Lines Matching full:ext
67 if (s->ext.hostname == NULL) in tls_construct_ctos_server_name()
77 || !WPACKET_sub_memcpy_u16(pkt, s->ext.hostname, in tls_construct_ctos_server_name()
78 strlen(s->ext.hostname)) in tls_construct_ctos_server_name()
93 if (s->ext.max_fragment_len_mode == TLSEXT_max_fragment_length_DISABLED) in tls_construct_ctos_maxfragmentlen()
104 || !WPACKET_put_bytes_u8(pkt, s->ext.max_fragment_len_mode) in tls_construct_ctos_maxfragmentlen()
294 && s->session->ext.tick != NULL in tls_construct_ctos_session_ticket()
296 ticklen = s->session->ext.ticklen; in tls_construct_ctos_session_ticket()
297 } else if (s->session && s->ext.session_ticket != NULL in tls_construct_ctos_session_ticket()
298 && s->ext.session_ticket->data != NULL) { in tls_construct_ctos_session_ticket()
299 ticklen = s->ext.session_ticket->length; in tls_construct_ctos_session_ticket()
300 s->session->ext.tick = OPENSSL_malloc(ticklen); in tls_construct_ctos_session_ticket()
301 if (s->session->ext.tick == NULL) { in tls_construct_ctos_session_ticket()
305 memcpy(s->session->ext.tick, in tls_construct_ctos_session_ticket()
306 s->ext.session_ticket->data, ticklen); in tls_construct_ctos_session_ticket()
307 s->session->ext.ticklen = ticklen; in tls_construct_ctos_session_ticket()
312 if (ticklen == 0 && s->ext.session_ticket != NULL && in tls_construct_ctos_session_ticket()
313 s->ext.session_ticket->data == NULL) in tls_construct_ctos_session_ticket()
317 || !WPACKET_sub_memcpy_u16(pkt, s->session->ext.tick, ticklen)) { in tls_construct_ctos_session_ticket()
376 if (s->ext.status_type != TLSEXT_STATUSTYPE_ocsp) in tls_construct_ctos_status_request()
388 for (i = 0; i < sk_OCSP_RESPID_num(s->ext.ocsp.ids); i++) { in tls_construct_ctos_status_request()
390 OCSP_RESPID *id = sk_OCSP_RESPID_value(s->ext.ocsp.ids, i); in tls_construct_ctos_status_request()
406 if (s->ext.ocsp.exts) { in tls_construct_ctos_status_request()
408 int extlen = i2d_X509_EXTENSIONS(s->ext.ocsp.exts, NULL); in tls_construct_ctos_status_request()
415 || i2d_X509_EXTENSIONS(s->ext.ocsp.exts, &extbytes) in tls_construct_ctos_status_request()
435 if (SSL_CONNECTION_GET_CTX(s)->ext.npn_select_cb == NULL in tls_construct_ctos_npn()
459 if (s->ext.alpn == NULL || !SSL_IS_FIRST_HANDSHAKE(s)) in tls_construct_ctos_alpn()
466 || !WPACKET_sub_memcpy_u16(pkt, s->ext.alpn, s->ext.alpn_len) in tls_construct_ctos_alpn()
635 s->ext.psk_kex_mode = TLSEXT_KEX_MODE_FLAG_KE_DHE; in tls_construct_ctos_psk_kex_modes()
637 s->ext.psk_kex_mode |= TLSEXT_KEX_MODE_FLAG_KE; in tls_construct_ctos_psk_kex_modes()
750 if (s->ext.supportedgroups == NULL) /* use default */ in tls_construct_ctos_key_share()
799 if (s->ext.tls13_cookie_len == 0) in tls_construct_ctos_cookie()
805 || !WPACKET_sub_memcpy_u16(pkt, s->ext.tls13_cookie, in tls_construct_ctos_cookie()
806 s->ext.tls13_cookie_len) in tls_construct_ctos_cookie()
814 OPENSSL_free(s->ext.tls13_cookie); in tls_construct_ctos_cookie()
815 s->ext.tls13_cookie = NULL; in tls_construct_ctos_cookie()
816 s->ext.tls13_cookie_len = 0; in tls_construct_ctos_cookie()
910 || (s->session->ext.max_early_data == 0 in tls_construct_ctos_early_data()
911 && (psksess == NULL || psksess->ext.max_early_data == 0))) { in tls_construct_ctos_early_data()
915 edsess = s->session->ext.max_early_data != 0 ? s->session : psksess; in tls_construct_ctos_early_data()
