1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 /*
3 * SSL3 Protocol
4 *
5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
8
9 /* TLS extension code moved here from ssl3ecc.c */
10
11 #include "nssrenam.h"
12 #include "nss.h"
13 #include "ssl.h"
14 #include "sslimpl.h"
15 #include "sslproto.h"
16 #include "ssl3exthandle.h"
17 #include "tls13exthandle.h"
18
19 /* Table of handlers for received TLS hello extensions, one per extension.
20 * In the second generation, this table will be dynamic, and functions
21 * will be registered here.
22 */
23 /* This table is used by the server, to handle client hello extensions. */
24 static const ssl3ExtensionHandler clientHelloHandlers[] = {
25 { ssl_server_name_xtn, &ssl3_HandleServerNameXtn },
26 { ssl_supported_groups_xtn, &ssl_HandleSupportedGroupsXtn },
27 { ssl_ec_point_formats_xtn, &ssl3_HandleSupportedPointFormatsXtn },
28 { ssl_session_ticket_xtn, &ssl3_ServerHandleSessionTicketXtn },
29 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn },
30 { ssl_next_proto_nego_xtn, &ssl3_ServerHandleNextProtoNegoXtn },
31 { ssl_app_layer_protocol_xtn, &ssl3_ServerHandleAppProtoXtn },
32 { ssl_use_srtp_xtn, &ssl3_ServerHandleUseSRTPXtn },
33 { ssl_cert_status_xtn, &ssl3_ServerHandleStatusRequestXtn },
34 { ssl_signature_algorithms_xtn, &ssl3_ServerHandleSigAlgsXtn },
35 { ssl_extended_master_secret_xtn, &ssl3_HandleExtendedMasterSecretXtn },
36 { ssl_signed_cert_timestamp_xtn, &ssl3_ServerHandleSignedCertTimestampXtn },
37 { ssl_tls13_key_share_xtn, &tls13_ServerHandleKeyShareXtn },
38 { ssl_tls13_pre_shared_key_xtn, &tls13_ServerHandlePreSharedKeyXtn },
39 { ssl_tls13_early_data_xtn, &tls13_ServerHandleEarlyDataXtn },
40 { ssl_tls13_psk_key_exchange_modes_xtn,
41 &tls13_ServerHandlePskKeyExchangeModesXtn },
42 { ssl_tls13_short_header_xtn, &tls13_HandleShortHeaderXtn },
43 { -1, NULL }
44 };
45
46 /* These two tables are used by the client, to handle server hello
47 * extensions. */
48 static const ssl3ExtensionHandler serverHelloHandlersTLS[] = {
49 { ssl_server_name_xtn, &ssl3_HandleServerNameXtn },
50 /* TODO: add a handler for ssl_ec_point_formats_xtn */
51 { ssl_session_ticket_xtn, &ssl3_ClientHandleSessionTicketXtn },
52 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn },
53 { ssl_next_proto_nego_xtn, &ssl3_ClientHandleNextProtoNegoXtn },
54 { ssl_app_layer_protocol_xtn, &ssl3_ClientHandleAppProtoXtn },
55 { ssl_use_srtp_xtn, &ssl3_ClientHandleUseSRTPXtn },
56 { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn },
57 { ssl_extended_master_secret_xtn, &ssl3_HandleExtendedMasterSecretXtn },
58 { ssl_signed_cert_timestamp_xtn, &ssl3_ClientHandleSignedCertTimestampXtn },
59 { ssl_tls13_key_share_xtn, &tls13_ClientHandleKeyShareXtn },
60 { ssl_tls13_pre_shared_key_xtn, &tls13_ClientHandlePreSharedKeyXtn },
61 { ssl_tls13_early_data_xtn, &tls13_ClientHandleEarlyDataXtn },
62 { ssl_tls13_short_header_xtn, &tls13_HandleShortHeaderXtn },
63 { -1, NULL }
64 };
65
66 static const ssl3ExtensionHandler helloRetryRequestHandlers[] = {
67 { ssl_tls13_key_share_xtn, tls13_ClientHandleKeyShareXtnHrr },
68 { ssl_tls13_cookie_xtn, tls13_ClientHandleHrrCookie },
69 { -1, NULL }
70 };
71
72 static const ssl3ExtensionHandler serverHelloHandlersSSL3[] = {
73 { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn },
74 { -1, NULL }
75 };
76
77 static const ssl3ExtensionHandler newSessionTicketHandlers[] = {
78 { ssl_tls13_ticket_early_data_info_xtn,
79 &tls13_ClientHandleTicketEarlyDataInfoXtn },
80 { -1, NULL }
81 };
82
83 /* This table is used by the client to handle server certificates in TLS 1.3 */
84 static const ssl3ExtensionHandler serverCertificateHandlers[] = {
85 { ssl_signed_cert_timestamp_xtn, &ssl3_ClientHandleSignedCertTimestampXtn },
86 { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn },
87 { -1, NULL }
88 };
89
90 /* Tables of functions to format TLS hello extensions, one function per
91 * extension.
