Promote SNI macros to functions.

BUG=404754 Change-Id: I2b2e27f3db0c97f2db65ca5e226c6488d2bee2fc Reviewed-on: https://boringssl-review.googlesource.com/4570 Reviewed-by: Adam Langley <agl@google.com>
author: David Benjamin <davidben@chromium.org> 2015-04-28 07:43:39 +0300
committer: Adam Langley <agl@google.com> 2015-05-07 01:36:19 +0300
commit: 7133d428dd8b551328572cab1fae46abd83a36d9 (patch)
tree: 3bf86023037e9c333dae5cf250b9cfdc5f7f05ec
parent: c2807582fd86fa68d7b0c2675f25a38530719608 (diff)
4 files changed, 37 insertions, 36 deletions
diff --git a/crypto/err/ssl.errordata b/crypto/err/ssl.errordata
index 7dbe199f..0157072f 100644
--- a/crypto/err/ssl.errordata
+++ b/crypto/err/ssl.errordata
@@ -38,6 +38,7 @@ SSL,function,132,SSL_set_cipher_list
 SSL,function,133,SSL_set_fd
 SSL,function,134,SSL_set_rfd
 SSL,function,135,SSL_set_session_id_context
+SSL,function,274,SSL_set_tlsext_host_name
 SSL,function,270,SSL_set_tmp_dh
 SSL,function,271,SSL_set_tmp_ecdh
 SSL,function,136,SSL_set_wfd
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 9edc859e..4ee20843 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1571,8 +1571,6 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
 #define SSL_CTRL_EXTRA_CHAIN_CERT 14
 
 /* see tls1.h for macros based on these */
-#define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG 54
-#define SSL_CTRL_SET_TLSEXT_HOSTNAME 55
 #define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58
 #define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59
 
@@ -2415,6 +2413,8 @@ OPENSSL_EXPORT const char *SSLeay_version(int unused);
 #define SSL_CTRL_SET_MAX_CERT_LIST doesnt_exist
 #define SSL_CTRL_SET_MAX_SEND_FRAGMENT doesnt_exist
 #define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB doesnt_exist
+#define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG doesnt_exist
+#define SSL_CTRL_SET_TLSEXT_HOSTNAME doesnt_exist
 #define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB doesnt_exist
 #define DTLS_CTRL_GET_TIMEOUT doesnt_exist
 #define DTLS_CTRL_HANDLE_TIMEOUT doesnt_exist
@@ -2462,6 +2462,8 @@ OPENSSL_EXPORT const char *SSLeay_version(int unused);
 #define SSL_set_max_send_fragment SSL_set_max_send_fragment
 #define SSL_CTX_set_tlsext_servername_callback \
     SSL_CTX_set_tlsext_servername_callback
+#define SSL_CTX_set_tlsext_servername_arg SSL_CTX_set_tlsext_servername_arg
+#define SSL_set_tlsext_host_name SSL_set_tlsext_host_name
 #define SSL_CTX_set_tlsext_ticket_key_cb SSL_CTX_set_tlsext_ticket_key_cb
 #define DTLSv1_get_timeout DTLSv1_get_timeout
 #define DTLSv1_handle_timeout DTLSv1_handle_timeout
@@ -2675,6 +2677,7 @@ OPENSSL_EXPORT const char *SSLeay_version(int unused);
 #define SSL_F_SSL_set_tmp_ecdh 271
 #define SSL_F_SSL_CTX_set1_tls_channel_id 272
 #define SSL_F_SSL_set1_tls_channel_id 273
+#define SSL_F_SSL_set_tlsext_host_name 274
 #define SSL_R_APP_DATA_IN_HANDSHAKE 100
 #define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 101
 #define SSL_R_BAD_ALERT 102
diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h
index 707bf805..94c79dbf 100644
--- a/include/openssl/tls1.h
+++ b/include/openssl/tls1.h
@@ -317,9 +317,9 @@ OPENSSL_EXPORT int SSL_get_shared_sigalgs(SSL *s, int idx, int *psign,
                                           int *phash, int *psignandhash,
                                           uint8_t *rsig, uint8_t *rhash);
 
-#define SSL_set_tlsext_host_name(s, name)                              \
-  SSL_ctrl(s, SSL_CTRL_SET_TLSEXT_HOSTNAME, TLSEXT_NAMETYPE_host_name, \
-           (char *)name)
+/* SSL_set_tlsext_host_name, for a client, configures |ssl| to advertise |name|
+ * in the server_name extension. It returns one on success and zero on error. */
+OPENSSL_EXPORT int SSL_set_tlsext_host_name(SSL *ssl, const char *name);
 
