Added TLS extension identifiers from RFC 3546

diff --git a/src/libtls/tls.c b/src/libtls/tls.c
index 0d40211eb77500430ee70c81bf00dea2d1f10166..20141f2356156975b4b1b7acc21ee71762eb800d 100644 (file)
--- a/src/libtls/tls.c
+++ b/src/libtls/tls.c
@@ -44,23 +44,36 @@ ENUM_BEGIN(tls_handshake_type_names, TLS_HELLO_REQUEST, TLS_SERVER_HELLO,
        "HelloRequest",
        "ClientHello",
        "ServerHello");
-ENUM_NEXT(tls_handshake_type_names, TLS_CERTIFICATE, TLS_CLIENT_KEY_EXCHANGE, TLS_SERVER_HELLO,
+ENUM_NEXT(tls_handshake_type_names,
+               TLS_CERTIFICATE, TLS_CLIENT_KEY_EXCHANGE, TLS_SERVER_HELLO,
        "Certificate",
        "ServerKeyExchange",
        "CertificateRequest",
        "ServerHelloDone",
        "CertificateVerify",
        "ClientKeyExchange");
-ENUM_NEXT(tls_handshake_type_names, TLS_FINISHED, TLS_FINISHED, TLS_CLIENT_KEY_EXCHANGE,
+ENUM_NEXT(tls_handshake_type_names,
+               TLS_FINISHED, TLS_FINISHED, TLS_CLIENT_KEY_EXCHANGE,
        "Finished");
 ENUM_END(tls_handshake_type_names, TLS_FINISHED);
 
-ENUM(tls_extension_names, TLS_EXT_ELLIPTIC_CURVES, TLS_EXT_SIGNATURE_ALGORITHMS,
+ENUM_BEGIN(tls_extension_names, TLS_EXT_SERVER_NAME, TLS_EXT_STATUS_REQUEST,
+       "server name",
+       "max fragment length",
+       "client certificate url",
+       "trusted ca keys",
+       "truncated hmac",
+       "status request");
+ENUM_NEXT(tls_extension_names,
+               TLS_EXT_ELLIPTIC_CURVES, TLS_EXT_EC_POINT_FORMATS,
+               TLS_EXT_STATUS_REQUEST,
        "elliptic curves",
-       "ec point formats",
-       "(12)",
-       "signature algorithms",
-);
+       "ec point formats");
+ENUM_NEXT(tls_extension_names,
+               TLS_EXT_SIGNATURE_ALGORITHMS, TLS_EXT_SIGNATURE_ALGORITHMS,
+               TLS_EXT_EC_POINT_FORMATS,
+       "signature algorithms");
+ENUM_END(tls_extension_names, TLS_EXT_SIGNATURE_ALGORITHMS);
 
 /**
  * TLS record

diff --git a/src/libtls/tls.h b/src/libtls/tls.h
index de0d922bbd76d9da4e43603c7c92256e66565fbb..3b1a8a2ab89a3962593f1da821229a5708c6dfd3 100644 (file)
--- a/src/libtls/tls.h
+++ b/src/libtls/tls.h
@@ -104,11 +104,23 @@ enum tls_purpose_t {
  * TLS Hello extension types.
  */
 enum tls_extension_t {
-       /** supported elliptic curves */
+       /** Server name the client wants to talk to */
+       TLS_EXT_SERVER_NAME = 0,
+       /** request a maximum fragment size */
+       TLS_EXT_MAX_FRAGMENT_LENGTH = 1,
+       /** indicate client certificate URL support */
+       TLS_EXT_CLIENT_CERTIFICATE_URL = 2,
+       /** list of CA the client trusts */
+       TLS_EXT_TRUSTED_CA_KEYS = 3,
+       /** request MAC truncation to 80-bit */
+       TLS_EXT_TRUNCATED_HMAC = 4,
+       /** list of OCSP responders the client trusts */
+       TLS_EXT_STATUS_REQUEST = 5,
+       /** list of supported elliptic curves */
        TLS_EXT_ELLIPTIC_CURVES = 10,
        /** supported point formats */
        TLS_EXT_EC_POINT_FORMATS = 11,
-       /** supported signature algorithms */
+       /** list supported signature algorithms */
        TLS_EXT_SIGNATURE_ALGORITHMS = 13,
 };