diff options
| author | djm <> | 2008-09-06 12:15:56 +0000 |
|---|---|---|
| committer | djm <> | 2008-09-06 12:15:56 +0000 |
| commit | 5a3c0a05c7f2c5d3c584b7c8d6aec836dd724c80 (patch) | |
| tree | aba68249883aa9d2361d92eef69a81d0c4961732 /src/lib/libssl/ssl3.h | |
| parent | f6198d4d0ab97685dc56be2d48715ed39fcc74b9 (diff) | |
| download | openbsd-5a3c0a05c7f2c5d3c584b7c8d6aec836dd724c80.tar.gz openbsd-5a3c0a05c7f2c5d3c584b7c8d6aec836dd724c80.tar.bz2 openbsd-5a3c0a05c7f2c5d3c584b7c8d6aec836dd724c80.zip | |
import of OpenSSL 0.9.8h
Diffstat (limited to 'src/lib/libssl/ssl3.h')
| -rw-r--r-- | src/lib/libssl/ssl3.h | 41 |
1 files changed, 40 insertions, 1 deletions
diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h index 1153aeda74..4b1e2e9834 100644 --- a/src/lib/libssl/ssl3.h +++ b/src/lib/libssl/ssl3.h | |||
| @@ -108,6 +108,11 @@ | |||
| 108 | * Hudson (tjh@cryptsoft.com). | 108 | * Hudson (tjh@cryptsoft.com). |
| 109 | * | 109 | * |
| 110 | */ | 110 | */ |
| 111 | /* ==================================================================== | ||
| 112 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||
| 113 | * ECC cipher suite support in OpenSSL originally developed by | ||
| 114 | * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. | ||
| 115 | */ | ||
| 111 | 116 | ||
| 112 | #ifndef HEADER_SSL3_H | 117 | #ifndef HEADER_SSL3_H |
| 113 | #define HEADER_SSL3_H | 118 | #define HEADER_SSL3_H |
| @@ -118,6 +123,7 @@ | |||
| 118 | #include <openssl/buffer.h> | 123 | #include <openssl/buffer.h> |
| 119 | #include <openssl/evp.h> | 124 | #include <openssl/evp.h> |
| 120 | #include <openssl/ssl.h> | 125 | #include <openssl/ssl.h> |
| 126 | #include <openssl/pq_compat.h> | ||
| 121 | 127 | ||
| 122 | #ifdef __cplusplus | 128 | #ifdef __cplusplus |
| 123 | extern "C" { | 129 | extern "C" { |
| @@ -248,7 +254,11 @@ extern "C" { | |||
| 248 | #endif | 254 | #endif |
| 249 | 255 | ||
| 250 | #define SSL3_RT_MAX_PLAIN_LENGTH 16384 | 256 | #define SSL3_RT_MAX_PLAIN_LENGTH 16384 |
| 257 | #ifdef OPENSSL_NO_COMP | ||
| 258 | #define SSL3_RT_MAX_COMPRESSED_LENGTH SSL3_RT_MAX_PLAIN_LENGTH | ||
| 259 | #else | ||
| 251 | #define SSL3_RT_MAX_COMPRESSED_LENGTH (1024+SSL3_RT_MAX_PLAIN_LENGTH) | 260 | #define SSL3_RT_MAX_COMPRESSED_LENGTH (1024+SSL3_RT_MAX_PLAIN_LENGTH) |
| 261 | #endif | ||
| 252 | #define SSL3_RT_MAX_ENCRYPTED_LENGTH (1024+SSL3_RT_MAX_COMPRESSED_LENGTH) | 262 | #define SSL3_RT_MAX_ENCRYPTED_LENGTH (1024+SSL3_RT_MAX_COMPRESSED_LENGTH) |
| 253 | #define SSL3_RT_MAX_PACKET_SIZE (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH) | 263 | #define SSL3_RT_MAX_PACKET_SIZE (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH) |
| 254 | #define SSL3_RT_MAX_DATA_SIZE (1024*1024) | 264 | #define SSL3_RT_MAX_DATA_SIZE (1024*1024) |
| @@ -289,6 +299,8 @@ typedef struct ssl3_record_st | |||
| 289 | /*rw*/ unsigned char *data; /* pointer to the record data */ | 299 | /*rw*/ unsigned char *data; /* pointer to the record data */ |
| 290 | /*rw*/ unsigned char *input; /* where the decode bytes are */ | 300 | /*rw*/ unsigned char *input; /* where the decode bytes are */ |
| 291 | /*r */ unsigned char *comp; /* only used with decompression - malloc()ed */ | 301 | /*r */ unsigned char *comp; /* only used with decompression - malloc()ed */ |
| 302 | /*r */ unsigned long epoch; /* epoch number, needed by DTLS1 */ | ||