916 s->max_early_data = edsess->ext.max_early_data; in tls_construct_ctos_early_data()
918 if (edsess->ext.hostname != NULL) { in tls_construct_ctos_early_data()
919 if (s->ext.hostname == NULL in tls_construct_ctos_early_data()
920 || (s->ext.hostname != NULL in tls_construct_ctos_early_data()
921 && strcmp(s->ext.hostname, edsess->ext.hostname) != 0)) { in tls_construct_ctos_early_data()
928 if ((s->ext.alpn == NULL && edsess->ext.alpn_selected != NULL)) { in tls_construct_ctos_early_data()
937 if (edsess->ext.alpn_selected != NULL) { in tls_construct_ctos_early_data()
941 if (!PACKET_buf_init(&prots, s->ext.alpn, s->ext.alpn_len)) { in tls_construct_ctos_early_data()
946 if (PACKET_equal(&alpnpkt, edsess->ext.alpn_selected, in tls_construct_ctos_early_data()
947 edsess->ext.alpn_selected_len)) { in tls_construct_ctos_early_data()
970 s->ext.early_data = SSL_EARLY_DATA_REJECTED; in tls_construct_ctos_early_data()
971 s->ext.early_data_ok = 1; in tls_construct_ctos_early_data()
1019 && s->session->ext.ticklen != 0 in tls_construct_ctos_padding()
1033 hlen += PSK_PRE_BINDER_OVERHEAD + s->session->ext.ticklen in tls_construct_ctos_padding()
1081 s->ext.tick_identity = 0; in tls_construct_ctos_psk()
1094 || (s->session->ext.ticklen == 0 && s->psksession == NULL)) in tls_construct_ctos_psk()
1100 if (s->session->ext.ticklen != 0) { in tls_construct_ctos_psk()
1144 if (s->session->ext.tick_lifetime_hint < agesec) { in tls_construct_ctos_psk()
1167 agems += s->session->ext.tick_age_add; in tls_construct_ctos_psk()
1172 s->ext.tick_identity++; in tls_construct_ctos_psk()
1216 if (!WPACKET_sub_memcpy_u16(pkt, s->session->ext.tick, in tls_construct_ctos_psk()
1217 s->session->ext.ticklen) in tls_construct_ctos_psk()
1231 s->ext.tick_identity++; in tls_construct_ctos_psk()
1383 if (value != s->ext.max_fragment_len_mode) { in tls_parse_stoc_maxfragmentlen()
1393 s->session->ext.max_fragment_len_mode = value; in tls_parse_stoc_maxfragmentlen()
1402 if (s->ext.hostname == NULL) { in tls_parse_stoc_server_name()
1413 if (s->session->ext.hostname != NULL) { in tls_parse_stoc_server_name()
1417 s->session->ext.hostname = OPENSSL_strdup(s->ext.hostname); in tls_parse_stoc_server_name()
1418 if (s->session->ext.hostname == NULL) { in tls_parse_stoc_server_name()
1445 s->ext.peer_ecpointformats_len = 0; in tls_parse_stoc_ec_pt_formats()
1446 OPENSSL_free(s->ext.peer_ecpointformats); in tls_parse_stoc_ec_pt_formats()
1447 s->ext.peer_ecpointformats = OPENSSL_malloc(ecpointformats_len); in tls_parse_stoc_ec_pt_formats()
1448 if (s->ext.peer_ecpointformats == NULL) { in tls_parse_stoc_ec_pt_formats()
1449 s->ext.peer_ecpointformats_len = 0; in tls_parse_stoc_ec_pt_formats()
1454 s->ext.peer_ecpointformats_len = ecpointformats_len; in tls_parse_stoc_ec_pt_formats()
1457 s->ext.peer_ecpointformats, in tls_parse_stoc_ec_pt_formats()
1473 if (s->ext.session_ticket_cb != NULL && in tls_parse_stoc_session_ticket()
1474 !s->ext.session_ticket_cb(ssl, PACKET_data(pkt), in tls_parse_stoc_session_ticket()
1476 s->ext.session_ticket_cb_arg)) { in tls_parse_stoc_session_ticket()
1490 s->ext.ticket_expected = 1; in tls_parse_stoc_session_ticket()
1509 if (s->ext.status_type != TLSEXT_STATUSTYPE_ocsp) { in tls_parse_stoc_status_request()
1530 s->ext.status_expected = 1; in tls_parse_stoc_status_request()
1555 OPENSSL_free(s->ext.scts); in tls_parse_stoc_sct()
1556 s->ext.scts = NULL; in tls_parse_stoc_sct()
