-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathnextproto.patch
100 lines (94 loc) · 2.16 KB
/
nextproto.patch
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
diff -rupN Net-SSLeay-1.42/SSLeay.xs Net-SSLeay-NPN-1.42/SSLeay.xs
--- Net-SSLeay-1.42/SSLeay.xs 2011-10-03 12:24:48.000000000 +0600
+++ Net-SSLeay-NPN-1.42/SSLeay.xs 2011-10-28 05:10:53.530232002 +0600
@@ -644,6 +644,59 @@ ssleay_RSA_generate_key_cb_invoke(int i,
}
}
+#ifndef OPENSSL_NO_NEXTPROTONEG
+
+typedef struct tlsextnextprotoctx_st {
+ unsigned char *data;
+ unsigned short len;
+ int status;
+} tlsextnextprotoctx;
+
+static tlsextnextprotoctx next_proto;
+
+int next_proto_cb(SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
+ {
+ tlsextnextprotoctx *ctx = arg;
+ ctx->status = SSL_select_next_proto(out, outlen, in, inlen, ctx->data, ctx->len);
+ return SSL_TLSEXT_ERR_OK;
+ }
+
+unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
+ {
+ size_t len;
+ unsigned char *out;
+ size_t i, start = 0;
+
+ len = strlen(in);
+ if (len >= 65535)
+ return NULL;
+
+ out = OPENSSL_malloc(strlen(in) + 1);
+ if (!out)
+ return NULL;
+
+ for (i = 0; i <= len; ++i)
+ {
+ if (i == len || in[i] == ',')
+ {
+ if (i - start > 255)
+ {
+ OPENSSL_free(out);
+ return NULL;
+ }
+ out[start] = i - start;
+ start = i + 1;
+ }
+ else
+ out[i+1] = in[i];
+ }
+
+ *outlen = len + 1;
+ return out;
+ }
+
+#endif
+
MODULE = Net::SSLeay PACKAGE = Net::SSLeay PREFIX = SSL_
@@ -2848,6 +2901,36 @@ SSL_set1_param(ctx, vpm)
#endif
+#ifndef OPENSSL_NO_NEXTPROTONEG
+
+void
+SSL_CTX_set_next_proto(proto)
+ char *proto
+ CODE:
+ next_proto.data = next_protos_parse(&next_proto.len, proto);
+
+void
+SSL_CTX_set_next_proto_select_cb(ctx);
+ SSL_CTX *ctx
+ CODE:
+ if(ctx != NULL && next_proto.data)
+ SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto);
+
+char *
+SSL_get0_next_proto_negotiated(ssl)
+ SSL *ssl
+ PREINIT:
+ const unsigned char *proto;
+ unsigned int proto_len;
+ CODE:
+ if(next_proto.status != -1) {
+ SSL_get0_next_proto_negotiated(ssl, &proto, &proto_len);
+ RETVAL = strndup(proto, proto_len);
+ }
+ OUTPUT:
+ RETVAL
+
+#endif
#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
X509_VERIFY_PARAM *