Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
大约 1 年 前同步成功

通知 9
Star 18
Fork 1
T
Third Party Openssl

体验新版 GitCode,发现更多精彩内容 >>

提交 8cbfcc70 编写于 作者: R Rich Salz
浏览文件
操作

Use typedefs for PSK, NPN, ALPN callback functions 

Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2052)
上级 aff8c126
隐藏空白更改
内联 并排
Showing with 64 addition and 175 deletion
include/openssl/ssl.h
浏览文件 @ 8cbfcc70
...@@ -656,25 +656,30 @@ void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, ...@@ -656,25 +656,30 @@ void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
unsigned int unsigned int
cookie_len)); cookie_len));
# ifndef OPENSSL_NO_NEXTPROTONEG # ifndef OPENSSL_NO_NEXTPROTONEG
# define SSL_CTX_set_npn_select_cb SSL_CTX_set_next_proto_select_cb
# define SSL_CTX_set_npn_advertised_cb SSL_CTX_set_next_protos_advertised_cb typedef int (*SSL_CTX_npn_advertised_cb_func)(SSL *ssl,
# define SSL_get0_npn_negotiated SSL_get0_next_proto_negotiated const unsigned char **out,
unsigned int *outlen,
void *arg);
void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s, void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s,
int (*cb) (SSL *ssl, SSL_CTX_npn_advertised_cb_func cb,
const unsigned char **out, void *arg);
unsigned int *outlen, # define SSL_CTX_set_npn_advertised_cb SSL_CTX_set_next_protos_advertised_cb
void *arg),
void *arg); typedef int (*SSL_CTX_npn_select_cb_func)(SSL *s,
unsigned char **out,
unsigned char *outlen,
const unsigned char *in,
unsigned int inlen,
void *arg);
void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s, void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s,
int (*cb) (SSL *ssl, SSL_CTX_npn_select_cb_func cb,
unsigned char **out,
unsigned char *outlen,
const unsigned char *in,
unsigned int inlen,
void *arg),
void *arg); void *arg);
# define SSL_CTX_set_npn_select_cb SSL_CTX_set_next_proto_select_cb
void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
unsigned *len); unsigned *len);
# define SSL_get0_npn_negotiated SSL_get0_next_proto_negotiated
# endif # endif
__owur int SSL_select_next_proto(unsigned char **out, unsigned char *outlen, __owur int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
...@@ -690,13 +695,15 @@ __owur int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos, ...@@ -690,13 +695,15 @@ __owur int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
unsigned int protos_len); unsigned int protos_len);
__owur int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos, __owur int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
unsigned int protos_len); unsigned int protos_len);
void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx, typedef int (*SSL_CTX_alpn_select_cb_func)(SSL *ssl,
int (*cb) (SSL *ssl,
const unsigned char **out, const unsigned char **out,
unsigned char *outlen, unsigned char *outlen,
const unsigned char *in, const unsigned char *in,
unsigned int inlen, unsigned int inlen,
void *arg), void *arg); void *arg);
void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
SSL_CTX_alpn_select_cb_func cb,
void *arg);
void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data, void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
unsigned int *len); unsigned int *len);
...@@ -707,64 +714,22 @@ void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data, ...@@ -707,64 +714,22 @@ void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
*/ */
# define PSK_MAX_IDENTITY_LEN 128 # define PSK_MAX_IDENTITY_LEN 128
# define PSK_MAX_PSK_LEN 256 # define PSK_MAX_PSK_LEN 256
void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, typedef unsigned int (*SSL_psk_client_cb_func)(SSL *ssl,
unsigned int (*psk_client_callback) (SSL const char *hint,
*ssl, char *identity,
const unsigned int max_identity_len,
char unsigned char *psk,
*hint, unsigned int max_psk_len);
char void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, SSL_psk_client_cb_func cb);
*identity, void SSL_set_psk_client_callback(SSL *ssl, SSL_psk_client_cb_func cb);
unsigned
int typedef unsigned int (*SSL_psk_server_cb_func)(SSL *ssl,
max_identity_len, const char *identity,
unsigned unsigned char *psk,
char unsigned int max_psk_len);
*psk, void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, SSL_psk_server_cb_func cb);
unsigned void SSL_set_psk_server_callback(SSL *ssl, SSL_psk_server_cb_func cb);
int
max_psk_len));
void SSL_set_psk_client_callback(SSL *ssl,
unsigned int (*psk_client_callback) (SSL
*ssl,
const
char
*hint,
char
*identity,
unsigned
int
max_identity_len,
unsigned
char
*psk,
unsigned
int
max_psk_len));
void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
unsigned int (*psk_server_callback) (SSL
*ssl,
const
char
*identity,
unsigned
char
*psk,
unsigned
int
max_psk_len));
void SSL_set_psk_server_callback(SSL *ssl,
unsigned int (*psk_server_callback) (SSL
*ssl,
const
char
*identity,
unsigned
char
*psk,
unsigned
int
max_psk_len));
__owur int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint); __owur int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint);
__owur int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint); __owur int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint);
const char *SSL_get_psk_identity_hint(const SSL *s); const char *SSL_get_psk_identity_hint(const SSL *s);
......
