Add ability for application to control which TLS extensions are used

GH #1186
author: Jack Lloyd <[email protected]> 2018-01-07 16:48:07 -0500
committer: Jack Lloyd <[email protected]> 2018-01-27 09:43:13 -0500
commit: 936da0514b06b341e6fab372477e32c90df05d57 (patch)
tree: 0b5b87ae056c8efe8c3f4e1a63075b546bae329a /src/lib/tls/msg_client_hello.cpp
parent: cfe57137e5957b84b6b749db8d9f02c3ee1f8c1e (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/src/lib/tls/msg_client_hello.cpp b/src/lib/tls/msg_client_hello.cpp
index eeeaf8c71..77068a928 100644
--- a/src/lib/tls/msg_client_hello.cpp
+++ b/src/lib/tls/msg_client_hello.cpp
@@ -10,6 +10,7 @@
 #include <botan/tls_messages.h>
 #include <botan/tls_alert.h>
 #include <botan/tls_exceptn.h>
+#include <botan/tls_callbacks.h>
 #include <botan/rng.h>
 #include <botan/hash.h>
 
@@ -81,6 +82,7 @@ std::vector<uint8_t> Hello_Request::serialize() const
 Client_Hello::Client_Hello(Handshake_IO& io,
                            Handshake_Hash& hash,
                            const Policy& policy,
+                           Callbacks& cb,
                            RandomNumberGenerator& rng,
                            const std::vector<uint8_t>& reneg_info,
                            const Client_Hello::Settings& client_settings,
@@ -140,6 +142,8 @@ Client_Hello::Client_Hello(Handshake_IO& io,
       m_extensions.add(new Signature_Algorithms(policy.allowed_signature_hashes(),
                                                 policy.allowed_signature_methods()));
 
+   cb.tls_modify_extensions(m_extensions);
+
    if(policy.send_fallback_scsv(client_settings.protocol_version()))
       m_suites.push_back(TLS_FALLBACK_SCSV);
 
@@ -152,6 +156,7 @@ Client_Hello::Client_Hello(Handshake_IO& io,
 Client_Hello::Client_Hello(Handshake_IO& io,
                            Handshake_Hash& hash,
                            const Policy& policy,
+                           Callbacks& cb,
                            RandomNumberGenerator& rng,
                            const std::vector<uint8_t>& reneg_info,
                            const Session& session,
@@ -201,6 +206,8 @@ Client_Hello::Client_Hello(Handshake_IO& io,
    if(reneg_info.empty() && !next_protocols.empty())
       m_extensions.add(new Application_Layer_Protocol_Notification(next_protocols));
 
+   cb.tls_modify_extensions(m_extensions);
+
    hash.update(io.send(*this));
    }
author	Jack Lloyd <[email protected]>	2018-01-07 16:48:07 -0500
committer	Jack Lloyd <[email protected]>	2018-01-27 09:43:13 -0500
commit	936da0514b06b341e6fab372477e32c90df05d57 (patch)
tree	0b5b87ae056c8efe8c3f4e1a63075b546bae329a /src/lib/tls/msg_client_hello.cpp
parent	cfe57137e5957b84b6b749db8d9f02c3ee1f8c1e (diff)