OpenCoverage

extensions_cust.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/openssl/src/ssl/statem/extensions_cust.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/*-
2 * Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.-
3 *-
4 * Licensed under the OpenSSL license (the "License"). You may not use-
5 * this file except in compliance with the License. You can obtain a copy-
6 * in the file LICENSE in the source distribution or at-
7 * https://www.openssl.org/source/license.html-
8 */-
9-
10/* Custom extension utility functions */-
11-
12#include <openssl/ct.h>-
13#include "../ssl_locl.h"-
14#include "internal/cryptlib.h"-
15#include "statem_locl.h"-
16-
17typedef struct {-
18 void *add_arg;-
19 custom_ext_add_cb add_cb;-
20 custom_ext_free_cb free_cb;-
21} custom_ext_add_cb_wrap;-
22-
23typedef struct {-
24 void *parse_arg;-
25 custom_ext_parse_cb parse_cb;-
26} custom_ext_parse_cb_wrap;-
27-
28/*-
29 * Provide thin wrapper callbacks which convert new style arguments to old style-
30 */-
31static int custom_ext_add_old_cb_wrap(SSL *s, unsigned int ext_type,-
32 unsigned int context,-
33 const unsigned char **out,-
34 size_t *outlen, X509 *x, size_t chainidx,-
35 int *al, void *add_arg)-
36{-
37 custom_ext_add_cb_wrap *add_cb_wrap = (custom_ext_add_cb_wrap *)add_arg;-
38-
39 if (add_cb_wrap->add_cb == NULL)
add_cb_wrap->a...== ((void *)0)Description
TRUEevaluated 6 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 24 times by 1 test
Evaluated by:
  • libssl.so.1.1
6-24
40 return 1;
executed 6 times by 1 test: return 1;
Executed by:
  • libssl.so.1.1
6
41-
42 return add_cb_wrap->add_cb(s, ext_type, out, outlen, al,
executed 24 times by 1 test: return add_cb_wrap->add_cb(s, ext_type, out, outlen, al, add_cb_wrap->add_arg);
Executed by:
  • libssl.so.1.1
24
43 add_cb_wrap->add_arg);
executed 24 times by 1 test: return add_cb_wrap->add_cb(s, ext_type, out, outlen, al, add_cb_wrap->add_arg);
Executed by:
  • libssl.so.1.1
24
44}-
45-
46static void custom_ext_free_old_cb_wrap(SSL *s, unsigned int ext_type,-
47 unsigned int context,-
48 const unsigned char *out, void *add_arg)-
49{-
50 custom_ext_add_cb_wrap *add_cb_wrap = (custom_ext_add_cb_wrap *)add_arg;-
51-
52 if (add_cb_wrap->free_cb == NULL)
add_cb_wrap->f...== ((void *)0)Description
TRUEevaluated 23 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 3 times by 1 test
Evaluated by:
  • libssl.so.1.1
3-23
53 return;
executed 23 times by 1 test: return;
Executed by:
  • libssl.so.1.1
23
54-
55 add_cb_wrap->free_cb(s, ext_type, out, add_cb_wrap->add_arg);-
56}
executed 3 times by 1 test: end of block
Executed by:
  • libssl.so.1.1
3
57-
58static int custom_ext_parse_old_cb_wrap(SSL *s, unsigned int ext_type,-
59 unsigned int context,-
60 const unsigned char *in,-
61 size_t inlen, X509 *x, size_t chainidx,-
62 int *al, void *parse_arg)-
63{-
64 custom_ext_parse_cb_wrap *parse_cb_wrap =-
65 (custom_ext_parse_cb_wrap *)parse_arg;-
66-
67 if (parse_cb_wrap->parse_cb == NULL)
parse_cb_wrap-...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 25 times by 1 test
Evaluated by:
  • libssl.so.1.1
0-25
68 return 1;
never executed: return 1;
0
69-
70 return parse_cb_wrap->parse_cb(s, ext_type, in, inlen, al,
executed 25 times by 1 test: return parse_cb_wrap->parse_cb(s, ext_type, in, inlen, al, parse_cb_wrap->parse_arg);
Executed by:
  • libssl.so.1.1
25
71 parse_cb_wrap->parse_arg);
executed 25 times by 1 test: return parse_cb_wrap->parse_cb(s, ext_type, in, inlen, al, parse_cb_wrap->parse_arg);
Executed by:
  • libssl.so.1.1
25
72}-
73-
74/*-
75 * Find a custom extension from the list. The |role| param is there to-
76 * support the legacy API where custom extensions for client and server could-
77 * be set independently on the same SSL_CTX. It is set to ENDPOINT_SERVER if we-
78 * are trying to find a method relevant to the server, ENDPOINT_CLIENT for the-
79 * client, or ENDPOINT_BOTH for either-
80 */-
81custom_ext_method *custom_ext_find(const custom_ext_methods *exts,-
82 ENDPOINT role, unsigned int ext_type,-
83 size_t *idx)-
84{-
85 size_t i;-
86 custom_ext_method *meth = exts->meths;-
87-
88 for (i = 0; i < exts->meths_count; i++, meth++) {
i < exts->meths_countDescription
TRUEevaluated 288 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 4686 times by 1 test
