4 files changed, 228 insertions, 220 deletions

diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index 60983fc6fd..acc48389c0 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_clnt.c,v 1.51 2018/11/29 06:21:09 tb Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.52 2019/01/18 00:54:42 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -775,7 +775,7 @@ ssl3_send_client_hello(SSL *s)
                         goto err;
 
                 /* TLS extensions */
-                if (!tlsext_clienthello_build(s, &client_hello)) {
+                if (!tlsext_client_build(s, &client_hello, SSL_TLSEXT_MSG_CH)) {
                         SSLerror(s, ERR_R_INTERNAL_ERROR);
                         goto err;
                 }
@@ -999,7 +999,7 @@ ssl3_get_server_hello(SSL *s)
                 goto f_err;
         }
 
-        if (!tlsext_serverhello_parse(s, &cbs, &al)) {
+        if (!tlsext_client_parse(s, &cbs, &al, SSL_TLSEXT_MSG_SH)) {
                 SSLerror(s, SSL_R_PARSE_TLSEXT);
                 goto f_err;
         }
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index 80199d3f2e..afc7c94de8 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_srvr.c,v 1.62 2018/12/07 07:22:09 tb Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.63 2019/01/18 00:54:42 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1019,7 +1019,7 @@ ssl3_get_client_hello(SSL *s)
                 goto f_err;
         }
 
-        if (!tlsext_clienthello_parse(s, &cbs, &al)) {
+        if (!tlsext_server_parse(s, &cbs, &al, SSL_TLSEXT_MSG_CH)) {
                 SSLerror(s, SSL_R_PARSE_TLSEXT);
                 goto f_err;
         }
@@ -1206,7 +1206,7 @@ ssl3_send_server_hello(SSL *s)
                         goto err;
 
                 /* TLS extensions */
-                if (!tlsext_serverhello_build(s, &server_hello)) {
+                if (!tlsext_server_build(s, &server_hello, SSL_TLSEXT_MSG_SH)) {
                         SSLerror(s, ERR_R_INTERNAL_ERROR);
                         goto err;
                 }
diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c
index 755bbff795..b8f4414365 100644
--- a/src/lib/libssl/ssl_tlsext.c
+++ b/src/lib/libssl/ssl_tlsext.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_tlsext.c,v 1.26 2018/11/09 05:02:53 beck Exp $ */
+/* $OpenBSD: ssl_tlsext.c,v 1.27 2019/01/18 00:54:42 jsing Exp $ */
 /*
  * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -21,15 +21,15 @@
 #include "ssl_locl.h"
 
 #include "bytestring.h"
-#include "ssl_tlsext.h"
 #include "ssl_sigalgs.h"
+#include "ssl_tlsext.h"
 
 /*
  * Supported Application-Layer Protocol Negotiation - RFC 7301
  */
 
 int
-tlsext_alpn_clienthello_needs(SSL *s)
+tlsext_alpn_client_needs(SSL *s)
 {
         /* ALPN protos have been specified and this is the initial handshake */
         return s->internal->alpn_client_proto_list != NULL &&
@@ -37,7 +37,7 @@ tlsext_alpn_clienthello_needs(SSL *s)
 }
 
 int
-tlsext_alpn_clienthello_build(SSL *s, CBB *cbb)
+tlsext_alpn_client_build(SSL *s, CBB *cbb)
 {
         CBB protolist;
 
@@ -55,7 +55,7 @@ tlsext_alpn_clienthello_build(SSL *s, CBB *cbb)
 }
 
 int
-tlsext_alpn_clienthello_parse(SSL *s, CBS *cbs, int *alert)
+tlsext_alpn_server_parse(SSL *s, CBS *cbs, int *alert)
 {
         CBS proto_name_list, alpn;
         const unsigned char *selected;
@@ -103,13 +103,13 @@ tlsext_alpn_clienthello_parse(SSL *s, CBS *cbs, int *alert)
 }
 
 int
-tlsext_alpn_serverhello_needs(SSL *s)
+tlsext_alpn_server_needs(SSL *s)
 {
         return S3I(s)->alpn_selected != NULL;
 }
 
 int
-tlsext_alpn_serverhello_build(SSL *s, CBB *cbb)
+tlsext_alpn_server_build(SSL *s, CBB *cbb)
 {
         CBB list, selected;
 
@@ -130,7 +130,7 @@ tlsext_alpn_serverhello_build(SSL *s, CBB *cbb)
 }
 
 int
-tlsext_alpn_serverhello_parse(SSL *s, CBS *cbs, int *alert)
+tlsext_alpn_client_parse(SSL *s, CBS *cbs, int *alert)
 {
         CBS list, proto;
 
@@ -167,13 +167,13 @@ tlsext_alpn_serverhello_parse(SSL *s, CBS *cbs, int *alert)
  * Supported Groups - RFC 7919 section 2
  */
 int
-tlsext_supportedgroups_clienthello_needs(SSL *s)
+tlsext_supportedgroups_client_needs(SSL *s)
 {
         return ssl_has_ecc_ciphers(s);
 }
 
 int
-tlsext_supportedgroups_clienthello_build(SSL *s, CBB *cbb)
+tlsext_supportedgroups_client_build(SSL *s, CBB *cbb)
 {
         const uint16_t *groups;
         size_t groups_len;
@@ -201,7 +201,7 @@ tlsext_supportedgroups_clienthello_build(SSL *s, CBB *cbb)
 }
 
 int
-tlsext_supportedgroups_clienthello_parse(SSL *s, CBS *cbs, int *alert)
+tlsext_supportedgroups_server_parse(SSL *s, CBS *cbs, int *alert)
 {
         CBS grouplist;
         size_t groups_len;
@@ -254,19 +254,19 @@ tlsext_supportedgroups_clienthello_parse(SSL *s, CBS *cbs, int *alert)
 