ssl/ssl_lib.c
浏览文件 @ 8cbfcc70
...@@ -2267,10 +2267,7 @@ void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, ...@@ -2267,10 +2267,7 @@ void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
* ServerHello. * ServerHello.
*/ */
void SSL_CTX_set_npn_advertised_cb(SSL_CTX *ctx, void SSL_CTX_set_npn_advertised_cb(SSL_CTX *ctx,
int (*cb) (SSL *ssl, SSL_CTX_npn_advertised_cb_func cb,
const unsigned char **out,
unsigned int *outlen,
void *arg),
void *arg) void *arg)
{ {
ctx->ext.npn_advertised_cb = cb; ctx->ext.npn_advertised_cb = cb;
...@@ -2288,11 +2285,7 @@ void SSL_CTX_set_npn_advertised_cb(SSL_CTX *ctx, ...@@ -2288,11 +2285,7 @@ void SSL_CTX_set_npn_advertised_cb(SSL_CTX *ctx,
* a value other than SSL_TLSEXT_ERR_OK. * a value other than SSL_TLSEXT_ERR_OK.
*/ */
void SSL_CTX_set_npn_select_cb(SSL_CTX *ctx, void SSL_CTX_set_npn_select_cb(SSL_CTX *ctx,
int (*cb) (SSL *s, unsigned char **out, SSL_CTX_npn_select_cb_func cb,
unsigned char *outlen,
const unsigned char *in,
unsigned int inlen,
void *arg),
void *arg) void *arg)
{ {
ctx->ext.npn_select_cb = cb; ctx->ext.npn_select_cb = cb;
...@@ -2344,12 +2337,8 @@ int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos, ...@@ -2344,12 +2337,8 @@ int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
* from the client's list of offered protocols. * from the client's list of offered protocols.
*/ */
void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx, void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
int (*cb) (SSL *ssl, SSL_CTX_alpn_select_cb_func cb,
const unsigned char **out, void *arg)
unsigned char *outlen,
const unsigned char *in,
unsigned int inlen,
void *arg), void *arg)
{ {
ctx->ext.alpn_select_cb = cb; ctx->ext.alpn_select_cb = cb;
ctx->ext.alpn_select_cb_arg = arg; ctx->ext.alpn_select_cb_arg = arg;
...@@ -3726,46 +3715,22 @@ const char *SSL_get_psk_identity(const SSL *s) ...@@ -3726,46 +3715,22 @@ const char *SSL_get_psk_identity(const SSL *s)
return (s->session->psk_identity); return (s->session->psk_identity);
} }
void SSL_set_psk_client_callback(SSL *s, void SSL_set_psk_client_callback(SSL *s, SSL_psk_client_cb_func cb)
unsigned int (*cb) (SSL *ssl,
const char *hint,
char *identity,
unsigned int
max_identity_len,
unsigned char *psk,
unsigned int max_psk_len))
{ {
s->psk_client_callback = cb; s->psk_client_callback = cb;
} }
void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, SSL_psk_client_cb_func cb)
unsigned int (*cb) (SSL *ssl,
const char *hint,
char *identity,
unsigned int
max_identity_len,
unsigned char *psk,
unsigned int
max_psk_len))
{ {
ctx->psk_client_callback = cb; ctx->psk_client_callback = cb;
} }
void SSL_set_psk_server_callback(SSL *s, void SSL_set_psk_server_callback(SSL *s, SSL_psk_server_cb_func cb)
unsigned int (*cb) (SSL *ssl,
const char *identity,
unsigned char *psk,
unsigned int max_psk_len))
{ {
s->psk_server_callback = cb; s->psk_server_callback = cb;
} }
void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, SSL_psk_server_cb_func cb)
unsigned int (*cb) (SSL *ssl,
const char *identity,
unsigned char *psk,
unsigned int
max_psk_len))
{ {
ctx->psk_server_callback = cb; ctx->psk_server_callback = cb;
} }
......
