[thirdparty/openssl.git] / ssl / t1_ext.c

/* ====================================================================
 * Copyright (c) 2014 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    openssl-core@openssl.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 * This product includes cryptographic software written by Eric Young
 * (eay@cryptsoft.com).  This product includes software written by Tim
 * Hudson (tjh@cryptsoft.com).
 *
 */

/* Custom extension utility functions */

#include <openssl/ct.h>
#include "ssl_locl.h"


/* Find a custom extension from the list. */
static custom_ext_method *custom_ext_find(const custom_ext_methods *exts,
                                          unsigned int ext_type)
{
    size_t i;
    custom_ext_method *meth = exts->meths;
    for (i = 0; i < exts->meths_count; i++, meth++) {
        if (ext_type == meth->ext_type)
            return meth;
    }
    return NULL;
}

/*
 * Initialise custom extensions flags to indicate neither sent nor received.
 */
void custom_ext_init(custom_ext_methods *exts)
{
    size_t i;
    custom_ext_method *meth = exts->meths;
    for (i = 0; i < exts->meths_count; i++, meth++)
        meth->ext_flags = 0;
}

/* Pass received custom extension data to the application for parsing. */
int custom_ext_parse(SSL *s, int server,
                     unsigned int ext_type,
                     const unsigned char *ext_data, size_t ext_size, int *al)
{
    custom_ext_methods *exts = server ? &s->cert->srv_ext : &s->cert->cli_ext;
    custom_ext_method *meth;
    meth = custom_ext_find(exts, ext_type);
    /* If not found return success */
    if (!meth)
        return 1;
    if (!server) {
        /*
         * If it's ServerHello we can't have any extensions not sent in
         * ClientHello.
         */
        if (!(meth->ext_flags & SSL_EXT_FLAG_SENT)) {
            *al = TLS1_AD_UNSUPPORTED_EXTENSION;
            return 0;
        }
    }
    /* If already present it's a duplicate */
    if (meth->ext_flags & SSL_EXT_FLAG_RECEIVED) {
        *al = TLS1_AD_DECODE_ERROR;
        return 0;
    }
    meth->ext_flags |= SSL_EXT_FLAG_RECEIVED;
    /* If no parse function set return success */
    if (!meth->parse_cb)
        return 1;

    return meth->parse_cb(s, ext_type, ext_data, ext_size, al,
                          meth->parse_arg);
}

/*
 * Request custom extension data from the application and add to the return
 * buffer.
 */
int custom_ext_add(SSL *s, int server,
                   unsigned char **pret, unsigned char *limit, int *al)
{
    custom_ext_methods *exts = server ? &s->cert->srv_ext : &s->cert->cli_ext;
    custom_ext_method *meth;
    unsigned char *ret = *pret;
    size_t i;

    for (i = 0; i < exts->meths_count; i++) {
        const unsigned char *out = NULL;
        size_t outlen = 0;
        meth = exts->meths + i;

        if (server) {
            /*
             * For ServerHello only send extensions present in ClientHello.
             */
            if (!(meth->ext_flags & SSL_EXT_FLAG_RECEIVED))
                continue;
            /* If callback absent for server skip it */
            if (!meth->add_cb)
                continue;
        }
        if (meth->add_cb) {
            int cb_retval = 0;
            cb_retval = meth->add_cb(s, meth->ext_type,
                                     &out, &outlen, al, meth->add_arg);
            if (cb_retval < 0)
                return 0;       /* error */
            if (cb_retval == 0)
                continue;       /* skip this extension */
        }
        if (4 > limit - ret || outlen > (size_t)(limit - ret - 4))
            return 0;
        s2n(meth->ext_type, ret);
        s2n(outlen, ret);
        if (outlen) {
            memcpy(ret, out, outlen);
            ret += outlen;
        }
        /*
         * We can't send duplicates: code logic should prevent this.
         */
        OPENSSL_assert(!(meth->ext_flags & SSL_EXT_FLAG_SENT));
        /*
         * Indicate extension has been sent: this is both a sanity check to
         * ensure we don't send duplicate extensions and indicates that it is
         * not an error if the extension is present in ServerHello.
         */
        meth->ext_flags |= SSL_EXT_FLAG_SENT;
        if (meth->free_cb)
            meth->free_cb(s, meth->ext_type, out, meth->add_arg);
    }
    *pret = ret;
    return 1;
}

/* Copy table of custom extensions */
int custom_exts_copy(custom_ext_methods *dst, const custom_ext_methods *src)
{
    if (src->meths_count) {
        dst->meths =
            OPENSSL_memdup(src->meths,
                       sizeof(custom_ext_method) * src->meths_count);
        if (dst->meths == NULL)
            return 0;
        dst->meths_count = src->meths_count;
    }
    return 1;
}

void custom_exts_free(custom_ext_methods *exts)
{
    OPENSSL_free(exts->meths);
}

/* Set callbacks for a custom extension. */
static int custom_ext_meth_add(custom_ext_methods *exts,
                               unsigned int ext_type,
                               custom_ext_add_cb add_cb,
                               custom_ext_free_cb free_cb,
                               void *add_arg,
                               custom_ext_parse_cb parse_cb, void *parse_arg)
{
    custom_ext_method *meth;
    /*
     * Check application error: if add_cb is not set free_cb will never be
     * called.
     */
    if (!add_cb && free_cb)
        return 0;
    /*
     * Don't add if extension supported internally, but make exception
     * for extension types that previously were not supported, but now are.
     */
    if (SSL_extension_supported(ext_type) &&
        ext_type != TLSEXT_TYPE_signed_certificate_timestamp)
        return 0;
    /* Extension type must fit in 16 bits */
    if (ext_type > 0xffff)
        return 0;
    /* Search for duplicate */
    if (custom_ext_find(exts, ext_type))
        return 0;
    exts->meths = OPENSSL_realloc(exts->meths,
                                  (exts->meths_count +
                                   1) * sizeof(custom_ext_method));

    if (!exts->meths) {
        exts->meths_count = 0;
        return 0;
    }

    meth = exts->meths + exts->meths_count;
    memset(meth, 0, sizeof(*meth));
    meth->parse_cb = parse_cb;
    meth->add_cb = add_cb;
    meth->free_cb = free_cb;
    meth->ext_type = ext_type;
    meth->add_arg = add_arg;
    meth->parse_arg = parse_arg;
    exts->meths_count++;
    return 1;
}

/* Return true if a client custom extension exists, false otherwise */
int SSL_CTX_has_client_custom_ext(const SSL_CTX *ctx, unsigned int ext_type)
{
    return custom_ext_find(&ctx->cert->cli_ext, ext_type) != NULL;
}

/* Application level functions to add custom extension callbacks */
int SSL_CTX_add_client_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
                                  custom_ext_add_cb add_cb,
                                  custom_ext_free_cb free_cb,
                                  void *add_arg,
                                  custom_ext_parse_cb parse_cb,
                                  void *parse_arg)
{
#ifndef OPENSSL_NO_CT
    /*
     * We don't want applications registering callbacks for SCT extensions
     * whilst simultaneously using the built-in SCT validation features, as
     * these two things may not play well together.
     */
    if (ext_type == TLSEXT_TYPE_signed_certificate_timestamp &&
        SSL_CTX_ct_is_enabled(ctx))
        return 0;
#endif
    return custom_ext_meth_add(&ctx->cert->cli_ext, ext_type, add_cb,
                               free_cb, add_arg, parse_cb, parse_arg);
}

int SSL_CTX_add_server_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
                                  custom_ext_add_cb add_cb,
                                  custom_ext_free_cb free_cb,
                                  void *add_arg,
                                  custom_ext_parse_cb parse_cb,
                                  void *parse_arg)
{
    return custom_ext_meth_add(&ctx->cert->srv_ext, ext_type,
                               add_cb, free_cb, add_arg, parse_cb, parse_arg);
}

int SSL_extension_supported(unsigned int ext_type)
{
    switch (ext_type) {
        /* Internally supported extensions. */
    case TLSEXT_TYPE_application_layer_protocol_negotiation:
    case TLSEXT_TYPE_ec_point_formats:
    case TLSEXT_TYPE_elliptic_curves:
    case TLSEXT_TYPE_heartbeat:
#ifndef OPENSSL_NO_NEXTPROTONEG
    case TLSEXT_TYPE_next_proto_neg:
#endif
    case TLSEXT_TYPE_padding:
    case TLSEXT_TYPE_renegotiate:
    case TLSEXT_TYPE_server_name:
    case TLSEXT_TYPE_session_ticket:
    case TLSEXT_TYPE_signature_algorithms:
    case TLSEXT_TYPE_srp:
    case TLSEXT_TYPE_status_request:
    case TLSEXT_TYPE_signed_certificate_timestamp:
    case TLSEXT_TYPE_use_srtp:
#ifdef TLSEXT_TYPE_encrypt_then_mac
    case TLSEXT_TYPE_encrypt_then_mac:
#endif
        return 1;
    default:
        return 0;
    }
}
Commit	Line	Data
ecf4d660 DSH	1	/* ====================================================================
	2	* Copyright (c) 2014 The OpenSSL Project. All rights reserved.
	3	*
	4	* Redistribution and use in source and binary forms, with or without
	5	* modification, are permitted provided that the following conditions
	6	* are met:
	7	*
	8	* 1. Redistributions of source code must retain the above copyright
	9	* notice, this list of conditions and the following disclaimer.
	10	*
	11	* 2. Redistributions in binary form must reproduce the above copyright
	12	* notice, this list of conditions and the following disclaimer in
	13	* the documentation and/or other materials provided with the
	14	* distribution.
	15	*
	16	* 3. All advertising materials mentioning features or use of this
	17	* software must display the following acknowledgment:
	18	* "This product includes software developed by the OpenSSL Project
	19	* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
	20	*
	21	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
	22	* endorse or promote products derived from this software without
	23	* prior written permission. For written permission, please contact
	24	* openssl-core@openssl.org.
	25	*
	26	* 5. Products derived from this software may not be called "OpenSSL"
	27	* nor may "OpenSSL" appear in their names without prior written
	28	* permission of the OpenSSL Project.
	29	*
	30	* 6. Redistributions of any form whatsoever must retain the following
	31	* acknowledgment:
	32	* "This product includes software developed by the OpenSSL Project
	33	* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
	34	*
	35	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
	36	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	37	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	38	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
	39	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	40	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	41	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	42	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	43	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	44	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	45	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
	46	* OF THE POSSIBILITY OF SUCH DAMAGE.
	47	* ====================================================================
	48	*
	49	* This product includes cryptographic software written by Eric Young
	50	* (eay@cryptsoft.com). This product includes software written by Tim
	51	* Hudson (tjh@cryptsoft.com).
	52	*
	53	*/
	54
	55	/* Custom extension utility functions */
	56
3c27208f	57	#include <openssl/ct.h>
ecf4d660 DSH	58	#include "ssl_locl.h"
ecf4d660 DSH	59
ecf4d660	60
0cfefe4b	61	/* Find a custom extension from the list. */
ed29e82a	62	static custom_ext_method custom_ext_find(const custom_ext_methods exts,
0f113f3e MC	63	unsigned int ext_type)
	64	{
	65	size_t i;
	66	custom_ext_method *meth = exts->meths;
	67	for (i = 0; i < exts->meths_count; i++, meth++) {
	68	if (ext_type == meth->ext_type)
	69	return meth;
	70	}
	71	return NULL;
	72	}
	73
	74	/*
	75	* Initialise custom extensions flags to indicate neither sent nor received.
28ea0a0c DSH	76	*/
28ea0a0c DSH	77	void custom_ext_init(custom_ext_methods *exts)
0f113f3e MC	78	{
	79	size_t i;
	80	custom_ext_method *meth = exts->meths;
	81	for (i = 0; i < exts->meths_count; i++, meth++)
	82	meth->ext_flags = 0;
	83	}
ecf4d660	84
0cfefe4b	85	/* Pass received custom extension data to the application for parsing. */
ecf4d660	86	int custom_ext_parse(SSL *s, int server,
0f113f3e MC	87	unsigned int ext_type,
	88	const unsigned char ext_data, size_t ext_size, int al)
	89	{
	90	custom_ext_methods *exts = server ? &s->cert->srv_ext : &s->cert->cli_ext;
	91	custom_ext_method *meth;
	92	meth = custom_ext_find(exts, ext_type);
	93	/* If not found return success */
	94	if (!meth)
	95	return 1;
	96	if (!server) {
	97	/*
	98	* If it's ServerHello we can't have any extensions not sent in
	99	* ClientHello.
	100	*/
	101	if (!(meth->ext_flags & SSL_EXT_FLAG_SENT)) {
	102	*al = TLS1_AD_UNSUPPORTED_EXTENSION;
	103	return 0;
	104	}
	105	}
	106	/* If already present it's a duplicate */
	107	if (meth->ext_flags & SSL_EXT_FLAG_RECEIVED) {
	108	*al = TLS1_AD_DECODE_ERROR;
	109	return 0;
	110	}
	111	meth->ext_flags \|= SSL_EXT_FLAG_RECEIVED;
	112	/* If no parse function set return success */
	113	if (!meth->parse_cb)
	114	return 1;
ecf4d660	115
0f113f3e MC	116	return meth->parse_cb(s, ext_type, ext_data, ext_size, al,
	117	meth->parse_arg);
	118	}
ecf4d660	119
0f113f3e MC	120	/*
	121	* Request custom extension data from the application and add to the return
	122	* buffer.
ecf4d660	123	*/
ecf4d660	124	int custom_ext_add(SSL *s, int server,
0f113f3e MC	125	unsigned char *pret, unsigned char limit, int *al)
	126	{
	127	custom_ext_methods *exts = server ? &s->cert->srv_ext : &s->cert->cli_ext;
	128	custom_ext_method *meth;
	129	unsigned char ret = pret;
	130	size_t i;
ecf4d660	131
0f113f3e MC	132	for (i = 0; i < exts->meths_count; i++) {
	133	const unsigned char *out = NULL;
	134	size_t outlen = 0;
	135	meth = exts->meths + i;
ecf4d660	136
0f113f3e MC	137	if (server) {
	138	/*
	139	* For ServerHello only send extensions present in ClientHello.
	140	*/
	141	if (!(meth->ext_flags & SSL_EXT_FLAG_RECEIVED))
	142	continue;
	143	/* If callback absent for server skip it */
	144	if (!meth->add_cb)
	145	continue;
	146	}
	147	if (meth->add_cb) {
	148	int cb_retval = 0;
	149	cb_retval = meth->add_cb(s, meth->ext_type,
	150	&out, &outlen, al, meth->add_arg);
	151	if (cb_retval < 0)
	152	return 0; /* error */
	153	if (cb_retval == 0)
	154	continue; /* skip this extension */
	155	}
	156	if (4 > limit - ret \|\| outlen > (size_t)(limit - ret - 4))
	157	return 0;
	158	s2n(meth->ext_type, ret);
	159	s2n(outlen, ret);
	160	if (outlen) {
	161	memcpy(ret, out, outlen);
	162	ret += outlen;
	163	}
	164	/*
	165	* We can't send duplicates: code logic should prevent this.
	166	*/
	167	OPENSSL_assert(!(meth->ext_flags & SSL_EXT_FLAG_SENT));
	168	/*
	169	* Indicate extension has been sent: this is both a sanity check to
	170	* ensure we don't send duplicate extensions and indicates that it is
	171	* not an error if the extension is present in ServerHello.
	172	*/
	173	meth->ext_flags \|= SSL_EXT_FLAG_SENT;
	174	if (meth->free_cb)
	175	meth->free_cb(s, meth->ext_type, out, meth->add_arg);
	176	}
	177	*pret = ret;
	178	return 1;
	179	}
ecf4d660 DSH	180
ecf4d660 DSH	181	/* Copy table of custom extensions */
ecf4d660	182	int custom_exts_copy(custom_ext_methods dst, const custom_ext_methods src)
0f113f3e MC	183	{
	184	if (src->meths_count) {
	185	dst->meths =
7644a9ae	186	OPENSSL_memdup(src->meths,
0f113f3e MC	187	sizeof(custom_ext_method) * src->meths_count);
	188	if (dst->meths == NULL)
	189	return 0;
	190	dst->meths_count = src->meths_count;
	191	}
	192	return 1;
	193	}
ecf4d660 DSH	194
ecf4d660 DSH	195	void custom_exts_free(custom_ext_methods *exts)
0f113f3e	196	{
b548a1f1	197	OPENSSL_free(exts->meths);
0f113f3e	198	}
ecf4d660	199
0cfefe4b	200	/* Set callbacks for a custom extension. */
8cafe9e8	201	static int custom_ext_meth_add(custom_ext_methods *exts,
0f113f3e MC	202	unsigned int ext_type,
	203	custom_ext_add_cb add_cb,
	204	custom_ext_free_cb free_cb,
	205	void *add_arg,
	206	custom_ext_parse_cb parse_cb, void *parse_arg)
	207	{
	208	custom_ext_method *meth;
	209	/*
	210	* Check application error: if add_cb is not set free_cb will never be
	211	* called.
	212	*/
	213	if (!add_cb && free_cb)
	214	return 0;
ed29e82a RP	215	/*
	216	* Don't add if extension supported internally, but make exception
	217	* for extension types that previously were not supported, but now are.
	218	*/
	219	if (SSL_extension_supported(ext_type) &&
	220	ext_type != TLSEXT_TYPE_signed_certificate_timestamp)
0f113f3e MC	221	return 0;
	222	/* Extension type must fit in 16 bits */
	223	if (ext_type > 0xffff)
	224	return 0;
	225	/* Search for duplicate */
	226	if (custom_ext_find(exts, ext_type))
	227	return 0;
	228	exts->meths = OPENSSL_realloc(exts->meths,
	229	(exts->meths_count +
	230	1) * sizeof(custom_ext_method));
ecf4d660	231
0f113f3e MC	232	if (!exts->meths) {
	233	exts->meths_count = 0;
	234	return 0;
	235	}
ecf4d660	236
0f113f3e	237	meth = exts->meths + exts->meths_count;
16f8d4eb	238	memset(meth, 0, sizeof(*meth));
0f113f3e MC	239	meth->parse_cb = parse_cb;
	240	meth->add_cb = add_cb;
	241	meth->free_cb = free_cb;
	242	meth->ext_type = ext_type;
	243	meth->add_arg = add_arg;
	244	meth->parse_arg = parse_arg;
	245	exts->meths_count++;
	246	return 1;
	247	}
ecf4d660	248
ed29e82a RP	249	/* Return true if a client custom extension exists, false otherwise */
	250	int SSL_CTX_has_client_custom_ext(const SSL_CTX *ctx, unsigned int ext_type)
	251	{
	252	return custom_ext_find(&ctx->cert->cli_ext, ext_type) != NULL;
	253	}
	254
ecf4d660	255	/* Application level functions to add custom extension callbacks */
8cafe9e8	256	int SSL_CTX_add_client_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
0f113f3e MC	257	custom_ext_add_cb add_cb,
0f113f3e MC	258	custom_ext_free_cb free_cb,
0cfefe4b	259	void *add_arg,
0f113f3e MC	260	custom_ext_parse_cb parse_cb,
	261	void *parse_arg)
	262	{
ed29e82a RP	263	#ifndef OPENSSL_NO_CT
	264	/*
	265	* We don't want applications registering callbacks for SCT extensions
	266	* whilst simultaneously using the built-in SCT validation features, as
	267	* these two things may not play well together.
	268	*/
	269	if (ext_type == TLSEXT_TYPE_signed_certificate_timestamp &&
43341433 VD	270	SSL_CTX_ct_is_enabled(ctx))
43341433 VD	271	return 0;
ed29e82a	272	#endif
43341433 VD	273	return custom_ext_meth_add(&ctx->cert->cli_ext, ext_type, add_cb,
43341433 VD	274	free_cb, add_arg, parse_cb, parse_arg);
0f113f3e	275	}
ecf4d660	276
8cafe9e8	277	int SSL_CTX_add_server_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
0f113f3e MC	278	custom_ext_add_cb add_cb,
0f113f3e MC	279	custom_ext_free_cb free_cb,
0cfefe4b	280	void *add_arg,
0f113f3e MC	281	custom_ext_parse_cb parse_cb,
	282	void *parse_arg)
	283	{
	284	return custom_ext_meth_add(&ctx->cert->srv_ext, ext_type,
	285	add_cb, free_cb, add_arg, parse_cb, parse_arg);
	286	}
c846a5f5 DSH	287
c846a5f5 DSH	288	int SSL_extension_supported(unsigned int ext_type)
0f113f3e MC	289	{
	290	switch (ext_type) {
	291	/* Internally supported extensions. */
	292	case TLSEXT_TYPE_application_layer_protocol_negotiation:
	293	case TLSEXT_TYPE_ec_point_formats:
	294	case TLSEXT_TYPE_elliptic_curves:
	295	case TLSEXT_TYPE_heartbeat:
1595ca02	296	#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e	297	case TLSEXT_TYPE_next_proto_neg:
1595ca02	298	#endif
0f113f3e MC	299	case TLSEXT_TYPE_padding:
	300	case TLSEXT_TYPE_renegotiate:
	301	case TLSEXT_TYPE_server_name:
	302	case TLSEXT_TYPE_session_ticket:
	303	case TLSEXT_TYPE_signature_algorithms:
	304	case TLSEXT_TYPE_srp:
	305	case TLSEXT_TYPE_status_request:
ed29e82a	306	case TLSEXT_TYPE_signed_certificate_timestamp:
0f113f3e	307	case TLSEXT_TYPE_use_srtp:
e481f9b9	308	#ifdef TLSEXT_TYPE_encrypt_then_mac
0f113f3e	309	case TLSEXT_TYPE_encrypt_then_mac:
e481f9b9	310	#endif
0f113f3e MC	311	return 1;
	312	default:
	313	return 0;
	314	}
	315	}