Loading apps/apps.c +3 −3 Original line number Diff line number Diff line Loading @@ -3032,7 +3032,7 @@ int raw_write_stdout(const void *buf,int siz) { return write(fileno(stdout),buf,siz); } #endif #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NPN) #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) /* next_protos_parse parses a comma separated list of strings into a string * in a format suitable for passing to SSL_CTX_set_next_protos_advertised. * outlen: (output) set to the length of the resulting buffer on success. Loading @@ -3047,7 +3047,7 @@ unsigned char *next_protos_parse(unsigned short *outlen, const char *in) size_t i, start = 0; len = strlen(in); if (len > 65535) if (len >= 65535) return NULL; out = OPENSSL_malloc(strlen(in) + 1); Loading @@ -3073,4 +3073,4 @@ unsigned char *next_protos_parse(unsigned short *outlen, const char *in) *outlen = len + 1; return out; } #endif /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NPN */ #endif /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NEXTPROTONEG */ apps/apps.h +1 −1 Original line number Diff line number Diff line Loading @@ -365,6 +365,6 @@ int raw_write_stdout(const void *,int); double app_tminterval (int stop,int usertime); #endif #ifndef OPENSSL_NO_NPN #ifndef OPENSSL_NO_NEXTPROTONEG unsigned char *next_protos_parse(unsigned short *outlen, const char *in); #endif apps/s_client.c +8 −8 Original line number Diff line number Diff line Loading @@ -343,7 +343,7 @@ static void sc_usage(void) BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); BIO_printf(bio_err," -status - request certificate status from server\n"); BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); # ifndef OPENSSL_NO_NPN # ifndef OPENSSL_NO_NEXTPROTONEG BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n"); # endif #endif Loading Loading @@ -371,7 +371,7 @@ static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg) return SSL_TLSEXT_ERR_OK; } # ifndef OPENSSL_NO_NPN # ifndef OPENSSL_NO_NEXTPROTONEG /* This the context that we pass to next_proto_cb */ typedef struct tlsextnextprotoctx_st { unsigned char *data; Loading Loading @@ -403,7 +403,7 @@ static int next_proto_cb(SSL *s, unsigned char **out, unsigned char *outlen, con ctx->status = SSL_select_next_proto(out, outlen, in, inlen, ctx->data, ctx->len); return SSL_TLSEXT_ERR_OK; } # endif /* ndef OPENSSL_NO_NPN */ # endif /* ndef OPENSSL_NO_NEXTPROTONEG */ #endif enum Loading Loading @@ -467,7 +467,7 @@ int MAIN(int argc, char **argv) char *servername = NULL; tlsextctx tlsextcbp = {NULL,0}; # ifndef OPENSSL_NO_NPN # ifndef OPENSSL_NO_NEXTPROTONEG const char *next_proto_neg_in = NULL; # endif #endif Loading Loading @@ -701,7 +701,7 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_TLSEXT else if (strcmp(*argv,"-no_ticket") == 0) { off|=SSL_OP_NO_TICKET; } # ifndef OPENSSL_NO_NPN # ifndef OPENSSL_NO_NEXTPROTONEG else if (strcmp(*argv,"-nextprotoneg") == 0) { if (--argc < 1) goto bad; Loading Loading @@ -814,7 +814,7 @@ bad: OpenSSL_add_ssl_algorithms(); SSL_load_error_strings(); #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NPN) #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) next_proto.status = -1; if (next_proto_neg_in) { Loading Loading @@ -950,7 +950,7 @@ bad: */ if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1); #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NPN) #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) if (next_proto.data) SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto); #endif Loading Loading @@ -1815,7 +1815,7 @@ static void print_stuff(BIO *bio, SSL *s, int full) expansion ? SSL_COMP_get_name(expansion) : "NONE"); #endif #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NPN) #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) if (next_proto.status != -1) { const unsigned char *proto; unsigned int proto_len; Loading apps/s_server.c +9 −9 Original line number Diff line number Diff line Loading @@ -496,12 +496,12 @@ static void sv_usage(void) BIO_printf(bio_err," (default is %s)\n",TEST_CERT2); BIO_printf(bio_err," -key2 arg - Private Key file to use for servername, in cert file if\n"); BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT2); # ifndef OPENSSL_NO_NPN BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); # endif BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n"); # ifndef OPENSSL_NO_NEXTPROTONEG BIO_printf(bio_err," -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n"); # endif #endif } Loading Loading @@ -837,7 +837,7 @@ BIO_printf(err, "cert_status: received %d ids\n", sk_OCSP_RESPID_num(ids)); goto done; } # ifndef OPENSSL_NO_NPN # ifndef OPENSSL_NO_NEXTPROTONEG /* This is the context that we pass to next_proto_cb */ typedef struct tlsextnextprotoctx_st { unsigned char *data; Loading Loading @@ -901,7 +901,7 @@ int MAIN(int argc, char *argv[]) #endif #ifndef OPENSSL_NO_TLSEXT tlsextctx tlsextcbp = {NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING}; # ifndef OPENSSL_NO_NPN # ifndef OPENSSL_NO_NEXTPROTONEG const char *next_proto_neg_in = NULL; tlsextnextprotoctx next_proto; # endif Loading Loading @@ -1237,7 +1237,7 @@ int MAIN(int argc, char *argv[]) if (--argc < 1) goto bad; s_key_file2= *(++argv); } # ifndef OPENSSL_NO_NPN # ifndef OPENSSL_NO_NEXTPROTONEG else if (strcmp(*argv,"-nextprotoneg") == 0) { if (--argc < 1) goto bad; Loading Loading @@ -1348,7 +1348,7 @@ bad: goto end; } } # ifndef OPENSSL_NO_NPN # ifndef OPENSSL_NO_NEXTPROTONEG if (next_proto_neg_in) { unsigned short len; Loading Loading @@ -1548,7 +1548,7 @@ bad: SSL_CTX_set1_param(ctx2, vpm); } # ifndef OPENSSL_NO_NPN # ifndef OPENSSL_NO_NEXTPROTONEG if (next_proto.data) SSL_CTX_set_next_protos_advertised_cb(ctx, next_proto_cb, &next_proto); # endif Loading Loading @@ -2245,7 +2245,7 @@ static int init_ssl_connection(SSL *con) X509 *peer; long verify_error; MS_STATIC char buf[BUFSIZ]; #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NPN) #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) const unsigned char *next_proto_neg; unsigned next_proto_neg_len; #endif Loading Loading @@ -2288,7 +2288,7 @@ static int init_ssl_connection(SSL *con) BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf); str=SSL_CIPHER_get_name(SSL_get_current_cipher(con)); BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)"); #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NPN) #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len); if (next_proto_neg) { Loading ssl/s3_both.c +3 −3 Original line number Diff line number Diff line Loading @@ -202,7 +202,7 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen) return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); } #ifndef OPENSSL_NO_NPN #ifndef OPENSSL_NO_NEXTPROTONEG /* ssl3_take_mac calculates the Finished MAC for the handshakes messages seen to far. */ static void ssl3_take_mac(SSL *s) { Loading Loading @@ -231,7 +231,7 @@ int ssl3_get_finished(SSL *s, int a, int b) long n; unsigned char *p; #ifdef OPENSSL_NO_NPN #ifdef OPENSSL_NO_NEXTPROTONEG /* the mac has already been generated when we received the * change cipher spec message and is in s->s3->tmp.peer_finish_md */ Loading Loading @@ -540,7 +540,7 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) n -= i; } #ifndef OPENSSL_NO_NPN #ifndef OPENSSL_NO_NEXTPROTONEG /* If receiving Finished, record MAC of prior handshake messages for * Finished verification. */ if (*s->init_buf->data == SSL3_MT_FINISHED) Loading Loading