92 * These static tables are for the formatting of client hello extensions.
93 * The server's table of hello senders is dynamic, in the socket struct,
94 * and sender functions are registered there.
95 * NB: the order of these extensions can have an impact on compatibility. Some
96 * servers (e.g. Tomcat) will terminate the connection if the last extension in
97 * the client hello is empty (for example, the extended master secret
98 * extension, if it were listed last). See bug 1243641.
99 */
100 static const ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTENSIONS] =
101 {
102 { ssl_server_name_xtn, &ssl3_SendServerNameXtn },
103 { ssl_extended_master_secret_xtn, &ssl3_SendExtendedMasterSecretXtn },
104 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn },
105 { ssl_supported_groups_xtn, &ssl_SendSupportedGroupsXtn },
106 { ssl_ec_point_formats_xtn, &ssl3_SendSupportedPointFormatsXtn },
107 { ssl_session_ticket_xtn, &ssl3_SendSessionTicketXtn },
108 { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn },
109 { ssl_app_layer_protocol_xtn, &ssl3_ClientSendAppProtoXtn },
110 { ssl_use_srtp_xtn, &ssl3_ClientSendUseSRTPXtn },
111 { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn },
112 { ssl_signed_cert_timestamp_xtn, &ssl3_ClientSendSignedCertTimestampXtn },
113 { ssl_tls13_key_share_xtn, &tls13_ClientSendKeyShareXtn },
114 { ssl_tls13_early_data_xtn, &tls13_ClientSendEarlyDataXtn },
115 /* Some servers (e.g. WebSphere Application Server 7.0 and Tomcat) will
116 * time out or terminate the connection if the last extension in the
117 * client hello is empty. They are not intolerant of TLS 1.2, so list
118 * signature_algorithms at the end. See bug 1243641. */
119 { ssl_tls13_supported_versions_xtn, &tls13_ClientSendSupportedVersionsXtn },
120 { ssl_tls13_short_header_xtn, &tls13_SendShortHeaderXtn },
121 { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn },
122 { ssl_tls13_cookie_xtn, &tls13_ClientSendHrrCookieXtn },
123 { ssl_tls13_psk_key_exchange_modes_xtn,
124 &tls13_ClientSendPskKeyExchangeModesXtn },
125 /* The pre_shared_key extension MUST be last. */
126 { ssl_tls13_pre_shared_key_xtn, &tls13_ClientSendPreSharedKeyXtn },
127 /* any extra entries will appear as { 0, NULL } */
128 };
129
130 static const ssl3HelloExtensionSender clientHelloSendersSSL3[SSL_MAX_EXTENSIONS] = {
131 { ssl_renegotiation_info_xtn, &ssl3_SendRenegotiationInfoXtn }
132 /* any extra entries will appear as { 0, NULL } */
133 };
134
135 static PRBool
arrayContainsExtension(const PRUint16 * array,PRUint32 len,PRUint16 ex_type)136 arrayContainsExtension(const PRUint16 *array, PRUint32 len, PRUint16 ex_type)
137 {
138 unsigned int i;
139 for (i = 0; i < len; i++) {
140 if (ex_type == array[i])
141 return PR_TRUE;
142 }
143 return PR_FALSE;
144 }
145
146 PRBool
ssl3_ExtensionNegotiated(const sslSocket * ss,PRUint16 ex_type)147 ssl3_ExtensionNegotiated(const sslSocket *ss, PRUint16 ex_type)
148 {
149 const TLSExtensionData *xtnData = &ss->xtnData;
150 return arrayContainsExtension(xtnData->negotiated,
151 xtnData->numNegotiated, ex_type);
152 }
153
154 PRBool
ssl3_ClientExtensionAdvertised(const sslSocket * ss,PRUint16 ex_type)155 ssl3_ClientExtensionAdvertised(const sslSocket *ss, PRUint16 ex_type)
156 {
157 const TLSExtensionData *xtnData = &ss->xtnData;
158 return arrayContainsExtension(xtnData->advertised,
159 xtnData->numAdvertised, ex_type);
160 }
161
162 /* Go through hello extensions in |b| and deserialize
163 * them into the list in |ss->ssl3.hs.remoteExtensions|.