ssl/ssl_locl.h
浏览文件 @ 8cbfcc70
...@@ -843,30 +843,20 @@ struct ssl_ctx_st { ...@@ -843,30 +843,20 @@ struct ssl_ctx_st {
* For a server, this contains a callback function by which the set of * For a server, this contains a callback function by which the set of
* advertised protocols can be provided. * advertised protocols can be provided.
*/ */
int (*npn_advertised_cb) (SSL *s, const unsigned char **buf, SSL_CTX_npn_advertised_cb_func npn_advertised_cb;
unsigned int *len, void *arg);
void *npn_advertised_cb_arg; void *npn_advertised_cb_arg;
/* /*
* For a client, this contains a callback function that selects the next * For a client, this contains a callback function that selects the next
* protocol from the list provided by the server. * protocol from the list provided by the server.
*/ */
int (*npn_select_cb) (SSL *s, unsigned char **out, SSL_CTX_npn_select_cb_func npn_select_cb;
unsigned char *outlen,
const unsigned char *in,
unsigned int inlen, void *arg);
void *npn_select_cb_arg; void *npn_select_cb_arg;
# endif # endif
} ext; } ext;
# ifndef OPENSSL_NO_PSK # ifndef OPENSSL_NO_PSK
unsigned int (*psk_client_callback) (SSL *ssl, const char *hint, SSL_psk_client_cb_func psk_client_callback;
char *identity, SSL_psk_server_cb_func psk_server_callback;
unsigned int max_identity_len,
unsigned char *psk,
unsigned int max_psk_len);
unsigned int (*psk_server_callback) (SSL *ssl, const char *identity,
unsigned char *psk,
unsigned int max_psk_len);
# endif # endif
# ifndef OPENSSL_NO_SRP # ifndef OPENSSL_NO_SRP
...@@ -1002,14 +992,8 @@ struct ssl_st { ...@@ -1002,14 +992,8 @@ struct ssl_st {
/* actual code */ /* actual code */
int error_code; int error_code;
# ifndef OPENSSL_NO_PSK # ifndef OPENSSL_NO_PSK
unsigned int (*psk_client_callback) (SSL *ssl, const char *hint, SSL_psk_client_cb_func psk_client_callback;
char *identity, SSL_psk_server_cb_func psk_server_callback;
unsigned int max_identity_len,
unsigned char *psk,
unsigned int max_psk_len);
unsigned int (*psk_server_callback) (SSL *ssl, const char *identity,
unsigned char *psk,
unsigned int max_psk_len);
# endif # endif
SSL_CTX *ctx; SSL_CTX *ctx;
/* Verified chain of peer */ /* Verified chain of peer */
......
ssl/statem/extensions.c
浏览文件 @ 8cbfcc70
...@@ -799,31 +799,13 @@ static int init_status_request(SSL *s, unsigned int context) ...@@ -799,31 +799,13 @@ static int init_status_request(SSL *s, unsigned int context)
* Ensure we get sensible values passed to tlsext_status_cb in the event * Ensure we get sensible values passed to tlsext_status_cb in the event
* that we don't receive a status message * that we don't receive a status message
*/ */
OPENSSL_free(s->tlsext_ocsp_resp); OPENSSL_free(s->ext.ocsp.resp);
s->ext.ocsp_resp = NULL; s->ext.ocsp.resp = NULL;
s->ext.ocsp_resplen = 0; s->ext.ocsp.resp_len = 0;
} }
return 1; return 1;
} }
static int final_status_request(SSL *s, unsigned int context, int sent,
int *al)
{
if (s->server)
return 1;
/*
* Ensure we get sensible values passed to ext.status_cb in the event
* that we don't receive a status message
*/
OPENSSL_free(s->ext.ocsp.resp);
s->ext.ocsp.resp = NULL;
s->ext.ocsp.resp_len = 0;
>>>>>>> Move extension data into sub-structs
return 1;
}
#endif #endif
#ifndef OPENSSL_NO_NEXTPROTONEG #ifndef OPENSSL_NO_NEXTPROTONEG
......