Evaluated by:
  • libssl.so.1.1
288-4686
89 if (ext_type == meth->ext_type
ext_type == meth->ext_typeDescription
TRUEevaluated 125 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 163 times by 1 test
Evaluated by:
  • libssl.so.1.1
125-163
90 && (role == ENDPOINT_BOTH || role == meth->role
role == ENDPOINT_BOTHDescription
TRUEevaluated 30 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 95 times by 1 test
Evaluated by:
  • libssl.so.1.1
role == meth->roleDescription
TRUEevaluated 58 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 37 times by 1 test
Evaluated by:
  • libssl.so.1.1
30-95
91 || meth->role == ENDPOINT_BOTH)) {
meth->role == ENDPOINT_BOTHDescription
TRUEevaluated 37 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEnever evaluated
0-37
92 if (idx != NULL)
idx != ((void *)0)Description
TRUEevaluated 53 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 72 times by 1 test
Evaluated by:
  • libssl.so.1.1
53-72
93 *idx = i;
executed 53 times by 1 test: *idx = i;
Executed by:
  • libssl.so.1.1
53
94 return meth;
executed 125 times by 1 test: return meth;
Executed by:
  • libssl.so.1.1
125
95 }-
96 }
executed 163 times by 1 test: end of block
Executed by:
  • libssl.so.1.1
163
97 return NULL;
executed 4686 times by 1 test: return ((void *)0) ;
Executed by:
  • libssl.so.1.1
4686
98}-
99-
100/*-
101 * Initialise custom extensions flags to indicate neither sent nor received.-
102 */-
103void custom_ext_init(custom_ext_methods *exts)-
104{-
105 size_t i;-
106 custom_ext_method *meth = exts->meths;-
107-
108 for (i = 0; i < exts->meths_count; i++, meth++)
i < exts->meths_countDescription
TRUEevaluated 53 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 8632 times by 1 test
Evaluated by:
  • libssl.so.1.1
53-8632
109 meth->ext_flags = 0;
executed 53 times by 1 test: meth->ext_flags = 0;
Executed by:
  • libssl.so.1.1
53
110}
executed 8632 times by 1 test: end of block
Executed by:
  • libssl.so.1.1
8632
111-
112/* Pass received custom extension data to the application for parsing. */-
113int custom_ext_parse(SSL *s, unsigned int context, unsigned int ext_type,-
114 const unsigned char *ext_data, size_t ext_size, X509 *x,-
115 size_t chainidx)-
116{-
117 int al;-
118 custom_ext_methods *exts = &s->cert->custext;-
119 custom_ext_method *meth;-
120 ENDPOINT role = ENDPOINT_BOTH;-
121-
122 if ((context & (SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_2_SERVER_HELLO)) != 0)
(context & (0x... 0x0100)) != 0Description
TRUEevaluated 323 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 13 times by 1 test
Evaluated by:
  • libssl.so.1.1
13-323
123 role = s->server ? ENDPOINT_SERVER : ENDPOINT_CLIENT;
executed 323 times by 1 test: role = s->server ? ENDPOINT_SERVER : ENDPOINT_CLIENT;
Executed by:
  • libssl.so.1.1
s->serverDescription
TRUEevaluated 305 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 18 times by 1 test
Evaluated by:
  • libssl.so.1.1
18-323
124-
125 meth = custom_ext_find(exts, role, ext_type, NULL);-
126 /* If not found return success */-
127 if (!meth)
!methDescription
TRUEevaluated 289 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 47 times by 1 test
Evaluated by:
  • libssl.so.1.1
47-289
128 return 1;
executed 289 times by 1 test: return 1;
Executed by:
  • libssl.so.1.1
289
129-
130 /* Check if extension is defined for our protocol. If not, skip */-
131 if (!extension_is_relevant(s, meth->context, context))
!extension_is_...text, context)Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 46 times by 1 test
Evaluated by:
  • libssl.so.1.1
1-46
132 return 1;
executed 1 time by 1 test: return 1;
Executed by:
  • libssl.so.1.1
1
133-
134 if ((context & (SSL_EXT_TLS1_2_SERVER_HELLO
(context & (0x... 0x0400)) != 0Description
TRUEevaluated 20 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 26 times by 1 test
Evaluated by:
  • libssl.so.1.1
20-26
135 | SSL_EXT_TLS1_3_SERVER_HELLO
(context & (0x... 0x0400)) != 0Description
TRUEevaluated 20 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 26 times by 1 test
Evaluated by:
  • libssl.so.1.1
20-26
136 | SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS)) != 0) {
(context & (0x... 0x0400)) != 0Description
TRUEevaluated 20 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 26 times by 1 test