apps/apps.c +3 −3 Original line number Diff line number Diff line Loading @@ -3032,7 +3032,7 @@ int raw_write_stdout(const void *buf,int siz) { return write(fileno(stdout),buf,siz); } #endif #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NPN) #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) /* next_protos_parse parses a comma separated list of strings into a string * in a format suitable for passing to SSL_CTX_set_next_protos_advertised. * outlen: (output) set to the length of the resulting buffer on success. Loading @@ -3047,7 +3047,7 @@ unsigned char *next_protos_parse(unsigned short *outlen, const char *in) size_t i, start = 0; len = strlen(in); if (len > 65535) if (len >= 65535) return NULL; out = OPENSSL_malloc(strlen(in) + 1); Loading @@ -3073,4 +3073,4 @@ unsigned char *next_protos_parse(unsigned short *outlen, const char *in) *outlen = len + 1; return out; } #endif /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NPN */ #endif /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NEXTPROTONEG */
apps/apps.h +1 −1 Original line number Diff line number Diff line Loading @@ -365,6 +365,6 @@ int raw_write_stdout(const void *,int); double app_tminterval (int stop,int usertime); #endif #ifndef OPENSSL_NO_NPN #ifndef OPENSSL_NO_NEXTPROTONEG unsigned char *next_protos_parse(unsigned short *outlen, const char *in); #endif
apps/s_client.c +8 −8 Original line number Diff line number Diff line Loading @@ -343,7 +343,7 @@ static void sc_usage(void) BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); BIO_printf(bio_err," -status - request certificate status from server\n"); BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); # ifndef OPENSSL_NO_NPN # ifndef OPENSSL_NO_NEXTPROTONEG BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n"); # endif #endif Loading Loading @@ -371,7 +371,7 @@ static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg) return SSL_TLSEXT_ERR_OK; } # ifndef OPENSSL_NO_NPN # ifndef OPENSSL_NO_NEXTPROTONEG /* This the context that we pass to next_proto_cb */ typedef struct tlsextnextprotoctx_st { unsigned char *data; Loading Loading @@ -403,7 +403,7 @@ static int next_proto_cb(SSL *s, unsigned char **out, unsigned char *outlen, con ctx->status = SSL_select_next_proto(out, outlen, in, inlen, ctx->data, ctx->len); return SSL_TLSEXT_ERR_OK; } # endif /* ndef OPENSSL_NO_NPN */ # endif /* ndef OPENSSL_NO_NEXTPROTONEG */ #endif enum Loading Loading @@ -467,7 +467,7 @@ int MAIN(int argc, char **argv) char *servername = NULL; tlsextctx tlsextcbp = {NULL,0}; # ifndef OPENSSL_NO_NPN # ifndef OPENSSL_NO_NEXTPROTONEG const char *next_proto_neg_in = NULL; # endif #endif Loading Loading @@ -701,7 +701,7 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_TLSEXT else if (strcmp(*argv,"-no_ticket") == 0) { off|=SSL_OP_NO_TICKET; } # ifndef OPENSSL_NO_NPN # ifndef OPENSSL_NO_NEXTPROTONEG else if (strcmp(*argv,"-nextprotoneg") == 0) { if (--argc < 1) goto bad; Loading Loading @@ -814,7 +814,7 @@ bad: OpenSSL_add_ssl_algorithms(); SSL_load_error_strings(); #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NPN) #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) next_proto.status = -1; if (next_proto_neg_in) { Loading Loading @@ -950,7 +950,7 @@ bad: */ if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1); #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NPN) #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) if (next_proto.data) SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto); #endif Loading Loading @@ -1815,7 +1815,7 @@ static void print_stuff(BIO *bio, SSL *s, int full) expansion ? SSL_COMP_get_name(expansion) : "NONE"); #endif #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NPN) #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) if (next_proto.status != -1) { const unsigned char *proto; unsigned int proto_len; Loading