 /* This extension is never used by the server. */
 int
-tlsext_supportedgroups_serverhello_needs(SSL *s)
+tlsext_supportedgroups_server_needs(SSL *s)
 {
         return 0;
 }
 
 int
-tlsext_supportedgroups_serverhello_build(SSL *s, CBB *cbb)
+tlsext_supportedgroups_server_build(SSL *s, CBB *cbb)
 {
         return 0;
 }
 
 int
-tlsext_supportedgroups_serverhello_parse(SSL *s, CBS *cbs, int *alert)
+tlsext_supportedgroups_client_parse(SSL *s, CBS *cbs, int *alert)
 {
         /*
          * Servers should not send this extension per the RFC.
@@ -347,25 +347,25 @@ tlsext_ecpf_parse(SSL *s, CBS *cbs, int *alert)
 }
 
 int
-tlsext_ecpf_clienthello_needs(SSL *s)
+tlsext_ecpf_client_needs(SSL *s)
 {
         return ssl_has_ecc_ciphers(s);
 }
 
 int
-tlsext_ecpf_clienthello_build(SSL *s, CBB *cbb)
+tlsext_ecpf_client_build(SSL *s, CBB *cbb)
 {
         return tlsext_ecpf_build(s, cbb);
 }
 
 int
-tlsext_ecpf_clienthello_parse(SSL *s, CBS *cbs, int *alert)
+tlsext_ecpf_server_parse(SSL *s, CBS *cbs, int *alert)
 {
         return tlsext_ecpf_parse(s, cbs, alert);
 }
 
 int
-tlsext_ecpf_serverhello_needs(SSL *s)
+tlsext_ecpf_server_needs(SSL *s)
 {
         if (s->version == DTLS1_VERSION)
                 return 0;
@@ -374,13 +374,13 @@ tlsext_ecpf_serverhello_needs(SSL *s)
 }
 
 int
-tlsext_ecpf_serverhello_build(SSL *s, CBB *cbb)
+tlsext_ecpf_server_build(SSL *s, CBB *cbb)
 {
         return tlsext_ecpf_build(s, cbb);
 }
 
 int
-tlsext_ecpf_serverhello_parse(SSL *s, CBS *cbs, int *alert)
+tlsext_ecpf_client_parse(SSL *s, CBS *cbs, int *alert)
 {
         return tlsext_ecpf_parse(s, cbs, alert);
 }
@@ -389,13 +389,13 @@ tlsext_ecpf_serverhello_parse(SSL *s, CBS *cbs, int *alert)
  * Renegotiation Indication - RFC 5746.
  */
 int
-tlsext_ri_clienthello_needs(SSL *s)
+tlsext_ri_client_needs(SSL *s)
 {
         return (s->internal->renegotiate);
 }
 
 int
-tlsext_ri_clienthello_build(SSL *s, CBB *cbb)
+tlsext_ri_client_build(SSL *s, CBB *cbb)
 {
         CBB reneg;
 
@@ -411,7 +411,7 @@ tlsext_ri_clienthello_build(SSL *s, CBB *cbb)
 }
 
 int
-tlsext_ri_clienthello_parse(SSL *s, CBS *cbs, int *alert)
+tlsext_ri_server_parse(SSL *s, CBS *cbs, int *alert)
 {
         CBS reneg;
 
@@ -439,13 +439,13 @@ tlsext_ri_clienthello_parse(SSL *s, CBS *cbs, int *alert)
 }
 
 int
-tlsext_ri_serverhello_needs(SSL *s)
+tlsext_ri_server_needs(SSL *s)
 {
         return (S3I(s)->send_connection_binding);
 }
 
 int
-tlsext_ri_serverhello_build(SSL *s, CBB *cbb)
+tlsext_ri_server_build(SSL *s, CBB *cbb)
 {
         CBB reneg;
 
@@ -464,7 +464,7 @@ tlsext_ri_serverhello_build(SSL *s, CBB *cbb)
 }
 
 int
-tlsext_ri_serverhello_parse(SSL *s, CBS *cbs, int *alert)
+tlsext_ri_client_parse(SSL *s, CBS *cbs, int *alert)
 {
         CBS reneg, prev_client, prev_server;
 
@@ -521,13 +521,13 @@ tlsext_ri_serverhello_parse(SSL *s, CBS *cbs, int *alert)
  * Signature Algorithms - RFC 5246 section 7.4.1.4.1.
  */
 int
-tlsext_sigalgs_clienthello_needs(SSL *s)
+tlsext_sigalgs_client_needs(SSL *s)
 {
         return (TLS1_get_client_version(s) >= TLS1_2_VERSION);
 }
 
 int
-tlsext_sigalgs_clienthello_build(SSL *s, CBB *cbb)
+tlsext_sigalgs_client_build(SSL *s, CBB *cbb)
 {
         CBB sigalgs;
 
@@ -544,7 +544,7 @@ tlsext_sigalgs_clienthello_build(SSL *s, CBB *cbb)
 }
 
 int
-tlsext_sigalgs_clienthello_parse(SSL *s, CBS *cbs, int *alert)
+tlsext_sigalgs_server_parse(SSL *s, CBS *cbs, int *alert)
 {
         CBS sigalgs;
 
