Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
bf48836c
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
接近 2 年 前同步成功
通知
12
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
bf48836c
编写于
9月 05, 2010
作者:
B
Ben Laurie
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Fixes to NPN from Adam Langley.
上级
d9a268b9
变更
15
隐藏空白更改
内联
并排
Showing
15 changed file
with
57 addition
and
57 deletion
+57
-57
apps/apps.c
apps/apps.c
+3
-3
apps/apps.h
apps/apps.h
+1
-1
apps/s_client.c
apps/s_client.c
+8
-8
apps/s_server.c
apps/s_server.c
+9
-9
ssl/s3_both.c
ssl/s3_both.c
+3
-3
ssl/s3_clnt.c
ssl/s3_clnt.c
+3
-3
ssl/s3_lib.c
ssl/s3_lib.c
+1
-1
ssl/s3_pkt.c
ssl/s3_pkt.c
+2
-2
ssl/s3_srvr.c
ssl/s3_srvr.c
+5
-5
ssl/ssl.h
ssl/ssl.h
+3
-3
ssl/ssl3.h
ssl/ssl3.h
+4
-4
ssl/ssl_lib.c
ssl/ssl_lib.c
+4
-4
ssl/ssl_locl.h
ssl/ssl_locl.h
+2
-2
ssl/t1_lib.c
ssl/t1_lib.c
+8
-8
ssl/tls1.h
ssl/tls1.h
+1
-1
未找到文件。
apps/apps.c
浏览文件 @
bf48836c
...
...
@@ -3032,7 +3032,7 @@ int raw_write_stdout(const void *buf,int siz)
{
return
write
(
fileno
(
stdout
),
buf
,
siz
);
}
#endif
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_N
PN
)
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_N
EXTPROTONEG
)
/* next_protos_parse parses a comma separated list of strings into a string
* in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
* outlen: (output) set to the length of the resulting buffer on success.
...
...
@@ -3047,7 +3047,7 @@ unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
size_t
i
,
start
=
0
;
len
=
strlen
(
in
);
if
(
len
>
65535
)
if
(
len
>
=
65535
)
return
NULL
;
out
=
OPENSSL_malloc
(
strlen
(
in
)
+
1
);
...
...
@@ -3073,4 +3073,4 @@ unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
*
outlen
=
len
+
1
;
return
out
;
}
#endif
/* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_N
PN
*/
#endif
/* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_N
EXTPROTONEG
*/
apps/apps.h
浏览文件 @
bf48836c
...
...
@@ -365,6 +365,6 @@ int raw_write_stdout(const void *,int);
double
app_tminterval
(
int
stop
,
int
usertime
);
#endif
#ifndef OPENSSL_NO_N
PN
#ifndef OPENSSL_NO_N
EXTPROTONEG
unsigned
char
*
next_protos_parse
(
unsigned
short
*
outlen
,
const
char
*
in
);
#endif
apps/s_client.c
浏览文件 @
bf48836c
...
...
@@ -343,7 +343,7 @@ static void sc_usage(void)
BIO_printf
(
bio_err
,
" -tlsextdebug - hex dump of all TLS extensions received
\n
"
);
BIO_printf
(
bio_err
,
" -status - request certificate status from server
\n
"
);
BIO_printf
(
bio_err
,
" -no_ticket - disable use of RFC4507bis session tickets
\n
"
);
# ifndef OPENSSL_NO_N
PN
# ifndef OPENSSL_NO_N
EXTPROTONEG
BIO_printf
(
bio_err
,
" -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)
\n
"
);
# endif
#endif
...
...
@@ -371,7 +371,7 @@ static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg)
return
SSL_TLSEXT_ERR_OK
;
}
# ifndef OPENSSL_NO_N
PN
# ifndef OPENSSL_NO_N
EXTPROTONEG
/* This the context that we pass to next_proto_cb */
typedef
struct
tlsextnextprotoctx_st
{
unsigned
char
*
data
;
...
...
@@ -403,7 +403,7 @@ static int next_proto_cb(SSL *s, unsigned char **out, unsigned char *outlen, con
ctx
->
status
=
SSL_select_next_proto
(
out
,
outlen
,
in
,
inlen
,
ctx
->
data
,
ctx
->
len
);
return
SSL_TLSEXT_ERR_OK
;
}
# endif
/* ndef OPENSSL_NO_N
PN
*/
# endif
/* ndef OPENSSL_NO_N
EXTPROTONEG
*/
#endif
enum
...