| 303 | /*r */ PQ_64BIT seq_num; /* sequence number, needed by DTLS1 */ | ||
| 292 | } SSL3_RECORD; | 304 | } SSL3_RECORD; |
| 293 | 305 | ||
| 294 | typedef struct ssl3_buffer_st | 306 | typedef struct ssl3_buffer_st |
| @@ -307,7 +319,12 @@ typedef struct ssl3_buffer_st | |||
| 307 | #define SSL3_CT_RSA_EPHEMERAL_DH 5 | 319 | #define SSL3_CT_RSA_EPHEMERAL_DH 5 |
| 308 | #define SSL3_CT_DSS_EPHEMERAL_DH 6 | 320 | #define SSL3_CT_DSS_EPHEMERAL_DH 6 |
| 309 | #define SSL3_CT_FORTEZZA_DMS 20 | 321 | #define SSL3_CT_FORTEZZA_DMS 20 |
| 310 | #define SSL3_CT_NUMBER 7 | 322 | /* SSL3_CT_NUMBER is used to size arrays and it must be large |
| 323 | * enough to contain all of the cert types defined either for | ||
| 324 | * SSLv3 and TLSv1. | ||
| 325 | */ | ||
| 326 | #define SSL3_CT_NUMBER 7 | ||
| 327 | |||
| 311 | 328 | ||
| 312 | #define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001 | 329 | #define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001 |
| 313 | #define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002 | 330 | #define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002 |
| @@ -392,6 +409,11 @@ typedef struct ssl3_state_st | |||
| 392 | #ifndef OPENSSL_NO_DH | 409 | #ifndef OPENSSL_NO_DH |
| 393 | DH *dh; | 410 | DH *dh; |
| 394 | #endif | 411 | #endif |
| 412 | |||
| 413 | #ifndef OPENSSL_NO_ECDH | ||
| 414 | EC_KEY *ecdh; /* holds short lived ECDH key */ | ||
| 415 | #endif | ||
| 416 | |||
| 395 | /* used when SSL_ST_FLUSH_DATA is entered */ | 417 | /* used when SSL_ST_FLUSH_DATA is entered */ |
| 396 | int next_state; | 418 | int next_state; |
| 397 | 419 | ||
| @@ -420,6 +442,7 @@ typedef struct ssl3_state_st | |||
| 420 | 442 | ||
| 421 | } SSL3_STATE; | 443 | } SSL3_STATE; |
| 422 | 444 | ||
| 445 | |||
| 423 | /* SSLv3 */ | 446 | /* SSLv3 */ |
| 424 | /*client */ | 447 | /*client */ |
| 425 | /* extra state */ | 448 | /* extra state */ |
| @@ -430,6 +453,8 @@ typedef struct ssl3_state_st | |||
| 430 | /* read from server */ | 453 | /* read from server */ |
| 431 | #define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT) | 454 | #define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT) |
| 432 | #define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT) | 455 | #define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT) |
| 456 | #define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126|SSL_ST_CONNECT) | ||
| 457 | #define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127|SSL_ST_CONNECT) | ||
| 433 | #define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT) | 458 | #define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT) |
| 434 | #define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT) | 459 | #define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT) |
| 435 | #define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT) | 460 | #define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT) |
| @@ -456,6 +481,10 @@ typedef struct ssl3_state_st | |||
| 456 | #define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT) | 481 | #define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT) |
| 457 | #define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT) | 482 | #define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT) |
| 458 | #define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT) | 483 | #define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT) |