@@ -555,19 +555,19 @@ tlsext_sigalgs_clienthello_parse(SSL *s, CBS *cbs, int *alert)
 }
 
 int
-tlsext_sigalgs_serverhello_needs(SSL *s)
+tlsext_sigalgs_server_needs(SSL *s)
 {
         return 0;
 }
 
 int
-tlsext_sigalgs_serverhello_build(SSL *s, CBB *cbb)
+tlsext_sigalgs_server_build(SSL *s, CBB *cbb)
 {
         return 0;
 }
 
 int
-tlsext_sigalgs_serverhello_parse(SSL *s, CBS *cbs, int *alert)
+tlsext_sigalgs_client_parse(SSL *s, CBS *cbs, int *alert)
 {
         /* As per the RFC, servers must not send this extension. */
         return 0;
@@ -577,13 +577,13 @@ tlsext_sigalgs_serverhello_parse(SSL *s, CBS *cbs, int *alert)
  * Server Name Indication - RFC 6066, section 3.
  */
 int
-tlsext_sni_clienthello_needs(SSL *s)
+tlsext_sni_client_needs(SSL *s)
 {
         return (s->tlsext_hostname != NULL);
 }
 
 int
-tlsext_sni_clienthello_build(SSL *s, CBB *cbb)
+tlsext_sni_client_build(SSL *s, CBB *cbb)
 {
         CBB server_name_list, host_name;
 
@@ -603,7 +603,7 @@ tlsext_sni_clienthello_build(SSL *s, CBB *cbb)
 }
 
 int
-tlsext_sni_clienthello_parse(SSL *s, CBS *cbs, int *alert)
+tlsext_sni_server_parse(SSL *s, CBS *cbs, int *alert)
 {
         CBS server_name_list, host_name;
         uint8_t name_type;
@@ -661,19 +661,19 @@ tlsext_sni_clienthello_parse(SSL *s, CBS *cbs, int *alert)
 }
 
 int
-tlsext_sni_serverhello_needs(SSL *s)
+tlsext_sni_server_needs(SSL *s)
 {
         return (s->session->tlsext_hostname != NULL);
 }
 
 int
-tlsext_sni_serverhello_build(SSL *s, CBB *cbb)
+tlsext_sni_server_build(SSL *s, CBB *cbb)
 {
         return 1;
 }
 
 int
-tlsext_sni_serverhello_parse(SSL *s, CBS *cbs, int *alert)
+tlsext_sni_client_parse(SSL *s, CBS *cbs, int *alert)
 {
         if (s->tlsext_hostname == NULL || CBS_len(cbs) != 0) {
                 *alert = TLS1_AD_UNRECOGNIZED_NAME;
@@ -711,14 +711,14 @@ tlsext_sni_serverhello_parse(SSL *s, CBS *cbs, int *alert)
  */
 
 int
-tlsext_ocsp_clienthello_needs(SSL *s)
+tlsext_ocsp_client_needs(SSL *s)
 {
         return (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp &&
             s->version != DTLS1_VERSION);
 }
 
 int
-tlsext_ocsp_clienthello_build(SSL *s, CBB *cbb)
+tlsext_ocsp_client_build(SSL *s, CBB *cbb)
 {
         CBB respid_list, respid, exts;
         unsigned char *ext_data;
@@ -762,7 +762,7 @@ tlsext_ocsp_clienthello_build(SSL *s, CBB *cbb)
 }
 
 int
-tlsext_ocsp_clienthello_parse(SSL *s, CBS *cbs, int *alert)
+tlsext_ocsp_server_parse(SSL *s, CBS *cbs, int *alert)
 {
         int failure = SSL_AD_DECODE_ERROR;
         CBS respid_list, respid, exts;
@@ -836,19 +836,19 @@ tlsext_ocsp_clienthello_parse(SSL *s, CBS *cbs, int *alert)
 }
 
 int
-tlsext_ocsp_serverhello_needs(SSL *s)
+tlsext_ocsp_server_needs(SSL *s)
 {
         return s->internal->tlsext_status_expected;
 }
 
 int
-tlsext_ocsp_serverhello_build(SSL *s, CBB *cbb)
+tlsext_ocsp_server_build(SSL *s, CBB *cbb)
 {
         return 1;
 }
 
 int
-tlsext_ocsp_serverhello_parse(SSL *s, CBS *cbs, int *alert)
+tlsext_ocsp_client_parse(SSL *s, CBS *cbs, int *alert)
 {
         if (s->tlsext_status_type == -1) {
                 *alert = TLS1_AD_UNSUPPORTED_EXTENSION;
@@ -863,7 +863,7 @@ tlsext_ocsp_serverhello_parse(SSL *s, CBS *cbs, int *alert)
  * SessionTicket extension - RFC 5077 section 3.2
  */
 int
-tlsext_sessionticket_clienthello_needs(SSL *s)
+tlsext_sessionticket_client_needs(SSL *s)
 {
         /*
          * Send session ticket extension when enabled and not overridden.
@@ -884,7 +884,7 @@ tlsext_sessionticket_clienthello_needs(SSL *s)
 }
 
 int
-tlsext_sessionticket_clienthello_build(SSL *s, CBB *cbb)
+tlsext_sessionticket_client_build(SSL *s, CBB *cbb)
 {
         /*
          * Signal that we support session tickets by sending an empty
@@ -927,7 +927,7 @@ tlsext_sessionticket_clienthello_build(SSL *s, CBB *cbb)
 }
 
