensions_seen; } SSL_HANDSHAKE; typedef struct ssl_handshake_tls13_st { diff --git a/lib/libssl/ssl_tlsext.c b/lib/libssl/ssl_tlsext.c index 2214a61ed3d..35c764f646e 100644 --- a/lib/libssl/ssl_tlsext.c +++ b/lib/libssl/ssl_tlsext.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_tlsext.c,v 1.34 2019/01/23 18:39:28 beck Exp $ */ +/* $OpenBSD: ssl_tlsext.c,v 1.35 2019/01/24 01:50:41 beck Exp $ */ /* * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> @@ -1675,11 +1675,12 @@ tlsext_parse(SSL *s, CBS *cbs, int *alert, int is_server, uint16_t msg_type) struct tls_extension_funcs *ext; struct tls_extension *tlsext; CBS extensions, extension_data; - uint32_t extensions_seen = 0; uint16_t type; size_t idx; uint16_t version; + S3I(s)->hs.extensions_seen = 0; + if (is_server) version = s->version; else @@ -1718,9 +1719,9 @@ tlsext_parse(SSL *s, CBS *cbs, int *alert, int is_server, uint16_t msg_type) } /* Check for duplicate known extensions. */ - if ((extensions_seen & (1 << idx)) != 0) + if ((S3I(s)->hs.extensions_seen & (1 << idx)) != 0) return 0; - extensions_seen |= (1 << idx); + S3I(s)->hs.extensions_seen |= (1 << idx); ext = tlsext_funcs(tlsext, is_server); if (!ext->parse(s, &extension_data, alert)) |