ssl/statem/statem_clnt.c
浏览文件 @ 8cbfcc70
...@@ -2204,18 +2204,18 @@ int tls_process_cert_status_body(SSL *s, PACKET *pkt, int *al) ...@@ -2204,18 +2204,18 @@ int tls_process_cert_status_body(SSL *s, PACKET *pkt, int *al)
SSLerr(SSL_F_TLS_PROCESS_CERT_STATUS_BODY, SSL_R_LENGTH_MISMATCH); SSLerr(SSL_F_TLS_PROCESS_CERT_STATUS_BODY, SSL_R_LENGTH_MISMATCH);
return 0; return 0;
} }
s->tlsext_ocsp_resp = OPENSSL_malloc(resplen); s->ext.ocsp.resp = OPENSSL_malloc(resplen);
if (s->ext.ocsp_resp == NULL) { if (s->ext.ocsp.resp == NULL) {
*al = SSL_AD_INTERNAL_ERROR; *al = SSL_AD_INTERNAL_ERROR;
SSLerr(SSL_F_TLS_PROCESS_CERT_STATUS_BODY, ERR_R_MALLOC_FAILURE); SSLerr(SSL_F_TLS_PROCESS_CERT_STATUS_BODY, ERR_R_MALLOC_FAILURE);
return 0; return 0;
} }
if (!PACKET_copy_bytes(pkt, s->ext.ocsp_resp, resplen)) { if (!PACKET_copy_bytes(pkt, s->ext.ocsp.resp, resplen)) {
*al = SSL_AD_DECODE_ERROR; *al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_TLS_PROCESS_CERT_STATUS_BODY, SSL_R_LENGTH_MISMATCH); SSLerr(SSL_F_TLS_PROCESS_CERT_STATUS_BODY, SSL_R_LENGTH_MISMATCH);
return 0; return 0;
} }
s->ext.ocsp_resplen = resplen; s->ext.ocsp.resp_len = resplen;
return 1; return 1;
} }
......
ssl/statem/statem_srvr.c
浏览文件 @ 8cbfcc70
...@@ -3465,10 +3465,9 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt) ...@@ -3465,10 +3465,9 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
*/ */
int tls_construct_cert_status_body(SSL *s, WPACKET *pkt) int tls_construct_cert_status_body(SSL *s, WPACKET *pkt)
{ {
<<<<<<< 3b72dcd5fb4d2c756a830dba1fc34f4a7ae61b73 if (!WPACKET_put_bytes_u8(pkt, s->ext.status_type)
if (!WPACKET_put_bytes_u8(pkt, s->tlsext_status_type) || !WPACKET_sub_memcpy_u24(pkt, s->ext.ocsp.resp,
|| !WPACKET_sub_memcpy_u24(pkt, s->tlsext_ocsp_resp, s->ext.ocsp.resp_len)) {
s->tlsext_ocsp_resplen)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CERT_STATUS_BODY, ERR_R_INTERNAL_ERROR); SSLerr(SSL_F_TLS_CONSTRUCT_CERT_STATUS_BODY, ERR_R_INTERNAL_ERROR);
return 0; return 0;
} }
...@@ -3479,12 +3478,6 @@ int tls_construct_cert_status_body(SSL *s, WPACKET *pkt) ...@@ -3479,12 +3478,6 @@ int tls_construct_cert_status_body(SSL *s, WPACKET *pkt)
int tls_construct_cert_status(SSL *s, WPACKET *pkt) int tls_construct_cert_status(SSL *s, WPACKET *pkt)
{ {
if (!tls_construct_cert_status_body(s, pkt)) { if (!tls_construct_cert_status_body(s, pkt)) {
=======
if (!WPACKET_put_bytes_u8(pkt, s->ext.status_type)
|| !WPACKET_sub_memcpy_u24(pkt, s->ext.ocsp.resp,
s->ext.ocsp.resp_len)) {
SSLerr(SSL_F_TLS_CONSTRUCT_CERT_STATUS, ERR_R_INTERNAL_ERROR);
>>>>>>> Move extension data into sub-structs
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR); ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
return 0; return 0;
} }
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册