Remove serverinfo checks. (707b026d) · Commits · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

ssl/s3_lib.c

+0 −10

Original line number	Diff line number	Diff line
		@@ -3344,10 +3344,6 @@ void ssl3_free(SSL *s)

		#ifndef OPENSSL_NO_SRP
		SSL_SRP_CTX_free(s);
		#endif
		#ifndef OPENSSL_NO_TLSEXT
		if (s->s3->serverinfo_client_tlsext_custom_types != NULL)
		OPENSSL_free(s->s3->serverinfo_client_tlsext_custom_types);
		#endif
		OPENSSL_cleanse(s->s3,sizeof *s->s3);
		OPENSSL_free(s->s3);
		@@ -3393,12 +3389,6 @@ void ssl3_clear(SSL *s)
		}
		#endif
		#ifndef OPENSSL_NO_TLSEXT
		if (s->s3->serverinfo_client_tlsext_custom_types != NULL)
		{
		OPENSSL_free(s->s3->serverinfo_client_tlsext_custom_types);
		s->s3->serverinfo_client_tlsext_custom_types = NULL;
		}
		s->s3->serverinfo_client_tlsext_custom_types_count = 0;
		#ifndef OPENSSL_NO_EC
		s->s3->is_probably_safari = 0;
		#endif /* !OPENSSL_NO_EC */

ssl/ssl3.h

+0 −6

Original line number	Diff line number	Diff line
		@@ -584,12 +584,6 @@ typedef struct ssl3_state_st
		#endif

		#ifndef OPENSSL_NO_TLSEXT
		/* serverinfo_client_tlsext_custom_types contains an array of TLS Extension types which
		* were advertised by the client in its ClientHello and leveraged by ServerInfo TLS extension callbacks.
		* The array does not contain any duplicates, and is in the same order
		* as the types were received in the client hello. */
		unsigned short *serverinfo_client_tlsext_custom_types;
		size_t serverinfo_client_tlsext_custom_types_count; /* how many serverinfo_client_tlsext_custom_types */

		/* ALPN information
		* (we are in the process of transitioning from NPN to ALPN.) */

ssl/ssl_rsa.c

+0 −39

Original line number	Diff line number	Diff line
		@@ -863,7 +863,6 @@ static int serverinfo_srv_first_cb(SSL *s, unsigned short ext_type,
		unsigned short inlen, int *al,
		void *arg)
		{
		size_t i = 0;

		if (inlen != 0)
		{
		@@ -871,28 +870,6 @@ static int serverinfo_srv_first_cb(SSL *s, unsigned short ext_type,
		return 0;
		}

		/* if already in list, error out */
		for (i = 0; i < s->s3->serverinfo_client_tlsext_custom_types_count; i++)
		{
		if (s->s3->serverinfo_client_tlsext_custom_types[i] == ext_type)
		{
		*al = SSL_AD_DECODE_ERROR;
		return 0;
		}
		}
		s->s3->serverinfo_client_tlsext_custom_types_count++;
		s->s3->serverinfo_client_tlsext_custom_types = OPENSSL_realloc(
		s->s3->serverinfo_client_tlsext_custom_types,
		s->s3->serverinfo_client_tlsext_custom_types_count * 2);
		if (s->s3->serverinfo_client_tlsext_custom_types == NULL)
		{
		s->s3->serverinfo_client_tlsext_custom_types_count = 0;
		*al = TLS1_AD_INTERNAL_ERROR;
		return 0;
		}
		s->s3->serverinfo_client_tlsext_custom_types[
		s->s3->serverinfo_client_tlsext_custom_types_count - 1] = ext_type;

		return 1;
		}

		@@ -902,22 +879,6 @@ static int serverinfo_srv_second_cb(SSL *s, unsigned short ext_type,
		{
		const unsigned char *serverinfo = NULL;
		size_t serverinfo_length = 0;
		size_t i = 0;
		unsigned int match = 0;
		/* Did the client send a TLS extension for this type? */
		for (i = 0; i < s->s3->serverinfo_client_tlsext_custom_types_count; i++)
		{
		if (s->s3->serverinfo_client_tlsext_custom_types[i] == ext_type)
		{
		match = 1;
		break;
		}
		}
		if (!match)
		{
		/* extension not sent by client...don't send extension */
		return -1;
		}

		/* Is there serverinfo data for the chosen server cert? */
		if ((ssl_get_server_cert_serverinfo(s, &serverinfo,

ssl/t1_lib.c

+0 −8

Original line number	Diff line number	Diff line
		@@ -1929,14 +1929,6 @@ static int ssl_scan_clienthello_tlsext(SSL s, unsigned char *p, unsigned char
		s->s3->alpn_selected = NULL;
		}

		/* Clear observed custom extensions */
		s->s3->serverinfo_client_tlsext_custom_types_count = 0;
		if (s->s3->serverinfo_client_tlsext_custom_types != NULL)
		{
		OPENSSL_free(s->s3->serverinfo_client_tlsext_custom_types);
		s->s3->serverinfo_client_tlsext_custom_types = NULL;
		}

		#ifndef OPENSSL_NO_HEARTBEATS
		s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED \|
		SSL_TLSEXT_HB_DONT_SEND_REQUESTS);