 int
-tlsext_sessionticket_clienthello_parse(SSL *s, CBS *cbs, int *alert)
+tlsext_sessionticket_server_parse(SSL *s, CBS *cbs, int *alert)
 {
         if (s->internal->tls_session_ticket_ext_cb) {
                 if (!s->internal->tls_session_ticket_ext_cb(s, CBS_data(cbs),
@@ -948,22 +948,21 @@ tlsext_sessionticket_clienthello_parse(SSL *s, CBS *cbs, int *alert)
 }
 
 int
-tlsext_sessionticket_serverhello_needs(SSL *s)
+tlsext_sessionticket_server_needs(SSL *s)
 {
         return (s->internal->tlsext_ticket_expected &&
             !(SSL_get_options(s) & SSL_OP_NO_TICKET));
 }
 
 int
-tlsext_sessionticket_serverhello_build(SSL *s, CBB *cbb)
+tlsext_sessionticket_server_build(SSL *s, CBB *cbb)
 {
         /* Empty ticket */
-
         return 1;
 }
 
 int
-tlsext_sessionticket_serverhello_parse(SSL *s, CBS *cbs, int *alert)
+tlsext_sessionticket_client_parse(SSL *s, CBS *cbs, int *alert)
 {
         if (s->internal->tls_session_ticket_ext_cb) {
                 if (!s->internal->tls_session_ticket_ext_cb(s, CBS_data(cbs),
@@ -991,13 +990,13 @@ tlsext_sessionticket_serverhello_parse(SSL *s, CBS *cbs, int *alert)
 #ifndef OPENSSL_NO_SRTP
 
 int
-tlsext_srtp_clienthello_needs(SSL *s)
+tlsext_srtp_client_needs(SSL *s)
 {
         return SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s) != NULL;
 }
 
 int
-tlsext_srtp_clienthello_build(SSL *s, CBB *cbb)
+tlsext_srtp_client_build(SSL *s, CBB *cbb)
 {
         CBB profiles, mki;
         int ct, i;
@@ -1034,7 +1033,7 @@ tlsext_srtp_clienthello_build(SSL *s, CBB *cbb)
 }
 
 int
-tlsext_srtp_clienthello_parse(SSL *s, CBS *cbs, int *alert)
+tlsext_srtp_server_parse(SSL *s, CBS *cbs, int *alert)
 {
         SRTP_PROTECTION_PROFILE *cprof, *sprof;
         STACK_OF(SRTP_PROTECTION_PROFILE) *clnt = NULL, *srvr;
@@ -1114,13 +1113,13 @@ tlsext_srtp_clienthello_parse(SSL *s, CBS *cbs, int *alert)
 }
 
 int
-tlsext_srtp_serverhello_needs(SSL *s)
+tlsext_srtp_server_needs(SSL *s)
 {
         return SSL_IS_DTLS(s) && SSL_get_selected_srtp_profile(s) != NULL;
 }
 
 int
-tlsext_srtp_serverhello_build(SSL *s, CBB *cbb)
+tlsext_srtp_server_build(SSL *s, CBB *cbb)
 {
         SRTP_PROTECTION_PROFILE *profile;
         CBB srtp, mki;
@@ -1144,7 +1143,7 @@ tlsext_srtp_serverhello_build(SSL *s, CBB *cbb)
 }
 
 int
-tlsext_srtp_serverhello_parse(SSL *s, CBS *cbs, int *alert)
+tlsext_srtp_client_parse(SSL *s, CBS *cbs, int *alert)
 {
         STACK_OF(SRTP_PROTECTION_PROFILE) *clnt;
         SRTP_PROTECTION_PROFILE *prof;
@@ -1202,127 +1201,127 @@ struct tls_extension_funcs {
 
 struct tls_extension {
         uint16_t type;
-        struct tls_extension_funcs clienthello;
-        struct tls_extension_funcs serverhello;
+        struct tls_extension_funcs client;
+        struct tls_extension_funcs server;
 };
 
