Commit d270de32 authored by Matt Caswell's avatar Matt Caswell
Browse files

Change TLSEXT_IDX_* values into an enum 



Perl changes reviewed by Richard Levitte. Non-perl changes reviewed by Rich
Salz

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
parent 1266eefd

ssl/ssl_locl.h

+20 −18
Original line number Diff line number Diff line
@@ -1650,24 +1650,26 @@ typedef struct raw_extension_st { 
 * Extension index values NOTE: Any updates to these defines should be mirrored

 * with equivalent updates to ext_defs in extensions.c

 */

#define TLSEXT_IDX_renegotiate                                   0

#define TLSEXT_IDX_server_name                                   1

#define TLSEXT_IDX_srp                                           2

#define TLSEXT_IDX_ec_point_formats                              3

#define TLSEXT_IDX_supported_groups                              4

#define TLSEXT_IDX_session_ticket                                5

#define TLSEXT_IDX_signature_algorithms                          6

#define TLSEXT_IDX_status_request                                7

#define TLSEXT_IDX_next_proto_neg                                8

#define TLSEXT_IDX_application_layer_protocol_negotiation        9

#define TLSEXT_IDX_use_srtp                                     10

#define TLSEXT_IDX_encrypt_then_mac                             11

#define TLSEXT_IDX_signed_certificate_timestamp                 12

#define TLSEXT_IDX_extended_master_secret                       13

#define TLSEXT_IDX_supported_versions                           14

#define TLSEXT_IDX_key_share                                    15

#define TLSEXT_IDX_cryptopro_bug                                16

#define TLSEXT_IDX_padding                                      17

typedef enum tlsext_index_en {

    TLSEXT_IDX_renegotiate,

    TLSEXT_IDX_server_name,

    TLSEXT_IDX_srp,

    TLSEXT_IDX_ec_point_formats,

    TLSEXT_IDX_supported_groups,

    TLSEXT_IDX_session_ticket,

    TLSEXT_IDX_signature_algorithms,

    TLSEXT_IDX_status_request,

    TLSEXT_IDX_next_proto_neg,

    TLSEXT_IDX_application_layer_protocol_negotiation,

    TLSEXT_IDX_use_srtp,

    TLSEXT_IDX_encrypt_then_mac,

    TLSEXT_IDX_signed_certificate_timestamp,

    TLSEXT_IDX_extended_master_secret,

    TLSEXT_IDX_supported_versions,

    TLSEXT_IDX_key_share,

    TLSEXT_IDX_cryptopro_bug,

    TLSEXT_IDX_padding

} TLSEXT_INDEX;



#define MAX_COMPRESSIONS_SIZE   255

ssl/statem/extensions.c

+8 −9
Original line number Diff line number Diff line
@@ -260,7 +260,7 @@ static int verify_extension(SSL *s, unsigned int context, unsigned int type, 
{

    size_t i;

    size_t builtin_num = OSSL_NELEM(ext_defs);

    EXTENSION_DEFINITION *thisext;

    const EXTENSION_DEFINITION *thisext;



    for (i = 0, thisext = ext_defs; i < builtin_num; i++, thisext++) {

        if (type == thisext->type) {
@@ -344,11 +344,10 @@ int tls_collect_extensions(SSL *s, PACKET *packet, unsigned int context, 
                           RAW_EXTENSION **res, int *al)

{

    PACKET extensions = *packet;

    size_t i = 0, idx;

    int found = 0;

    size_t i = 0;

    custom_ext_methods *exts = NULL;

    RAW_EXTENSION *raw_extensions = NULL;

    EXTENSION_DEFINITION *thisexd;

    const EXTENSION_DEFINITION *thisexd;



    /*

     * Initialise server side custom extensions. Client side is done during
@@ -427,7 +426,7 @@ int tls_collect_extensions(SSL *s, PACKET *packet, unsigned int context, 
 * or 0 on failure. In the event of a failure |*al| is populated with a suitable

 * alert code. If an extension is not present this counted as success.

 */

int tls_parse_extension(SSL *s, unsigned int idx, int context,

int tls_parse_extension(SSL *s, TLSEXT_INDEX idx, int context,

                        RAW_EXTENSION *exts, int *al)

{

    RAW_EXTENSION *currext = &exts[idx];
@@ -497,7 +496,7 @@ int tls_parse_extension(SSL *s, unsigned int idx, int context, 
int tls_parse_all_extensions(SSL *s, int context, RAW_EXTENSION *exts, int *al)

{

    size_t i, numexts = OSSL_NELEM(ext_defs);

    EXTENSION_DEFINITION *thisexd;

    const EXTENSION_DEFINITION *thisexd;



    /* Calculate the number of extensions in the extensions list */

    if ((context & EXT_CLIENT_HELLO) != 0) {
@@ -508,7 +507,7 @@ int tls_parse_all_extensions(SSL *s, int context, RAW_EXTENSION *exts, int *al) 


    /* Parse each extension in turn */

    for (i = 0; i < numexts; i++) {

        if (!tls_parse_extension(s, loop, context, exts, al))

        if (!tls_parse_extension(s, i, context, exts, al))

            return 0;

    }
@@ -537,7 +536,7 @@ int tls_construct_extensions(SSL *s, WPACKET *pkt, unsigned int context, 
{

    size_t i;

    int addcustom = 0, min_version, max_version = 0, reason, tmpal;

    EXTENSION_DEFINITION *thisexd;

    const EXTENSION_DEFINITION *thisexd;



    /*

     * Normally if something goes wrong during construction it's an internal
@@ -591,7 +590,7 @@ int tls_construct_extensions(SSL *s, WPACKET *pkt, unsigned int context, 
        int (*construct)(SSL *s, WPACKET *pkt, int *al);



        /* Skip if not relevant for our context */

        if ((ext_defs[loop].context & context) == 0)

        if ((thisexd->context & context) == 0)

            continue;



        construct = s->server ? thisexd->construct_stoc

ssl/statem/extensions_srvr.c

+1 −1
Original line number Diff line number Diff line
@@ -413,7 +413,7 @@ int tls_parse_ctos_use_srtp(SSL *s, PACKET *pkt, int *al) 
         * does nothing.

         */

        for (i = 0; i < srtp_pref; i++) {

            const SRTP_PROTECTION_PROFILE *sprof =

            SRTP_PROTECTION_PROFILE *sprof =

                sk_SRTP_PROTECTION_PROFILE_value(srvr, i);



            if (sprof->id == id) {