Evaluated by:
  • libssl.so.1.1
20-26
137 /*-
138 * If it's ServerHello or EncryptedExtensions we can't have any-
139 * extensions not sent in ClientHello.-
140 */-
141 if ((meth->ext_flags & SSL_EXT_FLAG_SENT) == 0) {
(meth->ext_flags & 0x2) == 0Description
TRUEnever evaluated
FALSEevaluated 20 times by 1 test
Evaluated by:
  • libssl.so.1.1
0-20
142 SSLfatal(s, TLS1_AD_UNSUPPORTED_EXTENSION, SSL_F_CUSTOM_EXT_PARSE,-
143 SSL_R_BAD_EXTENSION);-
144 return 0;
never executed: return 0;
0
145 }-
146 }
executed 20 times by 1 test: end of block
Executed by:
  • libssl.so.1.1
20
147-
148 /*-
149 * Extensions received in the ClientHello are marked with the-
150 * SSL_EXT_FLAG_RECEIVED. This is so we know to add the equivalent-
151 * extensions in the ServerHello/EncryptedExtensions message-
152 */-
153 if ((context & SSL_EXT_CLIENT_HELLO) != 0)
(context & 0x0080) != 0Description
TRUEevaluated 22 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 24 times by 1 test
Evaluated by:
  • libssl.so.1.1
22-24
154 meth->ext_flags |= SSL_EXT_FLAG_RECEIVED;
executed 22 times by 1 test: meth->ext_flags |= 0x1;
Executed by:
  • libssl.so.1.1
22
155-
156 /* If no parse function set return success */-
157 if (!meth->parse_cb)
!meth->parse_cbDescription
TRUEnever evaluated
FALSEevaluated 46 times by 1 test
Evaluated by:
  • libssl.so.1.1
0-46
158 return 1;
never executed: return 1;
0
159-
160 if (meth->parse_cb(s, ext_type, context, ext_data, ext_size, x, chainidx,
meth->parse_cb...arse_arg) <= 0Description
TRUEnever evaluated
FALSEevaluated 46 times by 1 test
Evaluated by:
  • libssl.so.1.1
0-46
161 &al, meth->parse_arg) <= 0) {
meth->parse_cb...arse_arg) <= 0Description
TRUEnever evaluated
FALSEevaluated 46 times by 1 test
Evaluated by:
  • libssl.so.1.1
0-46
162 SSLfatal(s, al, SSL_F_CUSTOM_EXT_PARSE, SSL_R_BAD_EXTENSION);-
163 return 0;
never executed: return 0;
0
164 }-
165-
166 return 1;
executed 46 times by 1 test: return 1;
Executed by:
  • libssl.so.1.1
46
167}-
168-
169/*-
170 * Request custom extension data from the application and add to the return-
171 * buffer.-
172 */-
173int custom_ext_add(SSL *s, int context, WPACKET *pkt, X509 *x, size_t chainidx,-
174 int maxversion)-
175{-
176 custom_ext_methods *exts = &s->cert->custext;-
177 custom_ext_method *meth;-
178 size_t i;-
179 int al;-
180-
181 for (i = 0; i < exts->meths_count; i++) {
i < exts->meths_countDescription
TRUEevaluated 67 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 10211 times by 1 test
Evaluated by:
  • libssl.so.1.1
67-10211
182 const unsigned char *out = NULL;-
183 size_t outlen = 0;-
184-
185 meth = exts->meths + i;-
186-
187 if (!should_add_extension(s, meth->context, context, maxversion))
!should_add_ex...t, maxversion)Description
TRUEevaluated 9 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 58 times by 1 test
Evaluated by:
  • libssl.so.1.1
9-58
188 continue;
executed 9 times by 1 test: continue;
Executed by:
  • libssl.so.1.1
9
189-
190 if ((context & (SSL_EXT_TLS1_2_SERVER_HELLO
(context & (0x... 0x0800)) != 0Description
TRUEevaluated 32 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 26 times by 1 test
Evaluated by:
  • libssl.so.1.1
26-32
191 | SSL_EXT_TLS1_3_SERVER_HELLO
(context & (0x... 0x0800)) != 0Description
TRUEevaluated 32 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 26 times by 1 test
Evaluated by:
  • libssl.so.1.1
26-32
192 | SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS
(context & (0x... 0x0800)) != 0Description
TRUEevaluated 32 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 26 times by 1 test
Evaluated by:
  • libssl.so.1.1
26-32
193 | SSL_EXT_TLS1_3_CERTIFICATE
(context & (0x... 0x0800)) != 0Description
TRUEevaluated 32 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 26 times by 1 test
Evaluated by:
  • libssl.so.1.1
26-32
194 | SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST)) != 0) {
(context & (0x... 0x0800)) != 0Description
TRUEevaluated 32 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 26 times by 1 test
Evaluated by:
  • libssl.so.1.1
26-32
195 /* Only send extensions present in ClientHello. */-
196 if (!(meth->ext_flags & SSL_EXT_FLAG_RECEIVED))
!(meth->ext_flags & 0x1)Description
