Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions)

Removed prior audit proof logic - audit proof support was implemented using the generic TLS extension API
Tests exercising the new supplemental data registration and callback api can be found in ssltest.c.
Implemented changes to s_server and s_client to exercise supplemental data callbacks via the -auth argument, as well as additional flags to exercise supplemental data being sent only during renegotiation.

1 files changed, 0 insertions, 11 deletions

diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 90f92b2..73d87fd 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -746,8 +746,6 @@ void SSL_SESSION_free(SSL_SESSION *ss)
 	ss->tlsext_ellipticcurvelist_length = 0;
 	if (ss->tlsext_ellipticcurvelist != NULL) OPENSSL_free(ss->tlsext_ellipticcurvelist);
 #endif /* OPENSSL_NO_EC */
-	if (ss->audit_proof != NULL) OPENSSL_free(ss->audit_proof);
-	ss->audit_proof_length = 0;
 #endif
 #ifndef OPENSSL_NO_PSK
 	if (ss->psk_identity_hint != NULL)
@@ -869,15 +867,6 @@ int SSL_SESSION_set1_id_context(SSL_SESSION *s,const unsigned char *sid_ctx,
 	return 1;
 	}
 
-#ifndef OPENSSL_NO_TLSEXT
-unsigned char *SSL_SESSION_get_tlsext_authz_server_audit_proof(SSL_SESSION *s, size_t *proof_length)
-	{
-	if (s->audit_proof != NULL)
-		*proof_length = s->audit_proof_length;
-	return s->audit_proof;
-	}
-#endif
-
 long SSL_CTX_set_timeout(SSL_CTX *s, long t)
 	{
 	long l;