diff options
| author | jsing <> | 2014-12-10 14:58:56 +0000 | 
|---|---|---|
| committer | jsing <> | 2014-12-10 14:58:56 +0000 | 
| commit | 732fdd2bcb9886c4f4ab17540c0c7bb002ca55f1 (patch) | |
| tree | e9391008296b8ff8be480e9f3e9eb1be0aab121a /src/lib/libssl/ssl.h | |
| parent | 1b81594902955b3473f83fbc3af50e4cad85e0c6 (diff) | |
| download | openbsd-732fdd2bcb9886c4f4ab17540c0c7bb002ca55f1.tar.gz openbsd-732fdd2bcb9886c4f4ab17540c0c7bb002ca55f1.tar.bz2 openbsd-732fdd2bcb9886c4f4ab17540c0c7bb002ca55f1.zip | |
Add support for ALPN.
Based on OpenSSL and BoringSSL.
ok bcook@
Diffstat (limited to 'src/lib/libssl/ssl.h')
| -rw-r--r-- | src/lib/libssl/ssl.h | 41 | 
1 files changed, 39 insertions, 2 deletions
| diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h index e8388923a4..0059da6791 100644 --- a/src/lib/libssl/ssl.h +++ b/src/lib/libssl/ssl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl.h,v 1.74 2014/12/10 14:51:00 bcook Exp $ */ | 1 | /* $OpenBSD: ssl.h,v 1.75 2014/12/10 14:58:56 jsing Exp $ */ | 
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 
| 3 | * All rights reserved. | 3 | * All rights reserved. | 
| 4 | * | 4 | * | 
| @@ -861,9 +861,33 @@ struct ssl_ctx_st { | |||
| 861 | unsigned int inlen, void *arg); | 861 | unsigned int inlen, void *arg); | 
| 862 | void *next_proto_select_cb_arg; | 862 | void *next_proto_select_cb_arg; | 
| 863 | # endif | 863 | # endif | 
| 864 | |||
| 865 | /* | ||
| 866 | * ALPN information | ||
| 867 | * (we are in the process of transitioning from NPN to ALPN). | ||
| 868 | */ | ||
| 869 | |||
| 870 | /* | ||
| 871 | * Server callback function that allows the server to select the | ||
| 872 | * protocol for the connection. | ||
| 873 | * out: on successful return, this must point to the raw protocol | ||
| 874 | * name (without the length prefix). | ||
| 875 | * outlen: on successful return, this contains the length of out. | ||
| 876 | * in: points to the client's list of supported protocols in | ||
| 877 | * wire-format. | ||
| 878 | * inlen: the length of in. | ||
| 879 | */ | ||
| 880 | int (*alpn_select_cb)(SSL *s, const unsigned char **out, | ||
| 881 | unsigned char *outlen, const unsigned char *in, unsigned int inlen, | ||
| 882 | void *arg); | ||
| 883 | void *alpn_select_cb_arg; | ||
| 884 | |||
| 885 | /* Client list of supported protocols in wire format. */ | ||
| 886 | unsigned char *alpn_client_proto_list; | ||
| 887 | unsigned int alpn_client_proto_list_len; | ||
| 888 | |||
| 864 | /* SRTP profiles we are willing to do from RFC 5764 */ | 889 | /* SRTP profiles we are willing to do from RFC 5764 */ | 
| 865 | STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles; | 890 | STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles; | 
| 866 | |||
| 867 | }; | 891 | }; | 
| 868 | 892 | ||
| 869 | #endif | 893 | #endif | 
| @@ -954,6 +978,15 @@ void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, | |||
| 954 | #define OPENSSL_NPN_NO_OVERLAP 2 | 978 | #define OPENSSL_NPN_NO_OVERLAP 2 | 
| 955 | #endif | 979 | #endif | 
| 956 | 980 | ||
| 981 | int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos, | ||
| 982 | unsigned int protos_len); | ||
| 983 | int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos, | ||
| 984 | unsigned int protos_len); | ||
| 985 | void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx, | ||
| 986 | int (*cb)(SSL *ssl, const unsigned char **out, unsigned char *outlen, | ||
| 987 | const unsigned char *in, unsigned int inlen, void *arg), void *arg); | ||
| 988 | void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data, | ||
| 989 | unsigned int *len); | ||
| 957 | 990 | ||
| 958 | #define SSL_NOTHING 1 | 991 | #define SSL_NOTHING 1 | 
| 959 | #define SSL_WRITING 2 | 992 | #define SSL_WRITING 2 | 
| @@ -1187,6 +1220,10 @@ struct ssl_st { | |||
| 1187 | unsigned int tlsext_hb_pending; /* Indicates if a HeartbeatRequest is in flight */ | 1220 | unsigned int tlsext_hb_pending; /* Indicates if a HeartbeatRequest is in flight */ | 
| 1188 | unsigned int tlsext_hb_seq; /* HeartbeatRequest sequence number */ | 1221 | unsigned int tlsext_hb_seq; /* HeartbeatRequest sequence number */ | 
| 1189 | 1222 | ||
| 1223 | /* Client list of supported protocols in wire format. */ | ||
| 1224 | unsigned char *alpn_client_proto_list; | ||
| 1225 | unsigned int alpn_client_proto_list_len; | ||
| 1226 | |||
| 1190 | int renegotiate;/* 1 if we are renegotiating. | 1227 | int renegotiate;/* 1 if we are renegotiating. | 
| 1191 | * 2 if we are a server and are inside a handshake | 1228 | * 2 if we are a server and are inside a handshake | 
| 1192 | * (i.e. not just sending a HelloRequest) */ | 1229 | * (i.e. not just sending a HelloRequest) */ | 