TRUEevaluated 7 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 25 times by 1 test
Evaluated by:
  • libssl.so.1.1
7-25
197 continue;
executed 7 times by 1 test: continue;
Executed by:
  • libssl.so.1.1
7
198 }
executed 25 times by 1 test: end of block
Executed by:
  • libssl.so.1.1
25
199 /*-
200 * We skip it if the callback is absent - except for a ClientHello where-
201 * we add an empty extension.-
202 */-
203 if ((context & SSL_EXT_CLIENT_HELLO) == 0 && meth->add_cb == NULL)
(context & 0x0080) == 0Description
TRUEevaluated 28 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 23 times by 1 test
Evaluated by:
  • libssl.so.1.1
meth->add_cb == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 28 times by 1 test
Evaluated by:
  • libssl.so.1.1
0-28
204 continue;
never executed: continue;
0
205-
206 if (meth->add_cb != NULL) {
meth->add_cb != ((void *)0)Description
TRUEevaluated 51 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEnever evaluated
0-51
207 int cb_retval = meth->add_cb(s, meth->ext_type, context, &out,-
208 &outlen, x, chainidx, &al,-
209 meth->add_arg);-
210-
211 if (cb_retval < 0) {
cb_retval < 0Description
TRUEnever evaluated
FALSEevaluated 51 times by 1 test
Evaluated by:
  • libssl.so.1.1
0-51
212 SSLfatal(s, al, SSL_F_CUSTOM_EXT_ADD, SSL_R_CALLBACK_FAILED);-
213 return 0; /* error */
never executed: return 0;
0
214 }-
215 if (cb_retval == 0)
cb_retval == 0Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 47 times by 1 test
Evaluated by:
  • libssl.so.1.1
4-47
216 continue; /* skip this extension */
executed 4 times by 1 test: continue;
Executed by:
  • libssl.so.1.1
4
217 }
executed 47 times by 1 test: end of block
Executed by:
  • libssl.so.1.1
47
218-
219 if (!WPACKET_put_bytes_u16(pkt, meth->ext_type)
!WPACKET_put_b...>ext_type), 2)Description
TRUEnever evaluated
FALSEevaluated 47 times by 1 test
Evaluated by:
  • libssl.so.1.1
0-47
220 || !WPACKET_start_sub_packet_u16(pkt)
!WPACKET_start...en__((pkt), 2)Description
TRUEnever evaluated
FALSEevaluated 47 times by 1 test
Evaluated by:
  • libssl.so.1.1
0-47
221 || (outlen > 0 && !WPACKET_memcpy(pkt, out, outlen))
outlen > 0Description
TRUEevaluated 39 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 8 times by 1 test
Evaluated by:
  • libssl.so.1.1
!WPACKET_memcp..., out, outlen)Description
TRUEnever evaluated
FALSEevaluated 39 times by 1 test
Evaluated by:
  • libssl.so.1.1
0-39
222 || !WPACKET_close(pkt)) {
!WPACKET_close(pkt)Description
TRUEnever evaluated
FALSEevaluated 47 times by 1 test
Evaluated by:
  • libssl.so.1.1
0-47
223 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_CUSTOM_EXT_ADD,-
224 ERR_R_INTERNAL_ERROR);-
225 return 0;
never executed: return 0;
0
226 }-
227 if ((context & SSL_EXT_CLIENT_HELLO) != 0) {
(context & 0x0080) != 0Description
TRUEevaluated 21 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 26 times by 1 test
Evaluated by:
  • libssl.so.1.1
21-26
228 /*-
229 * We can't send duplicates: code logic should prevent this.-
230 */-
231 if (!ossl_assert((meth->ext_flags & SSL_EXT_FLAG_SENT) == 0)) {
!(((meth->ext_...2) == 0) != 0)Description
TRUEnever evaluated
FALSEevaluated 21 times by 1 test
Evaluated by:
  • libssl.so.1.1
0-21
232 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_CUSTOM_EXT_ADD,-
233 ERR_R_INTERNAL_ERROR);-
234 return 0;
never executed: return 0;
0
235 }-
236 /*-
237 * Indicate extension has been sent: this is both a sanity check to-
238 * ensure we don't send duplicate extensions and indicates that it-
239 * is not an error if the extension is present in ServerHello.-
240 */-
241 meth->ext_flags |= SSL_EXT_FLAG_SENT;-
242 }
executed 21 times by 1 test: end of block
Executed by:
  • libssl.so.1.1
21
243 if (meth->free_cb != NULL)
meth->free_cb != ((void *)0)Description
TRUEevaluated 46 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 1 time by 1 test
Evaluated by:
  • libssl.so.1.1
1-46
244 meth->free_cb(s, meth->ext_type, context, out, meth->add_arg);
executed 46 times by 1 test: meth->free_cb(s, meth->ext_type, context, out, meth->add_arg);
Executed by:
  • libssl.so.1.1
46
245 }
executed 47 times by 1 test: end of block
Executed by:
  • libssl.so.1.1
47
246 return 1;
executed 10211 times by 1 test: return 1;
Executed by:
  • libssl.so.1.1
10211
247}-
248-