...
@@ -467,7 +467,7 @@ int MAIN(int argc, char **argv)
char
*
servername
=
NULL
;
tlsextctx
tlsextcbp
=
{
NULL
,
0
};
# ifndef OPENSSL_NO_N
PN
# ifndef OPENSSL_NO_N
EXTPROTONEG
const
char
*
next_proto_neg_in
=
NULL
;
# endif
#endif
...
...
@@ -701,7 +701,7 @@ int MAIN(int argc, char **argv)
#ifndef OPENSSL_NO_TLSEXT
else
if
(
strcmp
(
*
argv
,
"-no_ticket"
)
==
0
)
{
off
|=
SSL_OP_NO_TICKET
;
}
# ifndef OPENSSL_NO_N
PN
# ifndef OPENSSL_NO_N
EXTPROTONEG
else
if
(
strcmp
(
*
argv
,
"-nextprotoneg"
)
==
0
)
{
if
(
--
argc
<
1
)
goto
bad
;
...
...
@@ -814,7 +814,7 @@ bad:
OpenSSL_add_ssl_algorithms
();
SSL_load_error_strings
();
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_N
PN
)
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_N
EXTPROTONEG
)
next_proto
.
status
=
-
1
;
if
(
next_proto_neg_in
)
{
...
...
@@ -950,7 +950,7 @@ bad:
*/
if
(
socket_type
==
SOCK_DGRAM
)
SSL_CTX_set_read_ahead
(
ctx
,
1
);
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_N
PN
)
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_N
EXTPROTONEG
)
if
(
next_proto
.
data
)
SSL_CTX_set_next_proto_select_cb
(
ctx
,
next_proto_cb
,
&
next_proto
);
#endif
...
...
@@ -1815,7 +1815,7 @@ static void print_stuff(BIO *bio, SSL *s, int full)
expansion
?
SSL_COMP_get_name
(
expansion
)
:
"NONE"
);
#endif
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_N
PN
)
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_N
EXTPROTONEG
)
if
(
next_proto
.
status
!=
-
1
)
{
const
unsigned
char
*
proto
;
unsigned
int
proto_len
;
...
...
apps/s_server.c
浏览文件 @
bf48836c
...
...
@@ -496,12 +496,12 @@ static void sv_usage(void)
BIO_printf
(
bio_err
,
" (default is %s)
\n
"
,
TEST_CERT2
);
BIO_printf
(
bio_err
,
" -key2 arg - Private Key file to use for servername, in cert file if
\n
"
);
BIO_printf
(
bio_err
,
" not specified (default is %s)
\n
"
,
TEST_CERT2
);
# ifndef OPENSSL_NO_NPN
BIO_printf
(
bio_err
,
" -tlsextdebug - hex dump of all TLS extensions received
\n
"
);
# endif
BIO_printf
(
bio_err
,
" -no_ticket - disable use of RFC4507bis session tickets
\n
"
);
BIO_printf
(
bio_err
,
" -legacy_renegotiation - enable use of legacy renegotiation (dangerous)
\n
"
);
# ifndef OPENSSL_NO_NEXTPROTONEG
BIO_printf
(
bio_err
,
" -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)
\n
"
);
# endif
#endif
}
...
...
@@ -837,7 +837,7 @@ BIO_printf(err, "cert_status: received %d ids\n", sk_OCSP_RESPID_num(ids));
goto
done
;
}
# ifndef OPENSSL_NO_N
PN
# ifndef OPENSSL_NO_N
EXTPROTONEG
/* This is the context that we pass to next_proto_cb */
typedef
struct
tlsextnextprotoctx_st
{
unsigned
char
*
data
;
...
...
@@ -901,7 +901,7 @@ int MAIN(int argc, char *argv[])
#endif
#ifndef OPENSSL_NO_TLSEXT
tlsextctx
tlsextcbp
=
{
NULL
,
NULL
,
SSL_TLSEXT_ERR_ALERT_WARNING
};
# ifndef OPENSSL_NO_N
PN
# ifndef OPENSSL_NO_N
EXTPROTONEG
const
char
*
next_proto_neg_in
=
NULL
;
tlsextnextprotoctx
next_proto
;
# endif
...
...