 static struct tls_extension tls_extensions[] = {
         {
                 .type = TLSEXT_TYPE_server_name,
-                .clienthello = {
-                        .needs = tlsext_sni_clienthello_needs,
-                        .build = tlsext_sni_clienthello_build,
-                        .parse = tlsext_sni_clienthello_parse,
+                .client = {
+                        .needs = tlsext_sni_client_needs,
+                        .build = tlsext_sni_client_build,
+                        .parse = tlsext_sni_server_parse,
                 },
-                .serverhello = {
-                        .needs = tlsext_sni_serverhello_needs,
-                        .build = tlsext_sni_serverhello_build,
-                        .parse = tlsext_sni_serverhello_parse,
+                .server = {
+                        .needs = tlsext_sni_server_needs,
+                        .build = tlsext_sni_server_build,
+                        .parse = tlsext_sni_client_parse,
                 },
         },
         {
                 .type = TLSEXT_TYPE_renegotiate,
-                .clienthello = {
-                        .needs = tlsext_ri_clienthello_needs,
-                        .build = tlsext_ri_clienthello_build,
-                        .parse = tlsext_ri_clienthello_parse,
+                .client = {
+                        .needs = tlsext_ri_client_needs,
+                        .build = tlsext_ri_client_build,
+                        .parse = tlsext_ri_server_parse,
                 },
-                .serverhello = {
-                        .needs = tlsext_ri_serverhello_needs,
-                        .build = tlsext_ri_serverhello_build,
-                        .parse = tlsext_ri_serverhello_parse,
+                .server = {
+                        .needs = tlsext_ri_server_needs,
+                        .build = tlsext_ri_server_build,
+                        .parse = tlsext_ri_client_parse,
                 },
         },
         {
                 .type = TLSEXT_TYPE_status_request,
-                .clienthello = {
-                        .needs = tlsext_ocsp_clienthello_needs,
-                        .build = tlsext_ocsp_clienthello_build,
-                        .parse = tlsext_ocsp_clienthello_parse,
+                .client = {
+                        .needs = tlsext_ocsp_client_needs,
+                        .build = tlsext_ocsp_client_build,
+                        .parse = tlsext_ocsp_server_parse,
                 },
-                .serverhello = {
-                        .needs = tlsext_ocsp_serverhello_needs,
-                        .build = tlsext_ocsp_serverhello_build,
-                        .parse = tlsext_ocsp_serverhello_parse,
+                .server = {
+                        .needs = tlsext_ocsp_server_needs,
+                        .build = tlsext_ocsp_server_build,
+                        .parse = tlsext_ocsp_client_parse,
                 },
         },
         {
                 .type = TLSEXT_TYPE_ec_point_formats,
-                .clienthello = {
-                        .needs = tlsext_ecpf_clienthello_needs,
-                        .build = tlsext_ecpf_clienthello_build,
-                        .parse = tlsext_ecpf_clienthello_parse,
+                .client = {
+                        .needs = tlsext_ecpf_client_needs,
+                        .build = tlsext_ecpf_client_build,
+                        .parse = tlsext_ecpf_server_parse,
                 },
-                .serverhello = {
-                        .needs = tlsext_ecpf_serverhello_needs,
-                        .build = tlsext_ecpf_serverhello_build,
-                        .parse = tlsext_ecpf_serverhello_parse,
+                .server = {
+                        .needs = tlsext_ecpf_server_needs,
+                        .build = tlsext_ecpf_server_build,
+                        .parse = tlsext_ecpf_client_parse,
                 },
         },
         {
                 .type = TLSEXT_TYPE_supported_groups,
-                .clienthello = {
-                        .needs = tlsext_supportedgroups_clienthello_needs,
-                        .build = tlsext_supportedgroups_clienthello_build,
-                        .parse = tlsext_supportedgroups_clienthello_parse,
+                .client = {
+                        .needs = tlsext_supportedgroups_client_needs,
+                        .build = tlsext_supportedgroups_client_build,
+                        .parse = tlsext_supportedgroups_server_parse,
                 },
-                .serverhello = {
-                        .needs = tlsext_supportedgroups_serverhello_needs,
-                        .build = tlsext_supportedgroups_serverhello_build,
-                        .parse = tlsext_supportedgroups_serverhello_parse,
+                .server = {
+                        .needs = tlsext_supportedgroups_server_needs,
+                        .build = tlsext_supportedgroups_server_build,
+                        .parse = tlsext_supportedgroups_client_parse,
                 },
         },
         {
                 .type = TLSEXT_TYPE_session_ticket,
-                .clienthello = {
-                        .needs = tlsext_sessionticket_clienthello_needs,
-                        .build = tlsext_sessionticket_clienthello_build,
-                        .parse = tlsext_sessionticket_clienthello_parse,
+                .client = {
+                        .needs = tlsext_sessionticket_client_needs,
+                        .build = tlsext_sessionticket_client_build,
+                        .parse = tlsext_sessionticket_server_parse,
                 },
-                .serverhello = {
-                        .needs = tlsext_sessionticket_serverhello_needs,
-                        .build = tlsext_sessionticket_serverhello_build,
-                        .parse = tlsext_sessionticket_serverhello_parse,
+                .server = {
+                        .needs = tlsext_sessionticket_server_needs,
+                        .build = tlsext_sessionticket_server_build,
+                        .parse = tlsext_sessionticket_client_parse,
                 },
         },
         {
                 .type = TLSEXT_TYPE_signature_algorithms,
-                .clienthello = {
-                        .needs = tlsext_sigalgs_clienthello_needs,
-                        .build = tlsext_sigalgs_clienthello_build,
-                        .parse = tlsext_sigalgs_clienthello_parse,
+                .client = {
+                        .needs = tlsext_sigalgs_client_needs,
+                        .build = tlsext_sigalgs_client_build,
+                        .parse = tlsext_sigalgs_server_parse,
                 },
-                .serverhello = {
-                        .needs = tlsext_sigalgs_serverhello_needs,
-                        .build = tlsext_sigalgs_serverhello_build,
-                        .parse = tlsext_sigalgs_serverhello_parse,
+                .server = {
+                        .needs = tlsext_sigalgs_server_needs,
+                        .build = tlsext_sigalgs_server_build,
+                        .parse = tlsext_sigalgs_client_parse,
                 },
         },
         {
                 .type = TLSEXT_TYPE_application_layer_protocol_negotiation,
-                .clienthello = {
-                        .needs = tlsext_alpn_clienthello_needs,
-                        .build = tlsext_alpn_clienthello_build,
-                        .parse = tlsext_alpn_clienthello_parse,
+                .client = {
+                        .needs = tlsext_alpn_client_needs,
+                        .build = tlsext_alpn_client_build,
+                        .parse = tlsext_alpn_server_parse,
                 },
-                .serverhello = {
-                        .needs = tlsext_alpn_serverhello_needs,
-                        .build = tlsext_alpn_serverhello_build,
-                        .parse = tlsext_alpn_serverhello_parse,
+                .server = {
+                        .needs = tlsext_alpn_server_needs,
+                        .build = tlsext_alpn_server_build,
+                        .parse = tlsext_alpn_client_parse,
                 },
         },
 #ifndef OPENSSL_NO_SRTP
         {
                 .type = TLSEXT_TYPE_use_srtp,
-                .clienthello = {
-                        .needs = tlsext_srtp_clienthello_needs,
-                        .build = tlsext_srtp_clienthello_build,
-                        .parse = tlsext_srtp_clienthello_parse,
+                .client = {
+                        .needs = tlsext_srtp_client_needs,
+                        .build = tlsext_srtp_client_build,
+                        .parse = tlsext_srtp_server_parse,
                 },
-                .serverhello = {
-                        .needs = tlsext_srtp_serverhello_needs,
-                        .build = tlsext_srtp_serverhello_build,
-                        .parse = tlsext_srtp_serverhello_parse,
+                .server = {
+                        .needs = tlsext_srtp_server_needs,
+                        .build = tlsext_srtp_server_build,
+                        .parse = tlsext_srtp_client_parse,
                 },
         }
 #endif /* OPENSSL_NO_SRTP */
@@ -1349,16 +1348,16 @@ tls_extension_find(uint16_t type, size_t *tls_extensions_idx)
 }
 
