artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3f406de) | patch
Complete the TLS extension handling rewrite for the server-side.
authorjsing <jsing@openbsd.org>
Sat, 27 Jan 2018 15:30:05 +0000 (15:30 +0000)
committerjsing <jsing@openbsd.org>
Sat, 27 Jan 2018 15:30:05 +0000 (15:30 +0000)
commitfd8e9d0d2ae7d688e66e14924e6ca7211c758d65
treecf64e7b0c8f491d62866753197c25bbe90ca6168tree | snapshot
parent3f406de7ce5a7d23a776fd4df1fa7c7974e4af7dcommit | diff
Complete the TLS extension handling rewrite for the server-side.

This removes ssl_parse_clienthello_tlsext() and allows the CBS to be
passed all the way through from ssl3_get_client_hello(). The renegotation
check gets pulled up into ssl3_get_client_hello() which is where other
such checks exist.

The TLS extension parsing now also ensures that we do not get duplicates
of any known extensions (the old pre-rewrite code only did this for some
extensions).

ok inoguchi@
lib/libssl/ssl_locl.h diff | blob | history
lib/libssl/ssl_srvr.c diff | blob | history
lib/libssl/ssl_tlsext.c diff | blob | history
lib/libssl/ssl_tlsext.h diff | blob | history
lib/libssl/t1_lib.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim