Lines Matching refs:ext
154 OPENSSL_free(s->ext.hostname); in tls_parse_ctos_server_name()
155 s->ext.hostname = NULL; in tls_parse_ctos_server_name()
156 if (!PACKET_strndup(&hostname, &s->ext.hostname)) { in tls_parse_ctos_server_name()
168 s->servername_done = (s->session->ext.hostname != NULL) in tls_parse_ctos_server_name()
169 && PACKET_equal(&hostname, s->session->ext.hostname, in tls_parse_ctos_server_name()
170 strlen(s->session->ext.hostname)); in tls_parse_ctos_server_name()
208 if (s->session->ext.max_fragment_len_mode == TLSEXT_max_fragment_length_UNSPECIFIED) in tls_parse_ctos_maxfragmentlen()
213 s->session->ext.max_fragment_len_mode = value; in tls_parse_ctos_maxfragmentlen()
253 &s->ext.peer_ecpointformats, in tls_parse_ctos_ec_pt_formats()
254 &s->ext.peer_ecpointformats_len)) { in tls_parse_ctos_ec_pt_formats()
267 if (s->ext.session_ticket_cb && in tls_parse_ctos_session_ticket()
268 !s->ext.session_ticket_cb(SSL_CONNECTION_GET_SSL(s), in tls_parse_ctos_session_ticket()
270 s->ext.session_ticket_cb_arg)) { in tls_parse_ctos_session_ticket()
333 if (!PACKET_get_1(pkt, (unsigned int *)&s->ext.status_type)) { in tls_parse_ctos_status_request()
338 if (s->ext.status_type != TLSEXT_STATUSTYPE_ocsp) { in tls_parse_ctos_status_request()
342 s->ext.status_type = TLSEXT_STATUSTYPE_nothing; in tls_parse_ctos_status_request()
355 sk_OCSP_RESPID_pop_free(s->ext.ocsp.ids, OCSP_RESPID_free); in tls_parse_ctos_status_request()
357 s->ext.ocsp.ids = sk_OCSP_RESPID_new_null(); in tls_parse_ctos_status_request()
358 if (s->ext.ocsp.ids == NULL) { in tls_parse_ctos_status_request()
363 s->ext.ocsp.ids = NULL; in tls_parse_ctos_status_request()
392 if (!sk_OCSP_RESPID_push(s->ext.ocsp.ids, id)) { in tls_parse_ctos_status_request()
409 sk_X509_EXTENSION_pop_free(s->ext.ocsp.exts, in tls_parse_ctos_status_request()
411 s->ext.ocsp.exts = in tls_parse_ctos_status_request()
413 if (s->ext.ocsp.exts == NULL || ext_data != PACKET_end(&exts)) { in tls_parse_ctos_status_request()
551 s->ext.use_etm = 1; in tls_parse_ctos_etm()
576 s->ext.psk_kex_mode |= TLSEXT_KEX_MODE_FLAG_KE_DHE; in tls_parse_ctos_psk_kex_modes()
579 s->ext.psk_kex_mode |= TLSEXT_KEX_MODE_FLAG_KE; in tls_parse_ctos_psk_kex_modes()
582 if (((s->ext.psk_kex_mode & TLSEXT_KEX_MODE_FLAG_KE) != 0) in tls_parse_ctos_psk_kex_modes()
593 s->ext.psk_kex_mode = TLSEXT_KEX_MODE_FLAG_KE; in tls_parse_ctos_psk_kex_modes()
615 if (s->hit && (s->ext.psk_kex_mode & TLSEXT_KEX_MODE_FLAG_KE_DHE) == 0) in tls_parse_ctos_key_share()
764 s->session_ctx->ext.cookie_hmac_key, in tls_parse_ctos_cookie()
765 sizeof(s->session_ctx->ext.cookie_hmac_key)); in tls_parse_ctos_cookie()
927 s->ext.cookieok = 1; in tls_parse_ctos_cookie()
948 OPENSSL_free(s->ext.peer_supportedgroups); in tls_parse_ctos_supported_groups()
949 s->ext.peer_supportedgroups = NULL; in tls_parse_ctos_supported_groups()
950 s->ext.peer_supportedgroups_len = 0; in tls_parse_ctos_supported_groups()
952 &s->ext.peer_supportedgroups, in tls_parse_ctos_supported_groups()
953 &s->ext.peer_supportedgroups_len)) { in tls_parse_ctos_supported_groups()
1001 s->ext.ticket_expected = 1; in tls_get_stateful_ticket()
1031 unsigned int id, i, ext = 0; in tls_parse_ctos_psk() local
1040 if ((s->ext.psk_kex_mode in tls_parse_ctos_psk()
1049 s->ext.ticket_expected = 0; in tls_parse_ctos_psk()
1135 ext = 1; in tls_parse_ctos_psk()
1137 s->ext.early_data_ok = 1; in tls_parse_ctos_psk()
1138 s->ext.ticket_expected = 1; in tls_parse_ctos_psk()
1180 ossl_ms2time(sess->ext.tick_age_add)); in tls_parse_ctos_psk()
1203 s->ext.early_data_ok = 1; in tls_parse_ctos_psk()
1218 s->ext.early_data_ok = 0; in tls_parse_ctos_psk()
1219 s->ext.ticket_expected = 0; in tls_parse_ctos_psk()
1251 ext) != 1) { in tls_parse_ctos_psk()
1256 s->ext.tick_identity = id; in tls_parse_ctos_psk()
1346 || !WPACKET_put_bytes_u8(pkt, s->session->ext.max_fragment_len_mode) in tls_construct_stoc_maxfragmentlen()
1362 && (s->ext.peer_ecpointformats != NULL); in tls_construct_stoc_ec_pt_formats()
1445 if (!s->ext.ticket_expected || !tls_use_ticket(s)) { in tls_construct_stoc_session_ticket()
1446 s->ext.ticket_expected = 0; in tls_construct_stoc_session_ticket()
1468 if (!s->ext.status_expected) in tls_construct_stoc_status_request()
1510 if (!npn_seen || sctx->ext.npn_advertised_cb == NULL) in tls_construct_stoc_next_proto_neg()
1513 ret = sctx->ext.npn_advertised_cb(SSL_CONNECTION_GET_SSL(s), &npa, &npalen, in tls_construct_stoc_next_proto_neg()
1514 sctx->ext.npn_advertised_cb_arg); in tls_construct_stoc_next_proto_neg()
1576 if (!s->ext.use_etm) in tls_construct_stoc_etm()
1589 s->ext.use_etm = 0; in tls_construct_stoc_etm()
1673 if (s->hit && (s->ext.psk_kex_mode & TLSEXT_KEX_MODE_FLAG_KE_DHE) == 0) { in tls_construct_stoc_key_share()
1862 s->session_ctx->ext.cookie_hmac_key, in tls_construct_stoc_cookie()
1863 sizeof(s->session_ctx->ext.cookie_hmac_key)); in tls_construct_stoc_cookie()
1948 if (s->ext.early_data != SSL_EARLY_DATA_ACCEPTED) in tls_construct_stoc_early_data()
1970 || !WPACKET_put_bytes_u16(pkt, s->ext.tick_identity) in tls_construct_stoc_psk()
1983 if (sc->ext.client_cert_type_ctos == OSSL_CERT_TYPE_CTOS_ERROR in tls_construct_stoc_client_cert_type()
1991 if (sc->ext.client_cert_type == TLSEXT_cert_type_x509) { in tls_construct_stoc_client_cert_type()
1992 sc->ext.client_cert_type_ctos = OSSL_CERT_TYPE_CTOS_NONE; in tls_construct_stoc_client_cert_type()
2001 || sc->ext.client_cert_type_ctos != OSSL_CERT_TYPE_CTOS_GOOD in tls_construct_stoc_client_cert_type()
2004 sc->ext.client_cert_type_ctos = OSSL_CERT_TYPE_CTOS_NONE; in tls_construct_stoc_client_cert_type()
2005 sc->ext.client_cert_type = TLSEXT_cert_type_x509; in tls_construct_stoc_client_cert_type()
2011 || !WPACKET_put_bytes_u8(pkt, sc->ext.client_cert_type) in tls_construct_stoc_client_cert_type()
2045 sc->ext.client_cert_type_ctos = OSSL_CERT_TYPE_CTOS_NONE; in tls_parse_ctos_client_cert_type()
2046 sc->ext.client_cert_type = TLSEXT_cert_type_x509; in tls_parse_ctos_client_cert_type()
2051 sc->ext.client_cert_type_ctos = OSSL_CERT_TYPE_CTOS_ERROR; in tls_parse_ctos_client_cert_type()
2056 sc->ext.client_cert_type_ctos = OSSL_CERT_TYPE_CTOS_ERROR; in tls_parse_ctos_client_cert_type()
2061 sc->ext.client_cert_type_ctos = OSSL_CERT_TYPE_CTOS_ERROR; in tls_parse_ctos_client_cert_type()
2066 sc->ext.client_cert_type_ctos = reconcile_cert_type(data, len, in tls_parse_ctos_client_cert_type()
2068 &sc->ext.client_cert_type); in tls_parse_ctos_client_cert_type()
2078 if (sc->ext.server_cert_type == TLSEXT_cert_type_x509) { in tls_construct_stoc_server_cert_type()
2079 sc->ext.server_cert_type_ctos = OSSL_CERT_TYPE_CTOS_NONE; in tls_construct_stoc_server_cert_type()
2082 if (sc->ext.server_cert_type_ctos != OSSL_CERT_TYPE_CTOS_GOOD in tls_construct_stoc_server_cert_type()
2085 sc->ext.server_cert_type_ctos = OSSL_CERT_TYPE_CTOS_NONE; in tls_construct_stoc_server_cert_type()
2086 sc->ext.server_cert_type = TLSEXT_cert_type_x509; in tls_construct_stoc_server_cert_type()
2092 || !WPACKET_put_bytes_u8(pkt, sc->ext.server_cert_type) in tls_construct_stoc_server_cert_type()
2110 sc->ext.server_cert_type_ctos = OSSL_CERT_TYPE_CTOS_NONE; in tls_parse_ctos_server_cert_type()
2111 sc->ext.server_cert_type = TLSEXT_cert_type_x509; in tls_parse_ctos_server_cert_type()
2129 …sc->ext.server_cert_type_ctos = reconcile_cert_type(sc->server_cert_type, sc->server_cert_type_len, in tls_parse_ctos_server_cert_type()
2131 &sc->ext.server_cert_type); in tls_parse_ctos_server_cert_type()
2132 if (sc->ext.server_cert_type_ctos == OSSL_CERT_TYPE_CTOS_GOOD) in tls_parse_ctos_server_cert_type()