249/* Copy the flags from src to dst for any extensions that exist in both */-
250int custom_exts_copy_flags(custom_ext_methods *dst,-
251 const custom_ext_methods *src)-
252{-
253 size_t i;-
254 custom_ext_method *methsrc = src->meths;-
255-
256 for (i = 0; i < src->meths_count; i++, methsrc++) {
i < src->meths_countDescription
TRUEevaluated 2 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 24 times by 1 test
Evaluated by:
  • libssl.so.1.1
2-24
257 custom_ext_method *methdst = custom_ext_find(dst, methsrc->role,-
258 methsrc->ext_type, NULL);-
259-
260 if (methdst == NULL)
methdst == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • libssl.so.1.1
0-2
261 continue;
never executed: continue;
0
262-
263 methdst->ext_flags = methsrc->ext_flags;-
264 }
executed 2 times by 1 test: end of block
Executed by:
  • libssl.so.1.1
2
265-
266 return 1;
executed 24 times by 1 test: return 1;
Executed by:
  • libssl.so.1.1
24
267}-
268-
269/* Copy table of custom extensions */-
270int custom_exts_copy(custom_ext_methods *dst, const custom_ext_methods *src)-
271{-
272 size_t i;-
273 int err = 0;-
274-
275 if (src->meths_count > 0) {
src->meths_count > 0Description
TRUEevaluated 33 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 8245 times by 2 tests
Evaluated by:
  • libssl.so.1.1
  • tls13encryptiontest
33-8245
276 dst->meths =-
277 OPENSSL_memdup(src->meths,-
278 sizeof(*src->meths) * src->meths_count);-
279 if (dst->meths == NULL)
dst->meths == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 33 times by 1 test
Evaluated by:
  • libssl.so.1.1
0-33
280 return 0;
never executed: return 0;
0
281 dst->meths_count = src->meths_count;-
282-
283 for (i = 0; i < src->meths_count; i++) {
i < src->meths_countDescription
TRUEevaluated 55 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 33 times by 1 test
Evaluated by:
  • libssl.so.1.1
33-55
284 custom_ext_method *methsrc = src->meths + i;-
285 custom_ext_method *methdst = dst->meths + i;-
286-
287 if (methsrc->add_cb != custom_ext_add_old_cb_wrap)
methsrc->add_c...dd_old_cb_wrapDescription
TRUEevaluated 17 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 38 times by 1 test
Evaluated by:
  • libssl.so.1.1
17-38
288 continue;
executed 17 times by 1 test: continue;
Executed by:
  • libssl.so.1.1
17
289-
290 /*-
291 * We have found an old style API wrapper. We need to copy the-
292 * arguments too.-
293 */-
294-
295 if (err) {
errDescription
TRUEnever evaluated
FALSEevaluated 38 times by 1 test
Evaluated by:
  • libssl.so.1.1
0-38
296 methdst->add_arg = NULL;-
297 methdst->parse_arg = NULL;-
298 continue;
never executed: continue;
0
299 }-
300-
301 methdst->add_arg = OPENSSL_memdup(methsrc->add_arg,-
302 sizeof(custom_ext_add_cb_wrap));-
303 methdst->parse_arg = OPENSSL_memdup(methsrc->parse_arg,-
304 sizeof(custom_ext_parse_cb_wrap));-
305-
306 if (methdst->add_arg == NULL || methdst->parse_arg == NULL)
methdst->add_a...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 38 times by 1 test
Evaluated by:
  • libssl.so.1.1
methdst->parse...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 38 times by 1 test
Evaluated by:
  • libssl.so.1.1
0-38
307 err = 1;
never executed: err = 1;
0
308 }
executed 38 times by 1 test: end of block
Executed by:
  • libssl.so.1.1
38
309 }
executed 33 times by 1 test: end of block
Executed by:
  • libssl.so.1.1
33
310-
311 if (err) {
errDescription
TRUEnever evaluated
FALSEevaluated 8278 times by 2 tests
Evaluated by:
  • libssl.so.1.1
  • tls13encryptiontest
0-8278
312 custom_exts_free(dst);-
313 return 0;
never executed: return 0;
0
314 }-
315-
316 return 1;
executed 8278 times by 2 tests: return 1;
Executed by:
  • libssl.so.1.1
  • tls13encryptiontest
8278
317}-
318-
319void custom_exts_free(custom_ext_methods *exts)-
320{-
321 size_t i;-
322 custom_ext_method *meth;-
323-
324 for (i = 0, meth = exts->meths; i < exts->meths_count; i++, meth++) {
i < exts->meths_countDescription
TRUEevaluated 123 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 16295 times by 2 tests
Evaluated by:
  • libssl.so.1.1
  • tls13encryptiontest
123-16295
325 if (meth->add_cb != custom_ext_add_old_cb_wrap)
meth->add_cb !...dd_old_cb_wrapDescription
TRUEevaluated 28 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 95 times by 1 test
Evaluated by:
  • libssl.so.1.1
28-95
326 continue;
executed 28 times by 1 test: continue;
Executed by:
  • libssl.so.1.1
28
327-
328 /* Old style API wrapper. Need to free the arguments too */-
329 OPENSSL_free(meth->add_arg);-
330 OPENSSL_free(meth->parse_arg);-
331 }
executed 95 times by 1 test: end of block
Executed by:
  • libssl.so.1.1
95
332 OPENSSL_free(exts->meths);-
333}
executed 16295 times by 2 tests: end of block
Executed by:
  • libssl.so.1.1
  • tls13encryptiontest
16295
334-
335/* Return true if a client custom extension exists, false otherwise */-
336int SSL_CTX_has_client_custom_ext(const SSL_CTX *ctx, unsigned int ext_type)-
337{-
338 return custom_ext_find(&ctx->cert->custext, ENDPOINT_CLIENT, ext_type,
executed 22 times by 1 test: return custom_ext_find(&ctx->cert->custext, ENDPOINT_CLIENT, ext_type, ((void *)0) ) != ((void *)0) ;
Executed by:
  • libssl.so.1.1
22
339 NULL) != NULL;
executed 22 times by 1 test: return custom_ext_find(&ctx->cert->custext, ENDPOINT_CLIENT, ext_type, ((void *)0) ) != ((void *)0) ;
Executed by:
  • libssl.so.1.1
22
340}-
341-
342static int add_custom_ext_intern(SSL_CTX *ctx, ENDPOINT role,-
343 unsigned int ext_type,-
344 unsigned int context,-
345 SSL_custom_ext_add_cb_ex add_cb,-
346 SSL_custom_ext_free_cb_ex free_cb,-
347 void *add_arg,-
348 SSL_custom_ext_parse_cb_ex parse_cb,-
349 void *parse_arg)-
350{-
351 custom_ext_methods *exts = &ctx->cert->custext;-
352 custom_ext_method *meth, *tmp;-
353-
354 /*-
355 * Check application error: if add_cb is not set free_cb will never be-
356 * called.-
357 */-
358 if (add_cb == NULL && free_cb != NULL)
add_cb == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 88 times by 1 test
Evaluated by:
  • libssl.so.1.1
free_cb != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0-88
359 return 0;
never executed: return 0;
0
360-
361#ifndef OPENSSL_NO_CT-
362 /*-
363 * We don't want applications registering callbacks for SCT extensions-
364 * whilst simultaneously using the built-in SCT validation features, as-
365 * these two things may not play well together.-
366 */-
367 if (ext_type == TLSEXT_TYPE_signed_certificate_timestamp
ext_type == 18Description
TRUEevaluated 15 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 73 times by 1 test
Evaluated by:
  • libssl.so.1.1
15-73
368 && (context & SSL_EXT_CLIENT_HELLO) != 0
(context & 0x0080) != 0Description
TRUEevaluated 15 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEnever evaluated
0-15
369 && SSL_CTX_ct_is_enabled(ctx))
SSL_CTX_ct_is_enabled(ctx)Description
TRUEnever evaluated
FALSEevaluated 15 times by 1 test
Evaluated by:
  • libssl.so.1.1
0-15
370 return 0;
never executed: return 0;
0
371#endif-
372-
373 /*-
374 * Don't add if extension supported internally, but make exception-
375 * for extension types that previously were not supported, but now are.-
376 */-
377 if (SSL_extension_supported(ext_type)
SSL_extension_...rted(ext_type)Description
TRUEevaluated 15 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 73 times by 1 test
Evaluated by:
  • libssl.so.1.1
15-73
378 && ext_type != TLSEXT_TYPE_signed_certificate_timestamp)
ext_type != 18Description
TRUEnever evaluated
FALSEevaluated 15 times by 1 test
Evaluated by:
  • libssl.so.1.1
0-15
379 return 0;
never executed: return 0;
0
380-
381 /* Extension type must fit in 16 bits */-
382 if (ext_type > 0xffff)
ext_type > 0xffffDescription
TRUEnever evaluated
FALSEevaluated 88 times by 1 test
Evaluated by:
  • libssl.so.1.1
0-88
383 return 0;
never executed: return 0;
0
384 /* Search for duplicate */-
385 if (custom_ext_find(exts, role, ext_type, NULL))
custom_ext_fin... ((void *)0) )Description
TRUEevaluated 20 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 68 times by 1 test
Evaluated by:
  • libssl.so.1.1
20-68
386 return 0;
executed 20 times by 1 test: return 0;
Executed by:
  • libssl.so.1.1
20
387 tmp = OPENSSL_realloc(exts->meths,-
388 (exts->meths_count + 1) * sizeof(custom_ext_method));-
389 if (tmp == NULL)
tmp == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 68 times by 1 test
Evaluated by:
  • libssl.so.1.1
0-68
390 return 0;
never executed: return 0;
0
391-
392 exts->meths = tmp;-
393 meth = exts->meths + exts->meths_count;-
394 memset(meth, 0, sizeof(*meth));-
395 meth->role = role;-