| 484 | #define SSL3_ST_CR_SESSION_TICKET_A (0x1E0|SSL_ST_CONNECT) | ||
| 485 | #define SSL3_ST_CR_SESSION_TICKET_B (0x1E1|SSL_ST_CONNECT) | ||
| 486 | #define SSL3_ST_CR_CERT_STATUS_A (0x1F0|SSL_ST_CONNECT) | ||
| 487 | #define SSL3_ST_CR_CERT_STATUS_B (0x1F1|SSL_ST_CONNECT) | ||
| 459 | 488 | ||
| 460 | /* server */ | 489 | /* server */ |
| 461 | /* extra state */ | 490 | /* extra state */ |
| @@ -466,6 +495,8 @@ typedef struct ssl3_state_st | |||
| 466 | #define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT) | 495 | #define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT) |
| 467 | #define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT) | 496 | #define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT) |
| 468 | /* write to client */ | 497 | /* write to client */ |
| 498 | #define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A (0x113|SSL_ST_ACCEPT) | ||
| 499 | #define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B (0x114|SSL_ST_ACCEPT) | ||
| 469 | #define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT) | 500 | #define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT) |
| 470 | #define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT) | 501 | #define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT) |
| 471 | #define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT) | 502 | #define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT) |
| @@ -495,10 +526,15 @@ typedef struct ssl3_state_st | |||
| 495 | #define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT) | 526 | #define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT) |
| 496 | #define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT) | 527 | #define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT) |
| 497 | #define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT) | 528 | #define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT) |
| 529 | #define SSL3_ST_SW_SESSION_TICKET_A (0x1F0|SSL_ST_ACCEPT) | ||
| 530 | #define SSL3_ST_SW_SESSION_TICKET_B (0x1F1|SSL_ST_ACCEPT) | ||
| 531 | #define SSL3_ST_SW_CERT_STATUS_A (0x200|SSL_ST_ACCEPT) | ||
| 532 | #define SSL3_ST_SW_CERT_STATUS_B (0x201|SSL_ST_ACCEPT) | ||
| 498 | 533 | ||
| 499 | #define SSL3_MT_HELLO_REQUEST 0 | 534 | #define SSL3_MT_HELLO_REQUEST 0 |
| 500 | #define SSL3_MT_CLIENT_HELLO 1 | 535 | #define SSL3_MT_CLIENT_HELLO 1 |
| 501 | #define SSL3_MT_SERVER_HELLO 2 | 536 | #define SSL3_MT_SERVER_HELLO 2 |
| 537 | #define SSL3_MT_NEWSESSION_TICKET 4 | ||
| 502 | #define SSL3_MT_CERTIFICATE 11 | 538 | #define SSL3_MT_CERTIFICATE 11 |
| 503 | #define SSL3_MT_SERVER_KEY_EXCHANGE 12 | 539 | #define SSL3_MT_SERVER_KEY_EXCHANGE 12 |
| 504 | #define SSL3_MT_CERTIFICATE_REQUEST 13 | 540 | #define SSL3_MT_CERTIFICATE_REQUEST 13 |
| @@ -506,6 +542,9 @@ typedef struct ssl3_state_st | |||
| 506 | #define SSL3_MT_CERTIFICATE_VERIFY 15 | 542 | #define SSL3_MT_CERTIFICATE_VERIFY 15 |
| 507 | #define SSL3_MT_CLIENT_KEY_EXCHANGE 16 | 543 | #define SSL3_MT_CLIENT_KEY_EXCHANGE 16 |
| 508 | #define SSL3_MT_FINISHED 20 | 544 | #define SSL3_MT_FINISHED 20 |
| 545 | #define SSL3_MT_CERTIFICATE_STATUS 22 | ||
| 546 | #define DTLS1_MT_HELLO_VERIFY_REQUEST 3 | ||
| 547 | |||
| 509 | 548 | ||
| 510 | #define SSL3_MT_CCS 1 | 549 | #define SSL3_MT_CCS 1 |
| 511 | 550 | ||