@@ -1237,7 +1237,7 @@ int MAIN(int argc, char *argv[])
if
(
--
argc
<
1
)
goto
bad
;
s_key_file2
=
*
(
++
argv
);
}
# ifndef OPENSSL_NO_N
PN
# ifndef OPENSSL_NO_N
EXTPROTONEG
else
if
(
strcmp
(
*
argv
,
"-nextprotoneg"
)
==
0
)
{
if
(
--
argc
<
1
)
goto
bad
;
...
...
@@ -1348,7 +1348,7 @@ bad:
goto
end
;
}
}
# ifndef OPENSSL_NO_N
PN
# ifndef OPENSSL_NO_N
EXTPROTONEG
if
(
next_proto_neg_in
)
{
unsigned
short
len
;
...
...
@@ -1548,7 +1548,7 @@ bad:
SSL_CTX_set1_param
(
ctx2
,
vpm
);
}
# ifndef OPENSSL_NO_N
PN
# ifndef OPENSSL_NO_N
EXTPROTONEG
if
(
next_proto
.
data
)
SSL_CTX_set_next_protos_advertised_cb
(
ctx
,
next_proto_cb
,
&
next_proto
);
# endif
...
...
@@ -2245,7 +2245,7 @@ static int init_ssl_connection(SSL *con)
X509
*
peer
;
long
verify_error
;
MS_STATIC
char
buf
[
BUFSIZ
];
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_N
PN
)
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_N
EXTPROTONEG
)
const
unsigned
char
*
next_proto_neg
;
unsigned
next_proto_neg_len
;
#endif
...
...
@@ -2288,7 +2288,7 @@ static int init_ssl_connection(SSL *con)
BIO_printf
(
bio_s_out
,
"Shared ciphers:%s
\n
"
,
buf
);
str
=
SSL_CIPHER_get_name
(
SSL_get_current_cipher
(
con
));
BIO_printf
(
bio_s_out
,
"CIPHER is %s
\n
"
,(
str
!=
NULL
)
?
str
:
"(NONE)"
);
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_N
PN
)
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_N
EXTPROTONEG
)
SSL_get0_next_proto_negotiated
(
con
,
&
next_proto_neg
,
&
next_proto_neg_len
);
if
(
next_proto_neg
)
{
...
...
ssl/s3_both.c
浏览文件 @
bf48836c
...
...
@@ -202,7 +202,7 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
return
(
ssl3_do_write
(
s
,
SSL3_RT_HANDSHAKE
));
}
#ifndef OPENSSL_NO_N
PN
#ifndef OPENSSL_NO_N
EXTPROTONEG
/* ssl3_take_mac calculates the Finished MAC for the handshakes messages seen to far. */
static
void
ssl3_take_mac
(
SSL
*
s
)
{
...
...
@@ -231,7 +231,7 @@ int ssl3_get_finished(SSL *s, int a, int b)
long
n
;
unsigned
char
*
p
;
#ifdef OPENSSL_NO_N
PN
#ifdef OPENSSL_NO_N
EXTPROTONEG
/* the mac has already been generated when we received the
* change cipher spec message and is in s->s3->tmp.peer_finish_md
*/
...
...
@@ -540,7 +540,7 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
n
-=
i
;
}
#ifndef OPENSSL_NO_N
PN
#ifndef OPENSSL_NO_N
EXTPROTONEG
/* If receiving Finished, record MAC of prior handshake messages for
* Finished verification. */
if
(
*
s
->
init_buf
->
data
==
SSL3_MT_FINISHED
)
...
...
ssl/s3_clnt.c
浏览文件 @
bf48836c
...
...
@@ -424,7 +424,7 @@ int ssl3_connect(SSL *s)
SSL3_ST_CW_CHANGE_A
,
SSL3_ST_CW_CHANGE_B
);
if
(
ret
<=
0
)
goto
end
;
#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_N
PN
)
#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_N
EXTPROTONEG
)
s
->
state
=
SSL3_ST_CW_FINISHED_A
;
#else
if
(
s
->
next_proto_negotiated
)
...
...
@@ -459,7 +459,7 @@ int ssl3_connect(SSL *s)
break
;
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_N
PN
)
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_N
EXTPROTONEG
)
case
SSL3_ST_CW_NEXT_PROTO_A
:
case
SSL3_ST_CW_NEXT_PROTO_B
:
ret
=
ssl3_send_next_proto
(
s
);
...
...
@@ -3018,7 +3018,7 @@ err:
*/
#ifndef OPENSSL_NO_TLSEXT
# ifndef OPENSSL_NO_N
PN
# ifndef OPENSSL_NO_N
EXTPROTONEG
int
ssl3_send_next_proto
(
SSL
*
s
)
{
unsigned
int
len
,
padding_len
;
...
