diff options
| author | beck <> | 2024-03-26 03:44:11 +0000 |
|---|---|---|
| committer | beck <> | 2024-03-26 03:44:11 +0000 |
| commit | 2f0f60ca5f805f51622d846cb90343d577d5e328 (patch) | |
| tree | 32be705c081bf9585a5addf552dc3b683a0164ff /src/lib/libssl/ssl_tlsext.c | |
| parent | 04a8708bb4f7fc690e050b5d45281e1e214735ff (diff) | |
| download | openbsd-2f0f60ca5f805f51622d846cb90343d577d5e328.tar.gz openbsd-2f0f60ca5f805f51622d846cb90343d577d5e328.tar.bz2 openbsd-2f0f60ca5f805f51622d846cb90343d577d5e328.zip | |
Add an indicator that an extension has been processed.
ok jsing@
Diffstat (limited to 'src/lib/libssl/ssl_tlsext.c')
| -rw-r--r-- | src/lib/libssl/ssl_tlsext.c | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c index 3883aa6cec..e1506e5d60 100644 --- a/src/lib/libssl/ssl_tlsext.c +++ b/src/lib/libssl/ssl_tlsext.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_tlsext.c,v 1.142 2024/03/26 01:21:34 beck Exp $ */ | 1 | /* $OpenBSD: ssl_tlsext.c,v 1.143 2024/03/26 03:44:11 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> | 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> |
| @@ -2253,6 +2253,16 @@ tlsext_extension_seen(SSL *s, uint16_t type) | |||
| 2253 | return ((s->s3->hs.extensions_seen & (1 << idx)) != 0); | 2253 | return ((s->s3->hs.extensions_seen & (1 << idx)) != 0); |
| 2254 | } | 2254 | } |
| 2255 | 2255 | ||
| 2256 | int | ||
| 2257 | tlsext_extension_processed(SSL *s, uint16_t type) | ||
| 2258 | { | ||
| 2259 | size_t idx; | ||
| 2260 | |||
| 2261 | if (tls_extension_find(type, &idx) == NULL) | ||
| 2262 | return 0; | ||
| 2263 | return ((s->s3->hs.extensions_processed & (1 << idx)) != 0); | ||
| 2264 | } | ||
| 2265 | |||
| 2256 | const struct tls_extension_funcs * | 2266 | const struct tls_extension_funcs * |
| 2257 | tlsext_funcs(const struct tls_extension *tlsext, int is_server) | 2267 | tlsext_funcs(const struct tls_extension *tlsext, int is_server) |
| 2258 | { | 2268 | { |
| @@ -2490,6 +2500,8 @@ tlsext_process(SSL *s, struct tlsext_data *td, int is_server, uint16_t msg_type, | |||
| 2490 | 2500 | ||
| 2491 | alert_desc = SSL_AD_DECODE_ERROR; | 2501 | alert_desc = SSL_AD_DECODE_ERROR; |
| 2492 | 2502 | ||
| 2503 | s->s3->hs.extensions_processed = 0; | ||
| 2504 | |||
| 2493 | /* Run processing for present TLS extensions, in a defined order. */ | 2505 | /* Run processing for present TLS extensions, in a defined order. */ |
| 2494 | for (idx = 0; idx < N_TLS_EXTENSIONS; idx++) { | 2506 | for (idx = 0; idx < N_TLS_EXTENSIONS; idx++) { |
| 2495 | tlsext = &tls_extensions[idx]; | 2507 | tlsext = &tls_extensions[idx]; |
| @@ -2503,6 +2515,8 @@ tlsext_process(SSL *s, struct tlsext_data *td, int is_server, uint16_t msg_type, | |||
| 2503 | 2515 | ||
| 2504 | if (CBS_len(&td->extensions[idx]) != 0) | 2516 | if (CBS_len(&td->extensions[idx]) != 0) |
| 2505 | goto err; | 2517 | goto err; |
| 2518 | |||
| 2519 | s->s3->hs.extensions_processed |= (1 << idx); | ||
| 2506 | } | 2520 | } |
| 2507 | 2521 | ||
| 2508 | return 1; | 2522 | return 1; |