396 meth->context = context;-
397 meth->parse_cb = parse_cb;-
398 meth->add_cb = add_cb;-
399 meth->free_cb = free_cb;-
400 meth->ext_type = ext_type;-
401 meth->add_arg = add_arg;-
402 meth->parse_arg = parse_arg;-
403 exts->meths_count++;-
404 return 1;
executed 68 times by 1 test: return 1;
Executed by:
  • libssl.so.1.1
68
405}-
406-
407static int add_old_custom_ext(SSL_CTX *ctx, ENDPOINT role,-
408 unsigned int ext_type,-
409 unsigned int context,-
410 custom_ext_add_cb add_cb,-
411 custom_ext_free_cb free_cb,-
412 void *add_arg,-
413 custom_ext_parse_cb parse_cb, void *parse_arg)-
414{-
415 custom_ext_add_cb_wrap *add_cb_wrap-
416 = OPENSSL_malloc(sizeof(*add_cb_wrap));-
417 custom_ext_parse_cb_wrap *parse_cb_wrap-
418 = OPENSSL_malloc(sizeof(*parse_cb_wrap));-
419 int ret;-
420-
421 if (add_cb_wrap == NULL || parse_cb_wrap == NULL) {
add_cb_wrap == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 67 times by 1 test
Evaluated by:
  • libssl.so.1.1
parse_cb_wrap == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 67 times by 1 test
Evaluated by:
  • libssl.so.1.1
0-67
422 OPENSSL_free(add_cb_wrap);-
423 OPENSSL_free(parse_cb_wrap);-
424 return 0;
never executed: return 0;
0
425 }-
426-
427 add_cb_wrap->add_arg = add_arg;-
428 add_cb_wrap->add_cb = add_cb;-
429 add_cb_wrap->free_cb = free_cb;-
430 parse_cb_wrap->parse_arg = parse_arg;-
431 parse_cb_wrap->parse_cb = parse_cb;-
432-
433 ret = add_custom_ext_intern(ctx, role, ext_type,-
434 context,-
435 custom_ext_add_old_cb_wrap,-
436 custom_ext_free_old_cb_wrap,-
437 add_cb_wrap,-
438 custom_ext_parse_old_cb_wrap,-
439 parse_cb_wrap);-
440-
441 if (!ret) {
!retDescription
TRUEevaluated 10 times by 1 test
Evaluated by:
  • libssl.so.1.1
FALSEevaluated 57 times by 1 test
Evaluated by:
  • libssl.so.1.1
10-57
442 OPENSSL_free(add_cb_wrap);-
443 OPENSSL_free(parse_cb_wrap);-
444 }
executed 10 times by 1 test: end of block
Executed by:
  • libssl.so.1.1
10
445-
446 return ret;
executed 67 times by 1 test: return ret;
Executed by:
  • libssl.so.1.1
67
447}-
448-
449/* Application level functions to add the old custom extension callbacks */-
450int SSL_CTX_add_client_custom_ext(SSL_CTX *ctx, unsigned int ext_type,-
451 custom_ext_add_cb add_cb,-
452 custom_ext_free_cb free_cb,-
453 void *add_arg,-
454 custom_ext_parse_cb parse_cb, void *parse_arg)-
455{-
456 return add_old_custom_ext(ctx, ENDPOINT_CLIENT, ext_type,
executed 20 times by 1 test: return add_old_custom_ext(ctx, ENDPOINT_CLIENT, ext_type, 0x0010 | 0x0080 | 0x0100 | 0x0040, add_cb, free_cb, add_arg, parse_cb, parse_arg);
Executed by:
  • libssl.so.1.1
20
457 SSL_EXT_TLS1_2_AND_BELOW_ONLY
executed 20 times by 1 test: return add_old_custom_ext(ctx, ENDPOINT_CLIENT, ext_type, 0x0010 | 0x0080 | 0x0100 | 0x0040, add_cb, free_cb, add_arg, parse_cb, parse_arg);
Executed by:
  • libssl.so.1.1
20
458 | SSL_EXT_CLIENT_HELLO
executed 20 times by 1 test: return add_old_custom_ext(ctx, ENDPOINT_CLIENT, ext_type, 0x0010 | 0x0080 | 0x0100 | 0x0040, add_cb, free_cb, add_arg, parse_cb, parse_arg);
Executed by:
  • libssl.so.1.1
20
459 | SSL_EXT_TLS1_2_SERVER_HELLO
executed 20 times by 1 test: return add_old_custom_ext(ctx, ENDPOINT_CLIENT, ext_type, 0x0010 | 0x0080 | 0x0100 | 0x0040, add_cb, free_cb, add_arg, parse_cb, parse_arg);
Executed by:
  • libssl.so.1.1
20
460 | SSL_EXT_IGNORE_ON_RESUMPTION,
executed 20 times by 1 test: return add_old_custom_ext(ctx, ENDPOINT_CLIENT, ext_type, 0x0010 | 0x0080 | 0x0100 | 0x0040, add_cb, free_cb, add_arg, parse_cb, parse_arg);
Executed by:
  • libssl.so.1.1
20
461 add_cb, free_cb, add_arg, parse_cb, parse_arg);
executed 20 times by 1 test: return add_old_custom_ext(ctx, ENDPOINT_CLIENT, ext_type, 0x0010 | 0x0080 | 0x0100 | 0x0040, add_cb, free_cb, add_arg, parse_cb, parse_arg);
Executed by:
  • libssl.so.1.1
20
462}-
463-
464int SSL_CTX_add_server_custom_ext(SSL_CTX *ctx, unsigned int ext_type,-
465 custom_ext_add_cb add_cb,-
466 custom_ext_free_cb free_cb,-
467 void *add_arg,-
468 custom_ext_parse_cb parse_cb, void *parse_arg)-
469{-
470 return add_old_custom_ext(ctx, ENDPOINT_SERVER, ext_type,
executed 47 times by 1 test: return add_old_custom_ext(ctx, ENDPOINT_SERVER, ext_type, 0x0010 | 0x0080 | 0x0100 | 0x0040, add_cb, free_cb, add_arg, parse_cb, parse_arg);
Executed by:
  • libssl.so.1.1
47
471 SSL_EXT_TLS1_2_AND_BELOW_ONLY
executed 47 times by 1 test: return add_old_custom_ext(ctx, ENDPOINT_SERVER, ext_type, 0x0010 | 0x0080 | 0x0100 | 0x0040, add_cb, free_cb, add_arg, parse_cb, parse_arg);
Executed by:
  • libssl.so.1.1
47
472 | SSL_EXT_CLIENT_HELLO
executed 47 times by 1 test: return add_old_custom_ext(ctx, ENDPOINT_SERVER, ext_type, 0x0010 | 0x0080 | 0x0100 | 0x0040, add_cb, free_cb, add_arg, parse_cb, parse_arg);
Executed by:
  • libssl.so.1.1
47
473 | SSL_EXT_TLS1_2_SERVER_HELLO
executed 47 times by 1 test: return add_old_custom_ext(ctx, ENDPOINT_SERVER, ext_type, 0x0010 | 0x0080 | 0x0100 | 0x0040, add_cb, free_cb, add_arg, parse_cb, parse_arg);
Executed by:
  • libssl.so.1.1
47
474 | SSL_EXT_IGNORE_ON_RESUMPTION,
executed 47 times by 1 test: return add_old_custom_ext(ctx, ENDPOINT_SERVER, ext_type, 0x0010 | 0x0080 | 0x0100 | 0x0040, add_cb, free_cb, add_arg, parse_cb, parse_arg);
Executed by:
  • libssl.so.1.1
47
475 add_cb, free_cb, add_arg, parse_cb, parse_arg);
executed 47 times by 1 test: return add_old_custom_ext(ctx, ENDPOINT_SERVER, ext_type, 0x0010 | 0x0080 | 0x0100 | 0x0040, add_cb, free_cb, add_arg, parse_cb, parse_arg);
Executed by:
  • libssl.so.1.1
47
476}-
477-
478int SSL_CTX_add_custom_ext(SSL_CTX *ctx, unsigned int ext_type,-
479 unsigned int context,-
480 SSL_custom_ext_add_cb_ex add_cb,-
481 SSL_custom_ext_free_cb_ex free_cb,-
482 void *add_arg,-
483 SSL_custom_ext_parse_cb_ex parse_cb, void *parse_arg)-
484{-
485 return add_custom_ext_intern(ctx, ENDPOINT_BOTH, ext_type, context, add_cb,
executed 21 times by 1 test: return add_custom_ext_intern(ctx, ENDPOINT_BOTH, ext_type, context, add_cb, free_cb, add_arg, parse_cb, parse_arg);
Executed by:
  • libssl.so.1.1
21
486 free_cb, add_arg, parse_cb, parse_arg);
executed 21 times by 1 test: return add_custom_ext_intern(ctx, ENDPOINT_BOTH, ext_type, context, add_cb, free_cb, add_arg, parse_cb, parse_arg);
Executed by:
  • libssl.so.1.1
21
487}-
488-
489int SSL_extension_supported(unsigned int ext_type)-
490{-
491 switch (ext_type) {-
492 /* Internally supported extensions. */-
493 case TLSEXT_TYPE_application_layer_protocol_negotiation:
never executed: case 16:
0
494#ifndef OPENSSL_NO_EC-
495 case TLSEXT_TYPE_ec_point_formats:
never executed: case 11:
0
496 case TLSEXT_TYPE_supported_groups:
never executed: case 10:
0
497 case TLSEXT_TYPE_key_share:
never executed: case 51:
0
498#endif-
499#ifndef OPENSSL_NO_NEXTPROTONEG-
500 case TLSEXT_TYPE_next_proto_neg:
never executed: case 13172:
0
501#endif-
502 case TLSEXT_TYPE_padding:
never executed: case 21:
0
503 case TLSEXT_TYPE_renegotiate:
never executed: case 0xff01:
0
504 case TLSEXT_TYPE_max_fragment_length:
never executed: case 1:
0
505 case TLSEXT_TYPE_server_name:
never executed: case 0:
0
506 case TLSEXT_TYPE_session_ticket:
never executed: case 35:
0
507 case TLSEXT_TYPE_signature_algorithms:
never executed: case 13:
0
508#ifndef OPENSSL_NO_SRP-
509 case TLSEXT_TYPE_srp:
never executed: case 12:
0
510#endif-
511#ifndef OPENSSL_NO_OCSP-
512 case TLSEXT_TYPE_status_request:
never executed: case 5:
0
513#endif-
514#ifndef OPENSSL_NO_CT-
515 case TLSEXT_TYPE_signed_certificate_timestamp:
executed 15 times by 1 test: case 18:
Executed by:
  • libssl.so.1.1
15
516#endif-
517#ifndef OPENSSL_NO_SRTP-
518 case TLSEXT_TYPE_use_srtp:
never executed: case 14:
0
519#endif-
520 case TLSEXT_TYPE_encrypt_then_mac:
never executed: case 22:
0
521 case TLSEXT_TYPE_supported_versions:
never executed: case 43:
0
522 case TLSEXT_TYPE_extended_master_secret:
never executed: case 23:
0
523 case TLSEXT_TYPE_psk_kex_modes:
never executed: case 45:
0
524 case TLSEXT_TYPE_cookie:
never executed: case 44:
0
525 case TLSEXT_TYPE_early_data:
never executed: case 42:
0
526 case TLSEXT_TYPE_certificate_authorities:
never executed: case 47:
0
527 case TLSEXT_TYPE_psk:
never executed: case 41:
0
528 case TLSEXT_TYPE_post_handshake_auth:
never executed: case 49:
0
529 return 1;
executed 15 times by 1 test: return 1;
Executed by:
  • libssl.so.1.1
15
530 default:
executed 73 times by 1 test: default:
Executed by:
  • libssl.so.1.1
73
531 return 0;
executed 73 times by 1 test: return 0;
Executed by:
  • libssl.so.1.1
73
532 }-
533}-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2