164 * The only checking we do in this point is for duplicates.
165 *
166 * IMPORTANT: This list just contains pointers to the incoming
167 * buffer so they can only be used during ClientHello processing.
168 */
169 SECStatus
ssl3_ParseExtensions(sslSocket * ss,SSL3Opaque ** b,PRUint32 * length)170 ssl3_ParseExtensions(sslSocket *ss, SSL3Opaque **b, PRUint32 *length)
171 {
172 /* Clean out the extensions list. */
173 ssl3_DestroyRemoteExtensions(&ss->ssl3.hs.remoteExtensions);
174
175 while (*length) {
176 SECStatus rv;
177 PRInt32 extension_type;
178 SECItem extension_data = { siBuffer, NULL, 0 };
179 TLSExtension *extension;
180 PRCList *cursor;
181
182 /* Get the extension's type field */
183 extension_type = ssl3_ConsumeHandshakeNumber(ss, 2, b, length);
184 if (extension_type < 0) { /* failure to decode extension_type */
185 return SECFailure; /* alert already sent */
186 }
187
188 SSL_TRC(10, ("%d: SSL3[%d]: parsing extension %d",
189 SSL_GETPID(), ss->fd, extension_type));
190 /* Check whether an extension has been sent multiple times. */
191 for (cursor = PR_NEXT_LINK(&ss->ssl3.hs.remoteExtensions);
192 cursor != &ss->ssl3.hs.remoteExtensions;
193 cursor = PR_NEXT_LINK(cursor)) {
194 if (((TLSExtension *)cursor)->type == extension_type) {
195 (void)SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
196 PORT_SetError(SSL_ERROR_RX_UNEXPECTED_EXTENSION);
197 return SECFailure;
198 }
199 }
200
201 /* Get the data for this extension, so we can pass it or skip it. */
202 rv = ssl3_ConsumeHandshakeVariable(ss, &extension_data, 2, b, length);
203 if (rv != SECSuccess) {
204 return rv; /* alert already sent */
205 }
206
207 extension = PORT_ZNew(TLSExtension);
208 if (!extension) {
209 return SECFailure;
210 }
211
212 extension->type = (PRUint16)extension_type;
213 extension->data = extension_data;
214 PR_APPEND_LINK(&extension->link, &ss->ssl3.hs.remoteExtensions);
215 }
216
217 return SECSuccess;
218 }
219
220 TLSExtension *
ssl3_FindExtension(sslSocket * ss,SSLExtensionType extension_type)221 ssl3_FindExtension(sslSocket *ss, SSLExtensionType extension_type)
222 {
223 PRCList *cursor;
224
225 for (cursor = PR_NEXT_LINK(&ss->ssl3.hs.remoteExtensions);
226 cursor != &ss->ssl3.hs.remoteExtensions;
227 cursor = PR_NEXT_LINK(cursor)) {
228 TLSExtension *extension = (TLSExtension *)cursor;
229
230 if (extension->type == extension_type) {
231 return extension;
232 }
233 }
234
235 return NULL;
236 }
237
238 /* Go through the hello extensions in |ss->ssl3.hs.remoteExtensions|.
239 * For each one, find the extension handler in the table, and
240 * if present, invoke that handler.
241 * Servers ignore any extensions with unknown extension types.
242 * Clients reject any extensions with unadvertised extension types
243 *
244 * In TLS >= 1.3, the client checks that extensions appear in the
245 * right phase.