...
ssl/s3_lib.c
浏览文件 @
bf48836c
...
...
@@ -2231,7 +2231,7 @@ void ssl3_clear(SSL *s)
s
->
s3
->
in_read_app_data
=
0
;
s
->
version
=
SSL3_VERSION
;
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_N
PN
)
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_N
EXTPROTONEG
)
if
(
s
->
next_proto_negotiated
)
{
OPENSSL_free
(
s
->
next_proto_negotiated
);
...
...
ssl/s3_pkt.c
浏览文件 @
bf48836c
...
...
@@ -1375,7 +1375,7 @@ err:
int
ssl3_do_change_cipher_spec
(
SSL
*
s
)
{
int
i
;
#ifdef OPENSSL_NO_N
PN
#ifdef OPENSSL_NO_N
EXTPROTONEG
const
char
*
sender
;
int
slen
;
#endif
...
...
@@ -1401,7 +1401,7 @@ int ssl3_do_change_cipher_spec(SSL *s)
if
(
!
s
->
method
->
ssl3_enc
->
change_cipher_state
(
s
,
i
))
return
(
0
);
#ifdef OPENSSL_NO_N
PN
#ifdef OPENSSL_NO_N
EXTPROTONEG
/* we have to record the message digest at
* this point so we can get it before we read
* the finished message */
...
...
ssl/s3_srvr.c
浏览文件 @
bf48836c
...
...
@@ -538,7 +538,7 @@ int ssl3_accept(SSL *s)
* the client uses its key from the certificate
* for key exchange.
*/
#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_N
PN
)
#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_N
EXTPROTONEG
)
s
->
state
=
SSL3_ST_SR_FINISHED_A
;
#else
if
(
s
->
s3
->
next_proto_neg_seen
)
...
...
@@ -588,7 +588,7 @@ int ssl3_accept(SSL *s)
ret
=
ssl3_get_cert_verify
(
s
);
if
(
ret
<=
0
)
goto
end
;
#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_N
PN
)
#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_N
EXTPROTONEG
)
s
->
state
=
SSL3_ST_SR_FINISHED_A
;
#else
if
(
s
->
s3
->
next_proto_neg_seen
)
...
...
@@ -599,7 +599,7 @@ int ssl3_accept(SSL *s)
s
->
init_num
=
0
;
break
;
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_N
PN
)
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_N
EXTPROTONEG
)
case
SSL3_ST_SR_NEXT_PROTO_A
:
case
SSL3_ST_SR_NEXT_PROTO_B
:
ret
=
ssl3_get_next_proto
(
s
);
...
...
@@ -680,7 +680,7 @@ int ssl3_accept(SSL *s)
s
->
state
=
SSL3_ST_SW_FLUSH
;
if
(
s
->
hit
)
{
#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_N
PN
)
#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_N
EXTPROTONEG
)
s
->
s3
->
tmp
.
next_state
=
SSL3_ST_SR_FINISHED_A
;
#else
if
(
s
->
s3
->
next_proto_neg_seen
)
...
...
@@ -3242,7 +3242,7 @@ int ssl3_get_next_proto(SSL *s)
SSL3_ST_SR_NEXT_PROTO_A
,
SSL3_ST_SR_NEXT_PROTO_B
,
SSL3_MT_NEXT_PROTO
,
129
,
514
,
/* See the payload format below */
&
ok
);
if
(
!
ok
)
...
...
ssl/ssl.h
浏览文件 @
bf48836c
...
...
@@ -860,7 +860,7 @@ struct ssl_ctx_st
int
(
*
tlsext_opaque_prf_input_callback
)(
SSL
*
,
void
*
peerinput
,
size_t
len
,
void
*
arg
);
void
*
tlsext_opaque_prf_input_callback_arg
;
# ifndef OPENSSL_NO_N
PN
# ifndef OPENSSL_NO_N
EXTPROTONEG
/* Next protocol negotiation information */
/* (for experimental NPN extension). */
...
...
