[openssl.org #3205] [PATCH] Bring TLS Extension Support Up To Date w/RFCs (ALPN, RFC6961, RFC6962)

Wed, 25 Dec 2013 01:59:17 -0800 

This is my first submission to the OpenSSL project, from my honeymoon in
Jakarta. ^_^ This trivial patch allows s_client to identify an ALPN
response as well as adding basic information to identify the extensions
status_request_v2 (RFC 6961) and signed_certificate_timestamp (RFC 6962),
though actual implementation support for these extensions is not added in
this patch but can hopefully build on this (again, trivial) work.

-David


--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -1005,6 +1005,18 @@ void MS_CALLBACK tlsext_cb(SSL *s, int
client_server, int type,
                extname = "heartbeat";
                break;

+               case TLSEXT_TYPE_application_layer_protocol_negotiation:
+               extname = "ALPN";
+               break;
+
+               case TLSEXT_TYPE_status_request_v2:
+               extname = "status request v2";
+               break;
+
+               case TLSEXT_TYPE_signed_certificate_timestamp:
+               extname = "signed certificate timestamp";
+               break;
+
                case TLSEXT_TYPE_session_ticket:
                extname = "session ticket";
                break;
diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
index 6856898..b0b5d88 100644
--- a/ssl/t1_trce.c
+++ b/ssl/t1_trce.c
@@ -360,6 +360,9 @@ static ssl_trace_tbl ssl_exts_tbl[] = {
        {TLSEXT_TYPE_signature_algorithms, "signature_algorithms"},
        {TLSEXT_TYPE_use_srtp, "use_srtp"},
        {TLSEXT_TYPE_heartbeat, "heartbeat"},
+       {TLSEXT_TYPE_application_layer_protocol_negotiation,
"application_layer_protocol_negotiation"},
+       {TLSEXT_TYPE_status_request_v2, "status_request_v2"},
+       {TLSEXT_TYPE_signed_certificate_timestamp,
"signed_certificate_timestamp"},
        {TLSEXT_TYPE_session_ticket, "session_ticket"},
 #ifdef TLSEXT_TYPE_opaque_prf_input
        {TLSEXT_TYPE_opaque_prf_input, "opaque_prf_input"},
diff --git a/ssl/tls1.h b/ssl/tls1.h
index 92092f4..f4a2d20 100644
--- a/ssl/tls1.h
+++ b/ssl/tls1.h
@@ -233,6 +233,12 @@ extern "C" {
 /* ExtensionType value from draft-ietf-tls-applayerprotoneg-00 */
 #define TLSEXT_TYPE_application_layer_protocol_negotiation 16

+/* ExtensionType value from RFC6961 */
+#define TLSEXT_TYPE_status_request_v2 17
+
+/* ExtensionType value from RFC6962 */
+#define TLSEXT_TYPE_signed_certificate_timestamp 18
+
 /* ExtensionType value from RFC4507 */
 #define TLSEXT_TYPE_session_ticket             35

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to