apps/s_server.c +9 −9 Original line number Diff line number Diff line Loading @@ -496,12 +496,12 @@ static void sv_usage(void) BIO_printf(bio_err," (default is %s)\n",TEST_CERT2); BIO_printf(bio_err," -key2 arg - Private Key file to use for servername, in cert file if\n"); BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT2); # ifndef OPENSSL_NO_NPN BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); # endif BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n"); # ifndef OPENSSL_NO_NEXTPROTONEG BIO_printf(bio_err," -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n"); # endif #endif } Loading Loading @@ -837,7 +837,7 @@ BIO_printf(err, "cert_status: received %d ids\n", sk_OCSP_RESPID_num(ids)); goto done; } # ifndef OPENSSL_NO_NPN # ifndef OPENSSL_NO_NEXTPROTONEG /* This is the context that we pass to next_proto_cb */ typedef struct tlsextnextprotoctx_st { unsigned char *data; Loading Loading @@ -901,7 +901,7 @@ int MAIN(int argc, char *argv[]) #endif #ifndef OPENSSL_NO_TLSEXT tlsextctx tlsextcbp = {NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING}; # ifndef OPENSSL_NO_NPN # ifndef OPENSSL_NO_NEXTPROTONEG const char *next_proto_neg_in = NULL; tlsextnextprotoctx next_proto; # endif Loading Loading @@ -1237,7 +1237,7 @@ int MAIN(int argc, char *argv[]) if (--argc < 1) goto bad; s_key_file2= *(++argv); } # ifndef OPENSSL_NO_NPN # ifndef OPENSSL_NO_NEXTPROTONEG else if (strcmp(*argv,"-nextprotoneg") == 0) { if (--argc < 1) goto bad; Loading Loading @@ -1348,7 +1348,7 @@ bad: goto end; } } # ifndef OPENSSL_NO_NPN # ifndef OPENSSL_NO_NEXTPROTONEG if (next_proto_neg_in) { unsigned short len; Loading Loading @@ -1548,7 +1548,7 @@ bad: SSL_CTX_set1_param(ctx2, vpm); } # ifndef OPENSSL_NO_NPN # ifndef OPENSSL_NO_NEXTPROTONEG if (next_proto.data) SSL_CTX_set_next_protos_advertised_cb(ctx, next_proto_cb, &next_proto); # endif Loading Loading @@ -2245,7 +2245,7 @@ static int init_ssl_connection(SSL *con) X509 *peer; long verify_error; MS_STATIC char buf[BUFSIZ]; #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NPN) #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) const unsigned char *next_proto_neg; unsigned next_proto_neg_len; #endif Loading Loading @@ -2288,7 +2288,7 @@ static int init_ssl_connection(SSL *con) BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf); str=SSL_CIPHER_get_name(SSL_get_current_cipher(con)); BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)"); #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NPN) #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len); if (next_proto_neg) { Loading
ssl/s3_both.c +3 −3 Original line number Diff line number Diff line Loading @@ -202,7 +202,7 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen) return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); } #ifndef OPENSSL_NO_NPN #ifndef OPENSSL_NO_NEXTPROTONEG /* ssl3_take_mac calculates the Finished MAC for the handshakes messages seen to far. */ static void ssl3_take_mac(SSL *s) { Loading Loading @@ -231,7 +231,7 @@ int ssl3_get_finished(SSL *s, int a, int b) long n; unsigned char *p; #ifdef OPENSSL_NO_NPN #ifdef OPENSSL_NO_NEXTPROTONEG /* the mac has already been generated when we received the * change cipher spec message and is in s->s3->tmp.peer_finish_md */ Loading Loading @@ -540,7 +540,7 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) n -= i; } #ifndef OPENSSL_NO_NPN #ifndef OPENSSL_NO_NEXTPROTONEG /* If receiving Finished, record MAC of prior handshake messages for * Finished verification. */ if (*s->init_buf->data == SSL3_MT_FINISHED) Loading
