Move ALPN and NPN fields from SSL/SSL_CTX to internal.

ok beck@
author: jsing <> 2017-01-22 06:36:49 +0000
committer: jsing <> 2017-01-22 06:36:49 +0000
commit: 334c9196a27db4244daba48e4ba2118985c535ed (patch)
tree: 765f88b1c5ef0790c3644c70ffacf8e9a39b9ceb /src/lib/libssl/ssl_locl.h
parent: 107eff56043a3070d462256dca1675a3db9d9eab (diff)
download: openbsd-334c9196a27db4244daba48e4ba2118985c535ed.tar.gz
openbsd-334c9196a27db4244daba48e4ba2118985c535ed.tar.bz2
openbsd-334c9196a27db4244daba48e4ba2118985c535ed.zip
1 files changed, 55 insertions, 1 deletions
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index b8b5dd0b1b..805d68906a 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.148 2017/01/22 05:14:42 beck Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.149 2017/01/22 06:36:49 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -383,11 +383,65 @@ typedef struct ssl_session_internal_st {
 typedef struct ssl_ctx_internal_st {
        uint16_t min_version;
        uint16_t max_version;
+        /* Next protocol negotiation information */
+        /* (for experimental NPN extension). */
+        /* For a server, this contains a callback function by which the set of
+         * advertised protocols can be provided. */
+        int (*next_protos_advertised_cb)(SSL *s, const unsigned char **buf,
+            unsigned int *len, void *arg);
+        void *next_protos_advertised_cb_arg;
+        /* For a client, this contains a callback function that selects the
+         * next protocol from the list provided by the server. */
+        int (*next_proto_select_cb)(SSL *s, unsigned char **out,
+            unsigned char *outlen, const unsigned char *in,
+            unsigned int inlen, void *arg);
+        void *next_proto_select_cb_arg;
+        /*
+         * ALPN information
+         * (we are in the process of transitioning from NPN to ALPN).
+         */
+        /*
+         * Server callback function that allows the server to select the
+         * protocol for the connection.
+         *   out: on successful return, this must point to the raw protocol
+         *       name (without the length prefix).
+         *   outlen: on successful return, this contains the length of out.
+         *   in: points to the client's list of supported protocols in
+         *       wire-format.
+         *   inlen: the length of in.
+         */
+        int (*alpn_select_cb)(SSL *s, const unsigned char **out,
+            unsigned char *outlen, const unsigned char *in, unsigned int inlen,
+            void *arg);
+        void *alpn_select_cb_arg;
+        /* Client list of supported protocols in wire format. */
+        unsigned char *alpn_client_proto_list;
+        unsigned int alpn_client_proto_list_len;
 } SSL_CTX_INTERNAL;
 typedef struct ssl_internal_st {
        uint16_t min_version;
        uint16_t max_version;
+        /* Next protocol negotiation. For the client, this is the protocol that
+         * we sent in NextProtocol and is set when handling ServerHello
+         * extensions.
+         *
+         * For a server, this is the client's selected_protocol from
+         * NextProtocol and is set when handling the NextProtocol message,
+         * before the Finished message. */
+        unsigned char *next_proto_negotiated;
+        unsigned char next_proto_negotiated_len;
+        /* Client list of supported protocols in wire format. */
+        unsigned char *alpn_client_proto_list;
+        unsigned int alpn_client_proto_list_len;
 } SSL_INTERNAL;
 typedef struct ssl3_state_internal_st {
author	jsing <>	2017-01-22 06:36:49 +0000
committer	jsing <>	2017-01-22 06:36:49 +0000
commit	334c9196a27db4244daba48e4ba2118985c535ed (patch)
tree	765f88b1c5ef0790c3644c70ffacf8e9a39b9ceb /src/lib/libssl/ssl_locl.h
parent	107eff56043a3070d462256dca1675a3db9d9eab (diff)
download	openbsd-334c9196a27db4244daba48e4ba2118985c535ed.tar.gz openbsd-334c9196a27db4244daba48e4ba2118985c535ed.tar.bz2 openbsd-334c9196a27db4244daba48e4ba2118985c535ed.zip

diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index b8b5dd0b1b..805d68906a 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_locl.h,v 1.148 2017/01/22 05:14:42 beck Exp $ */	1	/* $OpenBSD: ssl_locl.h,v 1.149 2017/01/22 06:36:49 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -383,11 +383,65 @@ typedef struct ssl_session_internal_st {
383	typedef struct ssl_ctx_internal_st {	383	typedef struct ssl_ctx_internal_st {
384	uint16_t min_version;	384	uint16_t min_version;
385	uint16_t max_version;	385	uint16_t max_version;
		386
		387	/* Next protocol negotiation information */
		388	/* (for experimental NPN extension). */
		389
		390	/* For a server, this contains a callback function by which the set of
		391	* advertised protocols can be provided. */
		392	int (next_protos_advertised_cb)(SSL s, const unsigned char **buf,
		393	unsigned int len, void arg);
		394	void *next_protos_advertised_cb_arg;
		395	/* For a client, this contains a callback function that selects the
		396	* next protocol from the list provided by the server. */
		397	int (next_proto_select_cb)(SSL s, unsigned char **out,
		398	unsigned char outlen, const unsigned char in,
		399	unsigned int inlen, void *arg);
		400	void *next_proto_select_cb_arg;
		401
		402	/*
		403	* ALPN information
		404	* (we are in the process of transitioning from NPN to ALPN).
		405	*/
		406
		407	/*
		408	* Server callback function that allows the server to select the
		409	* protocol for the connection.
		410	* out: on successful return, this must point to the raw protocol
		411	* name (without the length prefix).
		412	* outlen: on successful return, this contains the length of out.
		413	* in: points to the client's list of supported protocols in
		414	* wire-format.
		415	* inlen: the length of in.
		416	*/
		417	int (alpn_select_cb)(SSL s, const unsigned char **out,
		418	unsigned char outlen, const unsigned char in, unsigned int inlen,
		419	void *arg);
		420	void *alpn_select_cb_arg;
		421
		422	/* Client list of supported protocols in wire format. */
		423	unsigned char *alpn_client_proto_list;
		424	unsigned int alpn_client_proto_list_len;
		425
386	} SSL_CTX_INTERNAL;	426	} SSL_CTX_INTERNAL;
387		427
388	typedef struct ssl_internal_st {	428	typedef struct ssl_internal_st {
389	uint16_t min_version;	429	uint16_t min_version;
390	uint16_t max_version;	430	uint16_t max_version;
		431
		432	/* Next protocol negotiation. For the client, this is the protocol that
		433	* we sent in NextProtocol and is set when handling ServerHello
		434	* extensions.
		435	*
		436	* For a server, this is the client's selected_protocol from
		437	* NextProtocol and is set when handling the NextProtocol message,
		438	* before the Finished message. */
		439	unsigned char *next_proto_negotiated;
		440	unsigned char next_proto_negotiated_len;
		441
		442	/* Client list of supported protocols in wire format. */
		443	unsigned char *alpn_client_proto_list;
		444	unsigned int alpn_client_proto_list_len;
391	} SSL_INTERNAL;	445	} SSL_INTERNAL;
392		446
393	typedef struct ssl3_state_internal_st {	447	typedef struct ssl3_state_internal_st {