@@ -949,7 +949,7 @@ int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e);
#endif
void
SSL_CTX_set_cookie_generate_cb
(
SSL_CTX
*
ctx
,
int
(
*
app_gen_cookie_cb
)(
SSL
*
ssl
,
unsigned
char
*
cookie
,
unsigned
int
*
cookie_len
));
void
SSL_CTX_set_cookie_verify_cb
(
SSL_CTX
*
ctx
,
int
(
*
app_verify_cookie_cb
)(
SSL
*
ssl
,
unsigned
char
*
cookie
,
unsigned
int
cookie_len
));
#ifndef OPENSSL_NO_N
PN
#ifndef OPENSSL_NO_N
EXTPROTONEG
void
SSL_CTX_set_next_protos_advertised_cb
(
SSL_CTX
*
s
,
int
(
*
cb
)
(
SSL
*
ssl
,
const
unsigned
char
**
out
,
...
...
@@ -1236,7 +1236,7 @@ struct ssl_st
SSL_CTX
*
initial_ctx
;
/* initial ctx, used to store sessions */
#ifndef OPENSSL_NO_N
PN
#ifndef OPENSSL_NO_N
EXTPROTONEG
/* Next protocol negotiation. For the client, this is the protocol that
* we sent in NextProtocol and is set when handling ServerHello
* extensions.
...
...
ssl/ssl3.h
浏览文件 @
bf48836c
...
...
@@ -455,7 +455,7 @@ typedef struct ssl3_state_st
void
*
server_opaque_prf_input
;
size_t
server_opaque_prf_input_len
;
#ifndef OPENSSL_NO_N
PN
#ifndef OPENSSL_NO_N
EXTPROTONEG
/* Set if we saw the Next Protocol Negotiation extension from
our peer. */
int
next_proto_neg_seen
;
...
...
@@ -552,7 +552,7 @@ typedef struct ssl3_state_st
#define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT)
#define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT)
#define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT)
#ifndef OPENSSL_NO_N
PN
#ifndef OPENSSL_NO_N
EXTPROTONEG
#define SSL3_ST_CW_NEXT_PROTO_A (0x200|SSL_ST_CONNECT)
#define SSL3_ST_CW_NEXT_PROTO_B (0x201|SSL_ST_CONNECT)
#endif
...
...
@@ -601,7 +601,7 @@ typedef struct ssl3_state_st
#define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT)
#define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT)
#define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT)
#ifndef OPENSSL_NO_N
PN
#ifndef OPENSSL_NO_N
EXTPROTONEG
#define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT)
#define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT)
#endif
...
...
@@ -629,7 +629,7 @@ typedef struct ssl3_state_st
#define SSL3_MT_CLIENT_KEY_EXCHANGE 16
#define SSL3_MT_FINISHED 20
#define SSL3_MT_CERTIFICATE_STATUS 22
#ifndef OPENSSL_NO_N
PN
#ifndef OPENSSL_NO_N
EXTPROTONEG
#define SSL3_MT_NEXT_PROTO 67
#endif
#define DTLS1_MT_HELLO_VERIFY_REQUEST 3
...
...
ssl/ssl_lib.c
浏览文件 @
bf48836c
...
...
@@ -354,7 +354,7 @@ SSL *SSL_new(SSL_CTX *ctx)
s
->
tlsext_ocsp_resplen
=
-
1
;
CRYPTO_add
(
&
ctx
->
references
,
1
,
CRYPTO_LOCK_SSL_CTX
);
s
->
initial_ctx
=
ctx
;
# ifndef OPENSSL_NO_N
PN
# ifndef OPENSSL_NO_N
EXTPROTONEG
s
->
next_proto_negotiated
=
NULL
;
# endif
#endif
...
...
@@ -590,7 +590,7 @@ void SSL_free(SSL *s)
kssl_ctx_free
(
s
->
kssl_ctx
);
#endif
/* OPENSSL_NO_KRB5 */
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_N
PN
)
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_N
EXTPROTONEG
)
if
(
s
->
next_proto_negotiated
)
OPENSSL_free
(
s
->
next_proto_negotiated
);
#endif
...
...
@@ -1497,7 +1497,7 @@ int SSL_get_servername_type(const SSL *s)
return
-
1
;
}
# ifndef OPENSSL_NO_N
PN
# ifndef OPENSSL_NO_N
EXTPROTONEG
/* SSL_select_next_proto implements the standard protocol selection. It is
* expected that this function is called from the callback set by
* SSL_CTX_set_next_proto_select_cb.
...
...
@@ -1778,7 +1778,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
ret
->
tlsext_status_cb
=
0
;
ret
->
tlsext_status_arg
=
NULL
;
# ifndef OPENSSL_NO_N
PN
# ifndef OPENSSL_NO_N
EXTPROTONEG
ret
->
next_protos_advertised_cb
=
0
;
ret
->
next_proto_select_cb
=
0
;
# endif
...
