diff options
| author | beck <> | 2000-03-19 11:13:58 +0000 |
|---|---|---|
| committer | beck <> | 2000-03-19 11:13:58 +0000 |
| commit | 796d609550df3a33fc11468741c5d2f6d3df4c11 (patch) | |
| tree | 6c6d539061caa20372dad0ac4ddb1dfae2fbe7fe /src/lib/libssl/ssl3.h | |
| parent | 5be3114c1fd7e0dfea1e38d3abb4cbba75244419 (diff) | |
| download | openbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.tar.gz openbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.tar.bz2 openbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.zip | |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
Diffstat (limited to 'src/lib/libssl/ssl3.h')
| -rw-r--r-- | src/lib/libssl/ssl3.h | 95 |
1 files changed, 31 insertions, 64 deletions
diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h index 2a9714fc19..f616763830 100644 --- a/src/lib/libssl/ssl3.h +++ b/src/lib/libssl/ssl3.h | |||
| @@ -158,24 +158,8 @@ extern "C" { | |||
| 158 | #define SSL3_RT_MAX_PACKET_SIZE (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH) | 158 | #define SSL3_RT_MAX_PACKET_SIZE (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH) |
| 159 | #define SSL3_RT_MAX_DATA_SIZE (1024*1024) | 159 | #define SSL3_RT_MAX_DATA_SIZE (1024*1024) |
| 160 | 160 | ||
| 161 | /* the states that a SSL3_RECORD can be in | 161 | #define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54" |
| 162 | * For SSL_read it goes | 162 | #define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52" |
| 163 | * rbuf->ENCODED -> read | ||
| 164 | * ENCODED -> we need to decode everything - call decode_record | ||
| 165 | */ | ||
| 166 | |||
| 167 | #define SSL3_RS_BLANK 1 | ||
| 168 | #define SSL3_RS_DATA | ||
| 169 | |||
| 170 | #define SSL3_RS_ENCODED 2 | ||
| 171 | #define SSL3_RS_READ_MORE 3 | ||
| 172 | #define SSL3_RS_WRITE_MORE | ||
| 173 | #define SSL3_RS_PLAIN 3 | ||
| 174 | #define SSL3_RS_PART_READ 4 | ||
| 175 | #define SSL3_RS_PART_WRITE 5 | ||
| 176 | |||
| 177 | #define SSL3_MD_CLIENT_FINISHED_CONST {0x43,0x4C,0x4E,0x54} | ||
| 178 | #define SSL3_MD_SERVER_FINISHED_CONST {0x53,0x52,0x56,0x52} | ||
| 179 | 163 | ||
| 180 | #define SSL3_VERSION 0x0300 | 164 | #define SSL3_VERSION 0x0300 |
| 181 | #define SSL3_VERSION_MAJOR 0x03 | 165 | #define SSL3_VERSION_MAJOR 0x03 |
| @@ -204,22 +188,20 @@ extern "C" { | |||
| 204 | 188 | ||
| 205 | typedef struct ssl3_record_st | 189 | typedef struct ssl3_record_st |
| 206 | { | 190 | { |
| 207 | /*r */ int type; /* type of record */ | 191 | /*r */ int type; /* type of record */ |
| 208 | /* */ /*int state;*/ /* any data in it? */ | 192 | /*rw*/ unsigned int length; /* How many bytes available */ |
| 209 | /*rw*/ unsigned int length; /* How many bytes available */ | 193 | /*r */ unsigned int off; /* read/write offset into 'buf' */ |
| 210 | /*r */ unsigned int off; /* read/write offset into 'buf' */ | 194 | /*rw*/ unsigned char *data; /* pointer to the record data */ |
| 211 | /*rw*/ unsigned char *data; /* pointer to the record data */ | 195 | /*rw*/ unsigned char *input; /* where the decode bytes are */ |
| 212 | /*rw*/ unsigned char *input; /* where the decode bytes are */ | 196 | /*r */ unsigned char *comp; /* only used with decompression - malloc()ed */ |