 /* SSL_CTX_set_tlsext_servername_callback configures |callback| to be called on
  * the server after ClientHello extensions have been parsed and returns one.
@@ -336,8 +336,9 @@ OPENSSL_EXPORT int SSL_CTX_set_tlsext_servername_callback(
 #define SSL_TLSEXT_ERR_ALERT_FATAL 2
 #define SSL_TLSEXT_ERR_NOACK 3
 
-#define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \
-  SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG, 0, (void *)arg)
+/* SSL_CTX_set_tlsext_servername_arg sets the argument to the servername
+ * callback and returns one. See |SSL_CTX_set_tlsext_servername_callback|. */
+OPENSSL_EXPORT int SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg);
 
 #define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \
   SSL_CTX_ctrl((ctx), SSL_CTRL_GET_TLSEXT_TICKET_KEYS, (keylen), (keys))
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index fc3a3a6f..1131ddbc 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -686,35 +686,30 @@ size_t SSL_get_tls_channel_id(SSL *ssl, uint8_t *out, size_t max_out) {
   return 64;
 }
 
+int SSL_set_tlsext_host_name(SSL *ssl, const char *name) {
+  OPENSSL_free(ssl->tlsext_hostname);
+  ssl->tlsext_hostname = NULL;
+
+  if (name == NULL) {
+    return 1;
+  }
+  if (strlen(name) > TLSEXT_MAXLEN_host_name) {
+    OPENSSL_PUT_ERROR(SSL, SSL_set_tlsext_host_name,
+                      SSL_R_SSL3_EXT_INVALID_SERVERNAME);
+    return 0;
+  }
+  ssl->tlsext_hostname = BUF_strdup(name);
+  if (ssl->tlsext_hostname == NULL) {
+    OPENSSL_PUT_ERROR(SSL, SSL_set_tlsext_host_name, ERR_R_MALLOC_FAILURE);
+    return 0;
+  }
+  return 1;
+}
+
 long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) {
   int ret = 0;
 
   switch (cmd) {
-    case SSL_CTRL_SET_TLSEXT_HOSTNAME:
-      if (larg == TLSEXT_NAMETYPE_host_name) {
-        OPENSSL_free(s->tlsext_hostname);
-        s->tlsext_hostname = NULL;
-
-        ret = 1;
-        if (parg == NULL) {
-          break;
-        }
-        if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name) {
-          OPENSSL_PUT_ERROR(SSL, ssl3_ctrl, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
-          return 0;
-        }
-        s->tlsext_hostname = BUF_strdup((char *) parg);
-        if (s->tlsext_hostname == NULL) {
-          OPENSSL_PUT_ERROR(SSL, ssl3_ctrl, ERR_R_INTERNAL_ERROR);
-          return 0;
-        }
-      } else {
-        OPENSSL_PUT_ERROR(SSL, ssl3_ctrl,
-                          SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
-        return 0;
-      }
-      break;
-
     case SSL_CTRL_CHAIN:
       if (larg) {
         return ssl_cert_set1_chain(s->cert, (STACK_OF(X509) *)parg);
@@ -842,10 +837,6 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) {
   cert = ctx->cert;
 
   switch (cmd) {
-    case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
-      ctx->tlsext_servername_arg = parg;
-      break;
-
     case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
     case SSL_CTRL_GET_TLSEXT_TICKET_KEYS: {
       uint8_t *keys = parg;
@@ -947,6 +938,11 @@ int SSL_CTX_set_tlsext_servername_callback(
   return 1;
 }
 
+int SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg) {
+  ctx->tlsext_servername_arg = arg;
+  return 1;
+}
+
 int SSL_CTX_set_tlsext_ticket_key_cb(
     SSL_CTX *ctx, int (*callback)(SSL *ssl, uint8_t *key_name, uint8_t *iv,
                                   EVP_CIPHER_CTX *ctx, HMAC_CTX *hmac_ctx,
author	David Benjamin <davidben@chromium.org>	2015-04-28 07:43:39 +0300
committer	Adam Langley <agl@google.com>	2015-05-07 01:36:19 +0300
commit	7133d428dd8b551328572cab1fae46abd83a36d9 (patch)
tree	3bf86023037e9c333dae5cf250b9cfdc5f7f05ec
parent	c2807582fd86fa68d7b0c2675f25a38530719608 (diff)