/* Set callbacks for a custom extension. */
static int custom_ext_meth_add(custom_ext_methods *exts,
unsigned int ext_type,
custom_ext_add_cb add_cb,
custom_ext_free_cb free_cb,
void *add_arg,
custom_ext_parse_cb parse_cb, void *parse_arg)
{
custom_ext_method *meth, *tmp;
/*
* Check application error: if add_cb is not set free_cb will never be
* called.
*/
if (!add_cb && free_cb)
return 0;
/*
* Don't add if extension supported internally, but make exception
* for extension types that previously were not supported, but now are.
*/
if (SSL_extension_supported(ext_type) &&
ext_type != TLSEXT_TYPE_signed_certificate_timestamp)
return 0;
/* Extension type must fit in 16 bits */
if (ext_type > 0xffff)
return 0;
/* Search for duplicate */
if (custom_ext_find(exts, ext_type))
return 0;
tmp = OPENSSL_realloc(exts->meths,
(exts->meths_count + 1) * sizeof(custom_ext_method));
if (tmp == NULL) {
OPENSSL_free(exts->meths);
exts->meths = NULL;
exts->meths_count = 0;
return 0;
}
exts->meths = tmp;
meth = exts->meths + exts->meths_count;
memset(meth, 0, sizeof(*meth));
meth->parse_cb = parse_cb;
meth->add_cb = add_cb;
meth->free_cb = free_cb;
meth->ext_type = ext_type;
meth->add_arg = add_arg;
meth->parse_arg = parse_arg;
exts->meths_count++;
return 1;
}
/* Set callbacks for a custom extension. */
static int custom_ext_meth_add(custom_ext_methods *exts,
unsigned int ext_type,
custom_ext_add_cb add_cb,
custom_ext_free_cb free_cb,
void *add_arg,
custom_ext_parse_cb parse_cb, void *parse_arg)
{
custom_ext_method *meth;
/*
* Check application error: if add_cb is not set free_cb will never be
* called.
*/
if (!add_cb && free_cb)
return 0;
/* Don't add if extension supported internally. */
if (SSL_extension_supported(ext_type))
return 0;
/* Extension type must fit in 16 bits */
if (ext_type > 0xffff)
return 0;
/* Search for duplicate */
if (custom_ext_find(exts, ext_type))
return 0;
exts->meths = OPENSSL_realloc(exts->meths,
(exts->meths_count +
1) * sizeof(custom_ext_method));
if (!exts->meths) {
exts->meths_count = 0;
return 0;
}
meth = exts->meths + exts->meths_count;
memset(meth, 0, sizeof(*meth));
meth->parse_cb = parse_cb;
meth->add_cb = add_cb;
meth->free_cb = free_cb;
meth->ext_type = ext_type;
meth->add_arg = add_arg;
meth->parse_arg = parse_arg;
exts->meths_count++;
return 1;
}
static int add_custom_ext_intern(SSL_CTX *ctx, ENDPOINT role,
unsigned int ext_type,
unsigned int context,
SSL_custom_ext_add_cb_ex add_cb,
SSL_custom_ext_free_cb_ex free_cb,
void *add_arg,
SSL_custom_ext_parse_cb_ex parse_cb,
void *parse_arg)
{
custom_ext_methods *exts = &ctx->cert->custext;
custom_ext_method *meth, *tmp;
/*
* Check application error: if add_cb is not set free_cb will never be
* called.
*/
if (add_cb == NULL && free_cb != NULL)
return 0;
#ifndef OPENSSL_NO_CT
/*
* We don't want applications registering callbacks for SCT extensions
* whilst simultaneously using the built-in SCT validation features, as
* these two things may not play well together.
*/
if (ext_type == TLSEXT_TYPE_signed_certificate_timestamp
&& (context & SSL_EXT_CLIENT_HELLO) != 0
&& SSL_CTX_ct_is_enabled(ctx))
return 0;
#endif
/*
* Don't add if extension supported internally, but make exception
* for extension types that previously were not supported, but now are.
*/
if (SSL_extension_supported(ext_type)
&& ext_type != TLSEXT_TYPE_signed_certificate_timestamp)
return 0;
/* Extension type must fit in 16 bits */
if (ext_type > 0xffff)
return 0;
/* Search for duplicate */
if (custom_ext_find(exts, role, ext_type, NULL))
return 0;
tmp = OPENSSL_realloc(exts->meths,
(exts->meths_count + 1) * sizeof(custom_ext_method));
if (tmp == NULL)
return 0;
exts->meths = tmp;
meth = exts->meths + exts->meths_count;
memset(meth, 0, sizeof(*meth));
meth->role = role;
meth->context = context;
meth->parse_cb = parse_cb;
meth->add_cb = add_cb;
meth->free_cb = free_cb;
meth->ext_type = ext_type;
meth->add_arg = add_arg;
meth->parse_arg = parse_arg;
exts->meths_count++;
return 1;
}