| 213 | /*r */ unsigned char *comp; /* only used with decompression - malloc()ed */ | ||
| 214 | } SSL3_RECORD; | 197 | } SSL3_RECORD; |
| 215 | 198 | ||
| 216 | typedef struct ssl3_buffer_st | 199 | typedef struct ssl3_buffer_st |
| 217 | { | 200 | { |
| 218 | /*r */ int total; /* used in non-blocking writes */ | 201 | unsigned char *buf; /* SSL3_RT_MAX_PACKET_SIZE bytes (more if |
| 219 | /*r */ int wanted; /* how many more bytes we need */ | 202 | * SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER is set) */ |
| 220 | /*rw*/ int left; /* how many bytes left */ | 203 | int offset; /* where to 'copy from' */ |
| 221 | /*rw*/ int offset; /* where to 'copy from' */ | 204 | int left; /* how many bytes left */ |
| 222 | /*rw*/ unsigned char *buf; /* SSL3_RT_MAX_PACKET_SIZE bytes */ | ||
| 223 | } SSL3_BUFFER; | 205 | } SSL3_BUFFER; |
| 224 | 206 | ||
| 225 | #define SSL3_CT_RSA_SIGN 1 | 207 | #define SSL3_CT_RSA_SIGN 1 |
| @@ -236,34 +218,7 @@ typedef struct ssl3_buffer_st | |||
| 236 | #define SSL3_FLAGS_POP_BUFFER 0x0004 | 218 | #define SSL3_FLAGS_POP_BUFFER 0x0004 |
| 237 | #define TLS1_FLAGS_TLS_PADDING_BUG 0x0008 | 219 | #define TLS1_FLAGS_TLS_PADDING_BUG 0x0008 |
| 238 | 220 | ||
| 239 | #if 0 | 221 | typedef struct ssl3_state_st |
| 240 | #define AD_CLOSE_NOTIFY 0 | ||
| 241 | #define AD_UNEXPECTED_MESSAGE 1 | ||
| 242 | #define AD_BAD_RECORD_MAC 2 | ||
| 243 | #define AD_DECRYPTION_FAILED 3 | ||
| 244 | #define AD_RECORD_OVERFLOW 4 | ||
| 245 | #define AD_DECOMPRESSION_FAILURE 5 /* fatal */ | ||
| 246 | #define AD_HANDSHAKE_FAILURE 6 /* fatal */ | ||
| 247 | #define AD_NO_CERTIFICATE 7 /* Not under TLS */ | ||
| 248 | #define AD_BAD_CERTIFICATE 8 | ||
| 249 | #define AD_UNSUPPORTED_CERTIFICATE 9 | ||
| 250 | #define AD_CERTIFICATE_REVOKED 10 | ||
| 251 | #define AD_CERTIFICATE_EXPIRED 11 | ||
| 252 | #define AD_CERTIFICATE_UNKNOWN 12 | ||
| 253 | #define AD_ILLEGAL_PARAMETER 13 /* fatal */ | ||
| 254 | #define AD_UNKNOWN_CA 14 /* fatal */ | ||
| 255 | #define AD_ACCESS_DENIED 15 /* fatal */ | ||
| 256 | #define AD_DECODE_ERROR 16 /* fatal */ | ||
| 257 | #define AD_DECRYPT_ERROR 17 | ||
| 258 | #define AD_EXPORT_RESTRICION 18 /* fatal */ | ||
| 259 | #define AD_PROTOCOL_VERSION 19 /* fatal */ | ||
| 260 | #define AD_INSUFFICIENT_SECURITY 20 /* fatal */ | ||
| 261 | #define AD_INTERNAL_ERROR 21 /* fatal */ | ||
| 262 | #define AD_USER_CANCLED 22 | ||
| 263 | #define AD_NO_RENEGOTIATION 23 | ||
| 264 | #endif | ||
| 265 | |||
| 266 | typedef struct ssl3_ctx_st | ||
| 267 | { | 222 | { |
| 268 | long flags; | 223 | long flags; |
| 269 | int delay_buf_pop_ret; | 224 | int delay_buf_pop_ret; |
| @@ -278,10 +233,16 @@ typedef struct ssl3_ctx_st | |||
| 278 | 233 | ||
| 279 | SSL3_BUFFER rbuf; /* read IO goes into here */ | 234 | SSL3_BUFFER rbuf; /* read IO goes into here */ |
| 280 | SSL3_BUFFER wbuf; /* write IO goes into here */ | 235 | SSL3_BUFFER wbuf; /* write IO goes into here */ |
| 236 | |||
| 281 | SSL3_RECORD rrec; /* each decoded record goes in here */ | 237 | SSL3_RECORD rrec; /* each decoded record goes in here */ |
