diff options
| author | jsing <> | 2019-01-18 00:54:42 +0000 |
|---|---|---|
| committer | jsing <> | 2019-01-18 00:54:42 +0000 |
| commit | 66af95e693522ba3868191014eaca1fa0a95176d (patch) | |
| tree | bcaae6c0e0f49e2bff1aa790059cf07ac8b504e5 /src/lib/libssl/ssl_clnt.c | |
| parent | 154e80a0b5a0c3c4a9d3390a220e96f0f8c36aab (diff) | |
| download | openbsd-66af95e693522ba3868191014eaca1fa0a95176d.tar.gz openbsd-66af95e693522ba3868191014eaca1fa0a95176d.tar.bz2 openbsd-66af95e693522ba3868191014eaca1fa0a95176d.zip | |
Rename TLS extension handling to use less "hello".
When the TLS extension code was rewritten, TLS extensions could only exist
in ClientHello and ServerHello messages - as such, they were named in pairs
of *_clienthello_{needs,build} which would be called by the client and
*_clienthello_parse. Likewise for *_serverhello_{needs,build} which would
be called by a server and *_serverhello_parse, which would be called by a
client.
Enter TLSv1.3 - TLS extensions can now exist in one of seven messages,
with only certain types being allowed to appear in each, meaning the naming
scheme no longer works. Instead, rename them to indicate the caller rather
than the message type - this effectively means:
clienthello_needs -> client_needs
clienthello_build -> client_build
clienthello_parse -> server_parse
serverhello_needs -> server_needs
serverhello_build -> server_build
serverhello_parse -> client_parse
ok beck@ tb@
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/ssl_clnt.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index 60983fc6fd..acc48389c0 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_clnt.c,v 1.51 2018/11/29 06:21:09 tb Exp $ */ | 1 | /* $OpenBSD: ssl_clnt.c,v 1.52 2019/01/18 00:54:42 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -775,7 +775,7 @@ ssl3_send_client_hello(SSL *s) | |||
| 775 | goto err; | 775 | goto err; |
| 776 | 776 | ||
| 777 | /* TLS extensions */ | 777 | /* TLS extensions */ |
| 778 | if (!tlsext_clienthello_build(s, &client_hello)) { | 778 | if (!tlsext_client_build(s, &client_hello, SSL_TLSEXT_MSG_CH)) { |
| 779 | SSLerror(s, ERR_R_INTERNAL_ERROR); | 779 | SSLerror(s, ERR_R_INTERNAL_ERROR); |
| 780 | goto err; | 780 | goto err; |
| 781 | } | 781 | } |
| @@ -999,7 +999,7 @@ ssl3_get_server_hello(SSL *s) | |||
| 999 | goto f_err; | 999 | goto f_err; |
| 1000 | } | 1000 | } |
| 1001 | 1001 | ||
| 1002 | if (!tlsext_serverhello_parse(s, &cbs, &al)) { | 1002 | if (!tlsext_client_parse(s, &cbs, &al, SSL_TLSEXT_MSG_SH)) { |
| 1003 | SSLerror(s, SSL_R_PARSE_TLSEXT); | 1003 | SSLerror(s, SSL_R_PARSE_TLSEXT); |
| 1004 | goto f_err; | 1004 | goto f_err; |
| 1005 | } | 1005 | } |