 static struct tls_extension_funcs *
-tlsext_funcs(struct tls_extension *tlsext, int is_serverhello)
+tlsext_funcs(struct tls_extension *tlsext, int is_server)
 {
-        if (is_serverhello)
-                return &tlsext->serverhello;
+        if (is_server)
+                return &tlsext->server;
 
-        return &tlsext->clienthello;    
+        return &tlsext->client; 
 }
 
 static int
-tlsext_build(SSL *s, CBB *cbb, int is_serverhello)
+tlsext_build(SSL *s, CBB *cbb, int is_server)
 {
         struct tls_extension_funcs *ext;
         struct tls_extension *tlsext;
@@ -1371,7 +1370,7 @@ tlsext_build(SSL *s, CBB *cbb, int is_serverhello)
 
         for (i = 0; i < N_TLS_EXTENSIONS; i++) {
                 tlsext = &tls_extensions[i];
-                ext = tlsext_funcs(tlsext, is_serverhello);
+                ext = tlsext_funcs(tlsext, is_server);
 
                 if (!ext->needs(s))
                         continue;
@@ -1397,7 +1396,7 @@ tlsext_build(SSL *s, CBB *cbb, int is_serverhello)
 }
 
 static int
-tlsext_parse(SSL *s, CBS *cbs, int *alert, int is_serverhello)
+tlsext_parse(SSL *s, CBS *cbs, int *alert, int is_server)
 {
         struct tls_extension_funcs *ext;
         struct tls_extension *tlsext;
@@ -1422,7 +1421,7 @@ tlsext_parse(SSL *s, CBS *cbs, int *alert, int is_serverhello)
                         return 0;
 
                 if (s->internal->tlsext_debug_cb != NULL)
-                        s->internal->tlsext_debug_cb(s, is_serverhello, type,
+                        s->internal->tlsext_debug_cb(s, is_server, type,
                             (unsigned char *)CBS_data(&extension_data),
                             CBS_len(&extension_data),
                             s->internal->tlsext_debug_arg);
@@ -1436,7 +1435,7 @@ tlsext_parse(SSL *s, CBS *cbs, int *alert, int is_serverhello)
                         return 0;
                 extensions_seen |= (1 << idx);
 
-                ext = tlsext_funcs(tlsext, is_serverhello);
+                ext = tlsext_funcs(tlsext, is_server);
                 if (!ext->parse(s, &extension_data, alert))
                         return 0;
 
@@ -1448,7 +1447,7 @@ tlsext_parse(SSL *s, CBS *cbs, int *alert, int is_serverhello)
 }
 
 static void
-tlsext_clienthello_reset_state(SSL *s)
+tlsext_client_reset_state(SSL *s)
 {
         s->internal->servername_done = 0;
         s->tlsext_status_type = -1;
@@ -1459,22 +1458,22 @@ tlsext_clienthello_reset_state(SSL *s)
 }
 
 int
-tlsext_clienthello_build(SSL *s, CBB *cbb)
+tlsext_client_build(SSL *s, CBB *cbb, uint16_t msg_type)
 {
         return tlsext_build(s, cbb, 0);
 }
 
 int
-tlsext_clienthello_parse(SSL *s, CBS *cbs, int *alert)
+tlsext_server_parse(SSL *s, CBS *cbs, int *alert, uint16_t msg_type)
 {
         /* XXX - this possibly should be done by the caller... */
-        tlsext_clienthello_reset_state(s);
+        tlsext_client_reset_state(s);
 
         return tlsext_parse(s, cbs, alert, 0);
 }
 
 static void
-tlsext_serverhello_reset_state(SSL *s)
+tlsext_server_reset_state(SSL *s)
 {
         S3I(s)->renegotiate_seen = 0;   
         free(S3I(s)->alpn_selected);
@@ -1482,16 +1481,16 @@ tlsext_serverhello_reset_state(SSL *s)
 }
 
 int
-tlsext_serverhello_build(SSL *s, CBB *cbb)
+tlsext_server_build(SSL *s, CBB *cbb, uint16_t msg_type)
 {
         return tlsext_build(s, cbb, 1);
 }
 
 int
-tlsext_serverhello_parse(SSL *s, CBS *cbs, int *alert)
+tlsext_client_parse(SSL *s, CBS *cbs, int *alert, uint16_t msg_type)
 {
         /* XXX - this possibly should be done by the caller... */
-        tlsext_serverhello_reset_state(s);
+        tlsext_server_reset_state(s);
 
         return tlsext_parse(s, cbs, alert, 1);
 }
diff --git a/src/lib/libssl/ssl_tlsext.h b/src/lib/libssl/ssl_tlsext.h
index b6108ea45a..e5c1628c98 100644
--- a/src/lib/libssl/ssl_tlsext.h
+++ b/src/lib/libssl/ssl_tlsext.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_tlsext.h,v 1.14 2018/11/09 03:17:24 jsing Exp $ */
+/* $OpenBSD: ssl_tlsext.h,v 1.15 2019/01/18 00:54:42 jsing Exp $ */
 /*
  * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -19,78 +19,87 @@
 #ifndef HEADER_SSL_TLSEXT_H
 #define HEADER_SSL_TLSEXT_H
 
+/* TLSv1.3 - RFC 8446 Section 4.2. */
+#define SSL_TLSEXT_MSG_CH       0x0001  /* ClientHello */
+#define SSL_TLSEXT_MSG_SH       0x0002  /* ServerHello */
+#define SSL_TLSEXT_MSG_EE       0x0004  /* EncryptedExtension */
+#define SSL_TLSEXT_MSG_CT       0x0008  /* Certificate */
+#define SSL_TLSEXT_MSG_CR       0x0010  /* CertificateRequest */
+#define SSL_TLSEXT_MSG_NST      0x0020  /* NewSessionTicket */
+#define SSL_TLSEXT_MSG_HRR      0x0030  /* HelloRetryRequest */
+
 __BEGIN_HIDDEN_DECLS
 
-int tlsext_alpn_clienthello_needs(SSL *s);
-int tlsext_alpn_clienthello_build(SSL *s, CBB *cbb);
-int tlsext_alpn_clienthello_parse(SSL *s, CBS *cbs, int *alert);
-int tlsext_alpn_serverhello_needs(SSL *s);
-int tlsext_alpn_serverhello_build(SSL *s, CBB *cbb);
-int tlsext_alpn_serverhello_parse(SSL *s, CBS *cbs, int *alert);
-
-int tlsext_ri_clienthello_needs(SSL *s);
-int tlsext_ri_clienthello_build(SSL *s, CBB *cbb);
-int tlsext_ri_clienthello_parse(SSL *s, CBS *cbs, int *alert);
-int tlsext_ri_serverhello_needs(SSL *s);
-int tlsext_ri_serverhello_build(SSL *s, CBB *cbb);
-int tlsext_ri_serverhello_parse(SSL *s, CBS *cbs, int *alert);
-
-int tlsext_sigalgs_clienthello_needs(SSL *s);
-int tlsext_sigalgs_clienthello_build(SSL *s, CBB *cbb);
-int tlsext_sigalgs_clienthello_parse(SSL *s, CBS *cbs, int *alert);
-int tlsext_sigalgs_serverhello_needs(SSL *s);
-int tlsext_sigalgs_serverhello_build(SSL *s, CBB *cbb);
-int tlsext_sigalgs_serverhello_parse(SSL *s, CBS *cbs, int *alert);
-
-int tlsext_sni_clienthello_needs(SSL *s);
-int tlsext_sni_clienthello_build(SSL *s, CBB *cbb);
-int tlsext_sni_clienthello_parse(SSL *s, CBS *cbs, int *alert);
-int tlsext_sni_serverhello_needs(SSL *s);
-int tlsext_sni_serverhello_build(SSL *s, CBB *cbb);
-int tlsext_sni_serverhello_parse(SSL *s, CBS *cbs, int *alert);
-
-int tlsext_supportedgroups_clienthello_needs(SSL *s);
-int tlsext_supportedgroups_clienthello_build(SSL *s, CBB *cbb);
-int tlsext_supportedgroups_clienthello_parse(SSL *s, CBS *cbs, int *alert);
-int tlsext_supportedgroups_serverhello_needs(SSL *s);
-int tlsext_supportedgroups_serverhello_build(SSL *s, CBB *cbb);
-int tlsext_supportedgroups_serverhello_parse(SSL *s, CBS *cbs, int *alert);
-
-int tlsext_ecpf_clienthello_needs(SSL *s);
-int tlsext_ecpf_clienthello_build(SSL *s, CBB *cbb);
-int tlsext_ecpf_clienthello_parse(SSL *s, CBS *cbs, int *alert);
-int tlsext_ecpf_serverhello_needs(SSL *s);
-int tlsext_ecpf_serverhello_build(SSL *s, CBB *cbb);
-int tlsext_ecpf_serverhello_parse(SSL *s, CBS *cbs, int *alert);
-
-int tlsext_ocsp_clienthello_needs(SSL *s);
-int tlsext_ocsp_clienthello_build(SSL *s, CBB *cbb);
-int tlsext_ocsp_clienthello_parse(SSL *s, CBS *cbs, int *alert);
-int tlsext_ocsp_serverhello_needs(SSL *s);
-int tlsext_ocsp_serverhello_build(SSL *s, CBB *cbb);
-int tlsext_ocsp_serverhello_parse(SSL *s, CBS *cbs, int *alert);
-
-int tlsext_sessionticket_clienthello_needs(SSL *s);
-int tlsext_sessionticket_clienthello_build(SSL *s, CBB *cbb);
-int tlsext_sessionticket_clienthello_parse(SSL *s, CBS *cbs, int *alert);
-int tlsext_sessionticket_serverhello_needs(SSL *s);
-int tlsext_sessionticket_serverhello_build(SSL *s, CBB *cbb);
-int tlsext_sessionticket_serverhello_parse(SSL *s, CBS *cbs, int *alert);
+int tlsext_alpn_client_needs(SSL *s);
+int tlsext_alpn_client_build(SSL *s, CBB *cbb);
+int tlsext_alpn_client_parse(SSL *s, CBS *cbs, int *alert);
+int tlsext_alpn_server_needs(SSL *s);
+int tlsext_alpn_server_build(SSL *s, CBB *cbb);
+int tlsext_alpn_server_parse(SSL *s, CBS *cbs, int *alert);
+
+int tlsext_ri_client_needs(SSL *s);
+int tlsext_ri_client_build(SSL *s, CBB *cbb);
+int tlsext_ri_client_parse(SSL *s, CBS *cbs, int *alert);
+int tlsext_ri_server_needs(SSL *s);
+int tlsext_ri_server_build(SSL *s, CBB *cbb);
+int tlsext_ri_server_parse(SSL *s, CBS *cbs, int *alert);
+
+int tlsext_sigalgs_client_needs(SSL *s);
+int tlsext_sigalgs_client_build(SSL *s, CBB *cbb);
+int tlsext_sigalgs_client_parse(SSL *s, CBS *cbs, int *alert);
+int tlsext_sigalgs_server_needs(SSL *s);
+int tlsext_sigalgs_server_build(SSL *s, CBB *cbb);
+int tlsext_sigalgs_server_parse(SSL *s, CBS *cbs, int *alert);
+
+int tlsext_sni_client_needs(SSL *s);
+int tlsext_sni_client_build(SSL *s, CBB *cbb);
+int tlsext_sni_client_parse(SSL *s, CBS *cbs, int *alert);
+int tlsext_sni_server_needs(SSL *s);
+int tlsext_sni_server_build(SSL *s, CBB *cbb);
+int tlsext_sni_server_parse(SSL *s, CBS *cbs, int *alert);
+
+int tlsext_supportedgroups_client_needs(SSL *s);
+int tlsext_supportedgroups_client_build(SSL *s, CBB *cbb);
+int tlsext_supportedgroups_client_parse(SSL *s, CBS *cbs, int *alert);
+int tlsext_supportedgroups_server_needs(SSL *s);
+int tlsext_supportedgroups_server_build(SSL *s, CBB *cbb);
+int tlsext_supportedgroups_server_parse(SSL *s, CBS *cbs, int *alert);
+
+int tlsext_ecpf_client_needs(SSL *s);
+int tlsext_ecpf_client_build(SSL *s, CBB *cbb);
+int tlsext_ecpf_client_parse(SSL *s, CBS *cbs, int *alert);
+int tlsext_ecpf_server_needs(SSL *s);
+int tlsext_ecpf_server_build(SSL *s, CBB *cbb);
+int tlsext_ecpf_server_parse(SSL *s, CBS *cbs, int *alert);
+
+int tlsext_ocsp_client_needs(SSL *s);
+int tlsext_ocsp_client_build(SSL *s, CBB *cbb);
+int tlsext_ocsp_client_parse(SSL *s, CBS *cbs, int *alert);
+int tlsext_ocsp_server_needs(SSL *s);
+int tlsext_ocsp_server_build(SSL *s, CBB *cbb);
+int tlsext_ocsp_server_parse(SSL *s, CBS *cbs, int *alert);
+
+int tlsext_sessionticket_client_needs(SSL *s);
+int tlsext_sessionticket_client_build(SSL *s, CBB *cbb);
+int tlsext_sessionticket_client_parse(SSL *s, CBS *cbs, int *alert);
+int tlsext_sessionticket_server_needs(SSL *s);
+int tlsext_sessionticket_server_build(SSL *s, CBB *cbb);
+int tlsext_sessionticket_server_parse(SSL *s, CBS *cbs, int *alert);
 