246 */
247 SECStatus
ssl3_HandleParsedExtensions(sslSocket * ss,SSL3HandshakeType handshakeMessage)248 ssl3_HandleParsedExtensions(sslSocket *ss,
249 SSL3HandshakeType handshakeMessage)
250 {
251 const ssl3ExtensionHandler *handlers;
252 PRBool isTLS13 = ss->version >= SSL_LIBRARY_VERSION_TLS_1_3;
253 PRCList *cursor;
254
255 switch (handshakeMessage) {
256 case client_hello:
257 handlers = clientHelloHandlers;
258 break;
259 case new_session_ticket:
260 PORT_Assert(ss->version >= SSL_LIBRARY_VERSION_TLS_1_3);
261 handlers = newSessionTicketHandlers;
262 break;
263 case hello_retry_request:
264 handlers = helloRetryRequestHandlers;
265 break;
266 case encrypted_extensions:
267 PORT_Assert(ss->version >= SSL_LIBRARY_VERSION_TLS_1_3);
268 /* fall through */
269 case server_hello:
270 if (ss->version > SSL_LIBRARY_VERSION_3_0) {
271 handlers = serverHelloHandlersTLS;
272 } else {
273 handlers = serverHelloHandlersSSL3;
274 }
275 break;
276 case certificate:
277 PORT_Assert(!ss->sec.isServer);
278 handlers = serverCertificateHandlers;
279 break;
280 default:
281 PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
282 PORT_Assert(0);
283 return SECFailure;
284 }
285
286 for (cursor = PR_NEXT_LINK(&ss->ssl3.hs.remoteExtensions);
287 cursor != &ss->ssl3.hs.remoteExtensions;
288 cursor = PR_NEXT_LINK(cursor)) {
289 TLSExtension *extension = (TLSExtension *)cursor;
290 const ssl3ExtensionHandler *handler;
291
292 /* Check whether the server sent an extension which was not advertised
293 * in the ClientHello */
294 if (!ss->sec.isServer &&
295 !ssl3_ClientExtensionAdvertised(ss, extension->type) &&
296 (handshakeMessage != new_session_ticket) &&
297 (extension->type != ssl_tls13_cookie_xtn)) {
298 (void)SSL3_SendAlert(ss, alert_fatal, unsupported_extension);
299 PORT_SetError(SSL_ERROR_RX_UNEXPECTED_EXTENSION);
300 return SECFailure;
301 }
302
303 /* Check that this is a legal extension in TLS 1.3 */
304 if (isTLS13 && !tls13_ExtensionAllowed(extension->type, handshakeMessage)) {
305 if (handshakeMessage == client_hello) {
306 /* Skip extensions not used in TLS 1.3 */
307 continue;
308 }
309 tls13_FatalError(ss, SSL_ERROR_EXTENSION_DISALLOWED_FOR_VERSION,
310 unsupported_extension);
311 return SECFailure;
312 }
313
314 /* Special check for this being the last extension if it's
315 * PreSharedKey */
316 if (ss->sec.isServer && isTLS13 &&
317 (extension->type == ssl_tls13_pre_shared_key_xtn) &&
318 (PR_NEXT_LINK(cursor) != &ss->ssl3.hs.remoteExtensions)) {
319 tls13_FatalError(ss,
320 SSL_ERROR_RX_MALFORMED_CLIENT_HELLO,
321 illegal_parameter);
322 return SECFailure;
323 }
324
325 /* find extension_type in table of Hello Extension Handlers */
326 for (handler = handlers; handler->ex_type >= 0; handler++) {
327 /* if found, call this handler */
328 if (handler->ex_type == extension->type) {
329 SECStatus rv;
330
331 rv = (*handler->ex_handler)(ss, &ss->xtnData,
332 (PRUint16)extension->type,
333 &extension->data);
334 if (rv != SECSuccess) {
335 if (!ss->ssl3.fatalAlertSent) {
336 /* send a generic alert if the handler didn't already */
337 (void)SSL3_SendAlert(ss, alert_fatal, handshake_failure);
338 }
339 return SECFailure;
340 }
341 }
342 }
343 }
344 return SECSuccess;
345 }
346
347 /* Syntactic sugar around ssl3_ParseExtensions and
348 * ssl3_HandleParsedExtensions. */
349 SECStatus
ssl3_HandleExtensions(sslSocket * ss,SSL3Opaque ** b,PRUint32 * length,SSL3HandshakeType handshakeMessage)350 ssl3_HandleExtensions(sslSocket *ss,
351 SSL3Opaque **b, PRUint32 *length,
352 SSL3HandshakeType handshakeMessage)
353 {
354 SECStatus rv;
355
356 rv = ssl3_ParseExtensions(ss, b, length);
357 if (rv != SECSuccess)
358 return rv;
359
360 rv = ssl3_HandleParsedExtensions(ss, handshakeMessage);
361 if (rv != SECSuccess)
362 return rv;
363
364 ssl3_DestroyRemoteExtensions(&ss->ssl3.hs.remoteExtensions);
365 return SECSuccess;
366 }
367
368 /* Add a callback function to the table of senders of server hello extensions.