| 282 | SSL3_RECORD wrec; /* goes out from here */ | 238 | SSL3_RECORD wrec; /* goes out from here */ |
| 283 | /* Used by ssl3_read_n to point | 239 | |
| 284 | * to input data packet */ | 240 | /* storage for Alert/Handshake protocol data received but not |
| 241 | * yet processed by ssl3_read_bytes: */ | ||
| 242 | unsigned char alert_fragment[2]; | ||
| 243 | unsigned int alert_fragment_len; | ||
| 244 | unsigned char handshake_fragment[4]; | ||
| 245 | unsigned int handshake_fragment_len; | ||
| 285 | 246 | ||
| 286 | /* partial write - check the numbers match */ | 247 | /* partial write - check the numbers match */ |
| 287 | unsigned int wnum; /* number of bytes sent so far */ | 248 | unsigned int wnum; /* number of bytes sent so far */ |
| @@ -300,7 +261,7 @@ typedef struct ssl3_ctx_st | |||
| 300 | 261 | ||
| 301 | int warn_alert; | 262 | int warn_alert; |
| 302 | int fatal_alert; | 263 | int fatal_alert; |
| 303 | /* we alow one fatal and one warning alert to be outstanding, | 264 | /* we allow one fatal and one warning alert to be outstanding, |
| 304 | * send close alert via the warning alert */ | 265 | * send close alert via the warning alert */ |
| 305 | int alert_dispatch; | 266 | int alert_dispatch; |
| 306 | unsigned char send_alert[2]; | 267 | unsigned char send_alert[2]; |
| @@ -314,8 +275,14 @@ typedef struct ssl3_ctx_st | |||
| 314 | int in_read_app_data; | 275 | int in_read_app_data; |
| 315 | 276 | ||
| 316 | struct { | 277 | struct { |
| 317 | /* Actually only needs to be 16+20 for SSLv3 and 12 for TLS */ | 278 | /* actually only needs to be 16+20 */ |
| 279 | unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2]; | ||
| 280 | |||
| 281 | /* actually only need to be 16+20 for SSLv3 and 12 for TLS */ | ||
| 318 | unsigned char finish_md[EVP_MAX_MD_SIZE*2]; | 282 | unsigned char finish_md[EVP_MAX_MD_SIZE*2]; |
| 283 | int finish_md_len; | ||
| 284 | unsigned char peer_finish_md[EVP_MAX_MD_SIZE*2]; | ||
| 285 | int peer_finish_md_len; | ||
| 319 | 286 | ||
| 320 | unsigned long message_size; | 287 | unsigned long message_size; |
| 321 | int message_type; | 288 | int message_type; |
| @@ -351,7 +318,7 @@ typedef struct ssl3_ctx_st | |||
| 351 | int cert_request; | 318 | int cert_request; |
| 352 | } tmp; | 319 | } tmp; |
| 353 | 320 | ||
| 354 | } SSL3_CTX; | 321 | } SSL3_STATE; |
| 355 | 322 | ||
| 356 | /* SSLv3 */ | 323 | /* SSLv3 */ |
| 357 | /*client */ | 324 | /*client */ |
| @@ -429,7 +396,7 @@ typedef struct ssl3_ctx_st | |||
| 429 | #define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT) | 396 | #define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT) |
| 430 | #define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT) | 397 | #define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT) |
| 431 | 398 | ||
| 432 | #define SSL3_MT_CLIENT_REQUEST 0 | 399 | #define SSL3_MT_HELLO_REQUEST 0 |
| 433 | #define SSL3_MT_CLIENT_HELLO 1 | 400 | #define SSL3_MT_CLIENT_HELLO 1 |
| 434 | #define SSL3_MT_SERVER_HELLO 2 | 401 | #define SSL3_MT_SERVER_HELLO 2 |
| 435 | #define SSL3_MT_CERTIFICATE 11 | 402 | #define SSL3_MT_CERTIFICATE 11 |