...
ssl/ssl_locl.h
浏览文件 @
bf48836c
...
...
@@ -968,7 +968,7 @@ int ssl3_get_server_certificate(SSL *s);
int
ssl3_check_cert_and_algorithm
(
SSL
*
s
);
#ifndef OPENSSL_NO_TLSEXT
int
ssl3_check_finished
(
SSL
*
s
);
# ifndef OPENSSL_NO_N
PN
# ifndef OPENSSL_NO_N
EXTPROTONEG
int
ssl3_send_next_proto
(
SSL
*
s
);
# endif
#endif
...
...
@@ -989,7 +989,7 @@ int ssl3_check_client_hello(SSL *s);
int
ssl3_get_client_certificate
(
SSL
*
s
);
int
ssl3_get_client_key_exchange
(
SSL
*
s
);
int
ssl3_get_cert_verify
(
SSL
*
s
);
#ifndef OPENSSL_NO_N
PN
#ifndef OPENSSL_NO_N
EXTPROTONEG
int
ssl3_get_next_proto
(
SSL
*
s
);
#endif
...
...
ssl/t1_lib.c
浏览文件 @
bf48836c
...
...
@@ -494,7 +494,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
i2d_X509_EXTENSIONS
(
s
->
tlsext_ocsp_exts
,
&
ret
);
}
#ifndef OPENSSL_NO_N
PN
#ifndef OPENSSL_NO_N
EXTPROTONEG
if
(
s
->
ctx
->
next_proto_select_cb
&&
!
s
->
s3
->
tmp
.
finish_md_len
)
{
/* The client advertises an emtpy extension to indicate its
...
...
@@ -517,8 +517,8 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha
{
int
extdatalen
=
0
;
unsigned
char
*
ret
=
p
;
#ifndef OPENSSL_NO_N
PN
char
next_proto_neg_seen
;
#ifndef OPENSSL_NO_N
EXTPROTONEG
int
next_proto_neg_seen
;
#endif
/* don't add extensions for SSLv3, unless doing secure renegotiation */
...
...
@@ -633,7 +633,7 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha
}
#ifndef OPENSSL_NO_N
PN
#ifndef OPENSSL_NO_N
EXTPROTONEG
next_proto_neg_seen
=
s
->
s3
->
next_proto_neg_seen
;
s
->
s3
->
next_proto_neg_seen
=
0
;
if
(
next_proto_neg_seen
&&
s
->
ctx
->
next_protos_advertised_cb
)
...
...
@@ -995,7 +995,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
else
s
->
tlsext_status_type
=
-
1
;
}
#ifndef OPENSSL_NO_N
PN
#ifndef OPENSSL_NO_N
EXTPROTONEG
else
if
(
type
==
TLSEXT_TYPE_next_proto_neg
&&
s
->
s3
->
tmp
.
finish_md_len
==
0
)
{
...
...
@@ -1040,11 +1040,11 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
return
1
;
}
#ifndef OPENSSL_NO_N
PN
#ifndef OPENSSL_NO_N
EXTPROTONEG
/* ssl_next_proto_validate validates a Next Protocol Negotiation block. No
* elements of zero length are allowed and the set of elements must exactly fill
* the length of the block. */
static
char
ssl_next_proto_validate
(
unsigned
char
*
d
,
unsigned
len
)
static
int
ssl_next_proto_validate
(
unsigned
char
*
d
,
unsigned
len
)
{
unsigned
int
off
=
0
;
...
...
@@ -1194,7 +1194,7 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
/* Set flag to expect CertificateStatus message */
s
->
tlsext_status_expected
=
1
;
}
#ifndef OPENSSL_NO_N
PN
#ifndef OPENSSL_NO_N
EXTPROTONEG
else
if
(
type
==
TLSEXT_TYPE_next_proto_neg
)
{
unsigned
char
*
selected
;
...
...
ssl/tls1.h
浏览文件 @
bf48836c
...
...
@@ -208,7 +208,7 @@ extern "C" {
/* Temporary extension type */
#define TLSEXT_TYPE_renegotiate 0xff01
#ifndef OPENSSL_NO_N
PN
#ifndef OPENSSL_NO_N
EXTPROTONEG
/* This is not an IANA defined extension number */
#define TLSEXT_TYPE_next_proto_neg 13172
#endif
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录