1558 s->ext.scts_len = (uint16_t)size; in tls_parse_stoc_sct()
1560 s->ext.scts = OPENSSL_malloc(size); in tls_parse_stoc_sct()
1561 if (s->ext.scts == NULL) { in tls_parse_stoc_sct()
1562 s->ext.scts_len = 0; in tls_parse_stoc_sct()
1566 if (!PACKET_copy_bytes(pkt, s->ext.scts, size)) { in tls_parse_stoc_sct()
1634 if (sctx->ext.npn_select_cb == NULL) { in tls_parse_stoc_npn()
1645 if (sctx->ext.npn_select_cb(SSL_CONNECTION_GET_USER_SSL(s), in tls_parse_stoc_npn()
1648 sctx->ext.npn_select_cb_arg) != SSL_TLSEXT_ERR_OK in tls_parse_stoc_npn()
1658 OPENSSL_free(s->ext.npn); in tls_parse_stoc_npn()
1659 s->ext.npn = OPENSSL_malloc(selected_len); in tls_parse_stoc_npn()
1660 if (s->ext.npn == NULL) { in tls_parse_stoc_npn()
1661 s->ext.npn_len = 0; in tls_parse_stoc_npn()
1666 memcpy(s->ext.npn, selected, selected_len); in tls_parse_stoc_npn()
1667 s->ext.npn_len = selected_len; in tls_parse_stoc_npn()
1700 if (!PACKET_buf_init(&confpkt, s->ext.alpn, s->ext.alpn_len)) { in tls_parse_stoc_alpn()
1733 if (s->session->ext.alpn_selected == NULL in tls_parse_stoc_alpn()
1734 || s->session->ext.alpn_selected_len != len in tls_parse_stoc_alpn()
1735 || memcmp(s->session->ext.alpn_selected, s->s3.alpn_selected, len) in tls_parse_stoc_alpn()
1738 s->ext.early_data_ok = 0; in tls_parse_stoc_alpn()
1745 if (!ossl_assert(s->session->ext.alpn_selected == NULL)) { in tls_parse_stoc_alpn()
1749 s->session->ext.alpn_selected = in tls_parse_stoc_alpn()
1751 if (s->session->ext.alpn_selected == NULL) { in tls_parse_stoc_alpn()
1752 s->session->ext.alpn_selected_len = 0; in tls_parse_stoc_alpn()
1756 s->session->ext.alpn_selected_len = s->s3.alpn_selected_len; in tls_parse_stoc_alpn()
1823 s->ext.use_etm = 1; in tls_parse_stoc_etm()
2050 || !PACKET_memdup(&cookie, &s->ext.tls13_cookie, in tls_parse_stoc_cookie()
2051 &s->ext.tls13_cookie_len)) { in tls_parse_stoc_cookie()
2072 s->session->ext.max_early_data = max_early_data; in tls_parse_stoc_early_data()
2085 s->session->ext.max_early_data = 1; in tls_parse_stoc_early_data()
2098 if (!s->ext.early_data_ok in tls_parse_stoc_early_data()
2109 s->ext.early_data = SSL_EARLY_DATA_ACCEPTED; in tls_parse_stoc_early_data()
2126 if (identity >= (unsigned int)s->ext.tick_identity) { in tls_parse_stoc_psk()
2136 if (identity == 0 && (s->psksession == NULL || s->ext.tick_identity == 2)) { in tls_parse_stoc_psk()
2156 || s->session->ext.max_early_data > 0 in tls_parse_stoc_psk()
2157 || s->psksession->ext.max_early_data == 0) in tls_parse_stoc_psk()
2166 s->ext.early_data_ok = 0; in tls_parse_stoc_psk()
2176 sc->ext.client_cert_type_ctos = OSSL_CERT_TYPE_CTOS_NONE; in tls_construct_ctos_client_cert_type()
2187 sc->ext.client_cert_type_ctos = OSSL_CERT_TYPE_CTOS_GOOD; in tls_construct_ctos_client_cert_type()
2206 if (!ossl_assert(sc->ext.client_cert_type_ctos == OSSL_CERT_TYPE_CTOS_GOOD)) { in tls_parse_stoc_client_cert_type()
2220 sc->ext.client_cert_type = type; in tls_parse_stoc_client_cert_type()
2228 sc->ext.server_cert_type_ctos = OSSL_CERT_TYPE_CTOS_NONE; in tls_construct_ctos_server_cert_type()
2239 sc->ext.server_cert_type_ctos = OSSL_CERT_TYPE_CTOS_GOOD; in tls_construct_ctos_server_cert_type()
2258 if (!ossl_assert(sc->ext.server_cert_type_ctos == OSSL_CERT_TYPE_CTOS_GOOD)) { in tls_parse_stoc_server_cert_type()
2272 sc->ext.server_cert_type = type; in tls_parse_stoc_server_cert_type()