Experimental workaround TLS filler (WTF) extension.

Based on a suggested workaround for the "TLS hang bug" (see FAQ and PR#2771):
if the TLS Client Hello record length value would otherwise be > 255 and less
that 512 pad with a dummy extension containing zeroes so it is at least 512.

To enable it use an unused extension number (for example 0x4242) using
e.g. -DTLSEXT_TYPE_wtf=0x4242

WARNING: EXPERIMENTAL, SUBJECT TO CHANGE.

CHANGES

@@ -4,6 +4,19 @@
 
  Changes between 1.0.2 and 1.1.0  [xx XXX xxxx]
 
+  *) Experimental workaround TLS filler (WTF) extension. Based on a suggested
+     workaround for the "TLS hang bug" (see FAQ and PR#2771): if the TLS client
+     Hello record length value would otherwise be > 255 and less that 512
+     pad with a dummy extension containing zeroes so it is at least 512 bytes
+     long.
+
+     To enable it use an unused extension number (for example 0x4242) using
+     e.g. -DTLSEXT_TYPE_wtf=0x4242
+
+     WARNING: EXPERIMENTAL, SUBJECT TO CHANGE.
+ 
+     [Steve Henson]
+
   *) Experimental encrypt-then-mac support.
     
      Experimental support for encrypt then mac from

ssl/t1_lib.c

@@ -1472,6 +1472,22 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
 	s2n(TLSEXT_TYPE_encrypt_then_mac,ret);
 	s2n(0,ret);
 #endif
+#ifdef TLSEXT_TYPE_wtf
+	{
+	/* Work out length which would be used in the TLS record:
+	 * NB this should ALWAYS appear after all other extensions.
+	 */
+	int hlen = ret - (unsigned char *)s->init_buf->data - 3;
+	if (hlen > 0xff && hlen < 0x200)
+		{
+		hlen = 0x200 - hlen;
+		s2n(TLSEXT_TYPE_wtf,ret);
+		s2n(hlen,ret);
+		memset(ret, 0, hlen);
+		ret += hlen;
+		}
+	}
+#endif
 
 	if ((extdatalen = ret-p-2) == 0)
 		return p;