369 */
370 SECStatus
ssl3_RegisterExtensionSender(const sslSocket * ss,TLSExtensionData * xtnData,PRUint16 ex_type,ssl3HelloExtensionSenderFunc cb)371 ssl3_RegisterExtensionSender(const sslSocket *ss,
372 TLSExtensionData *xtnData,
373 PRUint16 ex_type,
374 ssl3HelloExtensionSenderFunc cb)
375 {
376 int i;
377 ssl3HelloExtensionSender *sender;
378 if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) {
379 sender = &xtnData->serverHelloSenders[0];
380 } else {
381 if (tls13_ExtensionAllowed(ex_type, server_hello)) {
382 PORT_Assert(!tls13_ExtensionAllowed(ex_type, encrypted_extensions));
383 sender = &xtnData->serverHelloSenders[0];
384 } else if (tls13_ExtensionAllowed(ex_type, certificate)) {
385 sender = &xtnData->certificateSenders[0];
386 } else {
387 PORT_Assert(tls13_ExtensionAllowed(ex_type, encrypted_extensions));
388 sender = &xtnData->encryptedExtensionsSenders[0];
389 }
390 }
391 for (i = 0; i < SSL_MAX_EXTENSIONS; ++i, ++sender) {
392 if (!sender->ex_sender) {
393 sender->ex_type = ex_type;
394 sender->ex_sender = cb;
395 return SECSuccess;
396 }
397 /* detect duplicate senders */
398 PORT_Assert(sender->ex_type != ex_type);
399 if (sender->ex_type == ex_type) {
400 /* duplicate */
401 break;
402 }
403 }
404 PORT_Assert(i < SSL_MAX_EXTENSIONS); /* table needs to grow */
405 PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
406 return SECFailure;
407 }
408
409 /* call each of the extension senders and return the accumulated length */
410 PRInt32
ssl3_CallHelloExtensionSenders(sslSocket * ss,PRBool append,PRUint32 maxBytes,const ssl3HelloExtensionSender * sender)411 ssl3_CallHelloExtensionSenders(sslSocket *ss, PRBool append, PRUint32 maxBytes,
412 const ssl3HelloExtensionSender *sender)
413 {
414 PRInt32 total_exten_len = 0;
415 int i;
416
417 if (!sender) {
418 if (ss->vrange.max > SSL_LIBRARY_VERSION_3_0) {
419 sender = &clientHelloSendersTLS[0];
420 } else {
421 sender = &clientHelloSendersSSL3[0];
422 }
423 }
424
425 for (i = 0; i < SSL_MAX_EXTENSIONS; ++i, ++sender) {
426 if (sender->ex_sender) {
427 PRInt32 extLen = (*sender->ex_sender)(ss, &ss->xtnData, append, maxBytes);
428 if (extLen < 0)
429 return -1;
430 maxBytes -= extLen;
431 total_exten_len += extLen;
432 }
433 }
434 return total_exten_len;
435 }
436
437 void
ssl3_DestroyRemoteExtensions(PRCList * list)438 ssl3_DestroyRemoteExtensions(PRCList *list)
439 {
440 PRCList *cur_p;
441
442 while (!PR_CLIST_IS_EMPTY(list)) {
443 cur_p = PR_LIST_TAIL(list);
444 PR_REMOVE_LINK(cur_p);
445 PORT_Free(cur_p);
446 }
447 }
448
449 /* Initialize the extension data block. */
450 void
ssl3_InitExtensionData(TLSExtensionData * xtnData)451 ssl3_InitExtensionData(TLSExtensionData *xtnData)
452 {
453 /* Set things up to the right starting state. */
454 PORT_Memset(xtnData, 0, sizeof(*xtnData));
455 xtnData->peerSupportsFfdheGroups = PR_FALSE;
456 PR_INIT_CLIST(&xtnData->remoteKeyShares);
457 }
458
459 /* Free everything that has been allocated and then reset back to
460 * the starting state. */
461 void
ssl3_ResetExtensionData(TLSExtensionData * xtnData)462 ssl3_ResetExtensionData(TLSExtensionData *xtnData)
463 {
464 /* Clean up. */
465 ssl3_FreeSniNameArray(xtnData);
466 PORT_Free(xtnData->clientSigSchemes);
467 SECITEM_FreeItem(&xtnData->nextProto, PR_FALSE);
468 tls13_DestroyKeyShares(&xtnData->remoteKeyShares);
469
470 /* Now reinit. */
471 ssl3_InitExtensionData(xtnData);
472 }
473
474 /* Thunks to let extension handlers operate on const sslSocket* objects. */
475 SECStatus
ssl3_ExtAppendHandshake(const sslSocket * ss,const void * void_src,PRInt32 bytes)476 ssl3_ExtAppendHandshake(const sslSocket *ss, const void *void_src,
477 PRInt32 bytes)
478 {
479 return ssl3_AppendHandshake((sslSocket *)ss, void_src, bytes);
480 }
481
482 SECStatus
ssl3_ExtAppendHandshakeNumber(const sslSocket * ss,PRInt32 num,PRInt32 lenSize)483 ssl3_ExtAppendHandshakeNumber(const sslSocket *ss, PRInt32 num,
484 PRInt32 lenSize)
485 {
486 return ssl3_AppendHandshakeNumber((sslSocket *)ss, num, lenSize);
487 }
488
489 SECStatus
ssl3_ExtAppendHandshakeVariable(const sslSocket * ss,const SSL3Opaque * src,PRInt32 bytes,PRInt32 lenSize)490 ssl3_ExtAppendHandshakeVariable(const sslSocket *ss,
491 const SSL3Opaque *src, PRInt32 bytes,
492 PRInt32 lenSize)
493 {
494 return ssl3_AppendHandshakeVariable((sslSocket *)ss, src, bytes, lenSize);
495 }
496
497 void
ssl3_ExtSendAlert(const sslSocket * ss,SSL3AlertLevel level,SSL3AlertDescription desc)498 ssl3_ExtSendAlert(const sslSocket *ss, SSL3AlertLevel level,
499 SSL3AlertDescription desc)
500 {
501 (void)SSL3_SendAlert((sslSocket *)ss, level, desc);
502 }
503
504 void
ssl3_ExtDecodeError(const sslSocket * ss)505 ssl3_ExtDecodeError(const sslSocket *ss)
506 {
507 (void)ssl3_DecodeError((sslSocket *)ss);
508 }
509
510 SECStatus
ssl3_ExtConsumeHandshake(const sslSocket * ss,void * v,PRInt32 bytes,SSL3Opaque ** b,PRUint32 * length)511 ssl3_ExtConsumeHandshake(const sslSocket *ss, void *v, PRInt32 bytes,
512 SSL3Opaque **b, PRUint32 *length)
513 {
514 return ssl3_ConsumeHandshake((sslSocket *)ss, v, bytes, b, length);
515 }
516
517 PRInt32
ssl3_ExtConsumeHandshakeNumber(const sslSocket * ss,PRInt32 bytes,SSL3Opaque ** b,PRUint32 * length)518 ssl3_ExtConsumeHandshakeNumber(const sslSocket *ss, PRInt32 bytes,
519 SSL3Opaque **b, PRUint32 *length)
520 {
521 return ssl3_ConsumeHandshakeNumber((sslSocket *)ss, bytes, b, length);
522 }
523
524 SECStatus
ssl3_ExtConsumeHandshakeVariable(const sslSocket * ss,SECItem * i,PRInt32 bytes,SSL3Opaque ** b,PRUint32 * length)525 ssl3_ExtConsumeHandshakeVariable(const sslSocket *ss, SECItem *i,
526 PRInt32 bytes, SSL3Opaque **b,
527 PRUint32 *length)
528 {
529 return ssl3_ConsumeHandshakeVariable((sslSocket *)ss, i, bytes, b, length);
530 }
531