From 36abb6a270b411007530052e4bfe326d6f136636 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Fri, 31 Mar 2017 00:26:23 +0100 Subject: [PATCH] Update SSL_extension_supported() Numerous changes have been made to the supported built-in extensions and SSL_extension_supported() has not kept up. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/3097) --- ssl/t1_ext.c | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/ssl/t1_ext.c b/ssl/t1_ext.c index b19e75231f..e3bcb63548 100644 --- a/ssl/t1_ext.c +++ b/ssl/t1_ext.c @@ -237,8 +237,11 @@ int SSL_extension_supported(unsigned int ext_type) switch (ext_type) { /* Internally supported extensions. */ case TLSEXT_TYPE_application_layer_protocol_negotiation: +#ifndef OPENSSL_NO_EC case TLSEXT_TYPE_ec_point_formats: case TLSEXT_TYPE_supported_groups: + case TLSEXT_TYPE_key_share: +#endif #ifndef OPENSSL_NO_NEXTPROTONEG case TLSEXT_TYPE_next_proto_neg: #endif @@ -247,16 +250,26 @@ int SSL_extension_supported(unsigned int ext_type) case TLSEXT_TYPE_server_name: case TLSEXT_TYPE_session_ticket: case TLSEXT_TYPE_signature_algorithms: +#ifndef OPENSSL_NO_SRP case TLSEXT_TYPE_srp: +#endif +#ifndef OPENSSL_NO_OCSP case TLSEXT_TYPE_status_request: +#endif +#ifndef OPENSSL_NO_CT case TLSEXT_TYPE_signed_certificate_timestamp: +#endif +#ifndef OPENSSL_NO_SRTP case TLSEXT_TYPE_use_srtp: -#ifdef TLSEXT_TYPE_encrypt_then_mac - case TLSEXT_TYPE_encrypt_then_mac: #endif - case TLSEXT_TYPE_key_share: + case TLSEXT_TYPE_encrypt_then_mac: case TLSEXT_TYPE_supported_versions: case TLSEXT_TYPE_extended_master_secret: + case TLSEXT_TYPE_psk_kex_modes: + case TLSEXT_TYPE_cookie: + case TLSEXT_TYPE_early_data: + case TLSEXT_TYPE_certificate_authorities: + case TLSEXT_TYPE_psk: return 1; default: return 0; -- GitLab