 #ifndef OPENSSL_NO_SRTP
-int tlsext_srtp_clienthello_needs(SSL *s);
-int tlsext_srtp_clienthello_build(SSL *s, CBB *cbb);
-int tlsext_srtp_clienthello_parse(SSL *s, CBS *cbs, int *alert);
-int tlsext_srtp_serverhello_needs(SSL *s);
-int tlsext_srtp_serverhello_build(SSL *s, CBB *cbb);
-int tlsext_srtp_serverhello_parse(SSL *s, CBS *cbs, int *alert);
+int tlsext_srtp_client_needs(SSL *s);
+int tlsext_srtp_client_build(SSL *s, CBB *cbb);
+int tlsext_srtp_client_parse(SSL *s, CBS *cbs, int *alert);
+int tlsext_srtp_server_needs(SSL *s);
+int tlsext_srtp_server_build(SSL *s, CBB *cbb);
+int tlsext_srtp_server_parse(SSL *s, CBS *cbs, int *alert);
 #endif
 
-int tlsext_clienthello_build(SSL *s, CBB *cbb);
-int tlsext_clienthello_parse(SSL *s, CBS *cbs, int *alert);
+int tlsext_client_build(SSL *s, CBB *cbb, uint16_t msg_type);
+int tlsext_client_parse(SSL *s, CBS *cbs, int *alert, uint16_t msg_type);
 
-int tlsext_serverhello_build(SSL *s, CBB *cbb);
-int tlsext_serverhello_parse(SSL *s, CBS *cbs, int *alert);
+int tlsext_server_build(SSL *s, CBB *cbb, uint16_t msg_type);
+int tlsext_server_parse(SSL *s, CBS *cbs, int *alert, uint16_t msg_type);
 
 __END_HIDDEN_DECLS