diff options
| author | beck <> | 2019-11-26 23:46:18 +0000 |
|---|---|---|
| committer | beck <> | 2019-11-26 23:46:18 +0000 |
| commit | 6c45dccb7867c624e887c0684f50abacb856037c (patch) | |
| tree | 1f73f35baffbb8b961b4fca2a0f55afad5f6b3e5 /src/lib/libssl/tls13_internal.h | |
| parent | b2d85cf05e8897e5204031c7e483a80d9c359ea2 (diff) | |
| download | openbsd-6c45dccb7867c624e887c0684f50abacb856037c.tar.gz openbsd-6c45dccb7867c624e887c0684f50abacb856037c.tar.bz2 openbsd-6c45dccb7867c624e887c0684f50abacb856037c.zip | |
Add support for TLS 1.3 post handshake messages and key updating.
tested against openssl 1.1's server.
ok jsing@ tb@
Diffstat (limited to 'src/lib/libssl/tls13_internal.h')
| -rw-r--r-- | src/lib/libssl/tls13_internal.h | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h index 859030747f..b33e4818af 100644 --- a/src/lib/libssl/tls13_internal.h +++ b/src/lib/libssl/tls13_internal.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_internal.h,v 1.35 2019/11/20 16:21:20 beck Exp $ */ | 1 | /* $OpenBSD: tls13_internal.h,v 1.36 2019/11/26 23:46:18 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018 Bob Beck <beck@openbsd.org> | 3 | * Copyright (c) 2018 Bob Beck <beck@openbsd.org> |
| 4 | * Copyright (c) 2018 Theo Buehler <tb@openbsd.org> | 4 | * Copyright (c) 2018 Theo Buehler <tb@openbsd.org> |
| @@ -38,8 +38,8 @@ __BEGIN_HIDDEN_DECLS | |||
| 38 | #define TLS13_IO_USE_LEGACY -4 | 38 | #define TLS13_IO_USE_LEGACY -4 |
| 39 | 39 | ||
| 40 | typedef void (*tls13_alert_cb)(uint8_t _alert_desc, void *_cb_arg); | 40 | typedef void (*tls13_alert_cb)(uint8_t _alert_desc, void *_cb_arg); |
| 41 | typedef int (*tls13_post_handshake_recv_cb)(void *_cb_arg, CBS *cbs); | 41 | typedef ssize_t (*tls13_phh_recv_cb)(void *_cb_arg, CBS *cbs); |
| 42 | typedef int (*tls13_post_handshake_sent_cb)(void *_cb_arg); | 42 | typedef void (*tls13_phh_sent_cb)(void *_cb_arg); |
| 43 | typedef ssize_t (*tls13_read_cb)(void *_buf, size_t _buflen, void *_cb_arg); | 43 | typedef ssize_t (*tls13_read_cb)(void *_buf, size_t _buflen, void *_cb_arg); |
| 44 | typedef ssize_t (*tls13_write_cb)(const void *_buf, size_t _buflen, | 44 | typedef ssize_t (*tls13_write_cb)(const void *_buf, size_t _buflen, |
| 45 | void *_cb_arg); | 45 | void *_cb_arg); |
| @@ -111,8 +111,8 @@ struct tls13_record_layer; | |||
| 111 | 111 | ||
| 112 | struct tls13_record_layer *tls13_record_layer_new(tls13_read_cb wire_read, | 112 | struct tls13_record_layer *tls13_record_layer_new(tls13_read_cb wire_read, |
| 113 | tls13_write_cb wire_write, tls13_alert_cb alert_cb, | 113 | tls13_write_cb wire_write, tls13_alert_cb alert_cb, |
| 114 | tls13_post_handshake_recv_cb post_handshake_recv_cb, | 114 | tls13_phh_recv_cb phh_recv_cb, |
| 115 | tls13_post_handshake_sent_cb post_handshake_sent_cb, void *cb_arg); | 115 | tls13_phh_sent_cb phh_sent_cb, void *cb_arg); |
| 116 | void tls13_record_layer_free(struct tls13_record_layer *rl); | 116 | void tls13_record_layer_free(struct tls13_record_layer *rl); |
| 117 | void tls13_record_layer_set_aead(struct tls13_record_layer *rl, | 117 | void tls13_record_layer_set_aead(struct tls13_record_layer *rl, |
| 118 | const EVP_AEAD *aead); | 118 | const EVP_AEAD *aead); |
| @@ -172,7 +172,16 @@ struct tls13_ctx { | |||
| 172 | 172 | ||
| 173 | struct tls13_record_layer *rl; | 173 | struct tls13_record_layer *rl; |
| 174 | struct tls13_handshake_msg *hs_msg; | 174 | struct tls13_handshake_msg *hs_msg; |
| 175 | uint8_t key_update_request; | ||
| 176 | int phh_count; | ||
| 177 | time_t phh_last_seen; | ||
| 175 | }; | 178 | }; |
| 179 | #ifndef TLS13_PHH_LIMIT_TIME | ||
| 180 | #define TLS13_PHH_LIMIT_TIME 3600 | ||
| 181 | #endif | ||
| 182 | #ifndef TLS13_PHH_LIMIT | ||
| 183 | #define TLS13_PHH_LIMIT 100 | ||
| 184 | #endif | ||
| 176 | 185 | ||
| 177 | struct tls13_ctx *tls13_ctx_new(int mode); | 186 | struct tls13_ctx *tls13_ctx_new(int mode); |
| 178 | void tls13_ctx_free(struct tls13_ctx *ctx); | 187 | void tls13_ctx_free(struct tls13_ctx *ctx); |