diff options
| author | jsing <> | 2015-02-12 03:45:25 +0000 |
|---|---|---|
| committer | jsing <> | 2015-02-12 03:45:25 +0000 |
| commit | 86af7c3070260922d654cfef98d3b100ccbd79d1 (patch) | |
| tree | a6567782f8c0fe3a5cd3a2b6d78b8e9a1e396085 /src | |
| parent | 5f7c1a2b2d1ad44c6535aac1d320379a2c952db8 (diff) | |
| download | openbsd-86af7c3070260922d654cfef98d3b100ccbd79d1.tar.gz openbsd-86af7c3070260922d654cfef98d3b100ccbd79d1.tar.bz2 openbsd-86af7c3070260922d654cfef98d3b100ccbd79d1.zip | |
unifdef -m -UOPENSSL_NO_NEXTPROTONEG - NPN is being replaced with ALPN,
however it is not likely to be removed any time soon.
ok beck@ miod@
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/src/ssl/ssl.h | 8 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/ssl3.h | 10 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/ssl_locl.h | 6 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/tls1.h | 4 | ||||
| -rw-r--r-- | src/lib/libssl/ssl.h | 8 | ||||
| -rw-r--r-- | src/lib/libssl/ssl3.h | 10 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_locl.h | 6 | ||||
| -rw-r--r-- | src/lib/libssl/tls1.h | 4 |
8 files changed, 8 insertions, 48 deletions
diff --git a/src/lib/libssl/src/ssl/ssl.h b/src/lib/libssl/src/ssl/ssl.h index 75103426f3..626b967f15 100644 --- a/src/lib/libssl/src/ssl/ssl.h +++ b/src/lib/libssl/src/ssl/ssl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl.h,v 1.81 2015/02/07 04:17:11 jsing Exp $ */ | 1 | /* $OpenBSD: ssl.h,v 1.82 2015/02/12 03:45:25 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -848,7 +848,6 @@ struct ssl_ctx_st { | |||
| 848 | 848 | ||
| 849 | 849 | ||
| 850 | 850 | ||
| 851 | # ifndef OPENSSL_NO_NEXTPROTONEG | ||
| 852 | /* Next protocol negotiation information */ | 851 | /* Next protocol negotiation information */ |
| 853 | /* (for experimental NPN extension). */ | 852 | /* (for experimental NPN extension). */ |
| 854 | 853 | ||
| @@ -863,7 +862,6 @@ struct ssl_ctx_st { | |||
| 863 | unsigned char *outlen, const unsigned char *in, | 862 | unsigned char *outlen, const unsigned char *in, |
| 864 | unsigned int inlen, void *arg); | 863 | unsigned int inlen, void *arg); |
| 865 | void *next_proto_select_cb_arg; | 864 | void *next_proto_select_cb_arg; |
| 866 | # endif | ||
| 867 | 865 | ||
| 868 | /* | 866 | /* |
| 869 | * ALPN information | 867 | * ALPN information |
| @@ -962,7 +960,6 @@ void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, | |||
| 962 | void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, | 960 | void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, |
| 963 | int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie, | 961 | int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie, |
| 964 | unsigned int cookie_len)); | 962 | unsigned int cookie_len)); |
| 965 | #ifndef OPENSSL_NO_NEXTPROTONEG | ||
| 966 | void | 963 | void |
| 967 | SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s, int (*cb)(SSL *ssl, | 964 | SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s, int (*cb)(SSL *ssl, |
| 968 | const unsigned char **out, unsigned int *outlen, void *arg), void *arg); | 965 | const unsigned char **out, unsigned int *outlen, void *arg), void *arg); |
| @@ -979,7 +976,6 @@ void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, | |||
| 979 | #define OPENSSL_NPN_UNSUPPORTED 0 | 976 | #define OPENSSL_NPN_UNSUPPORTED 0 |
| 980 | #define OPENSSL_NPN_NEGOTIATED 1 | 977 | #define OPENSSL_NPN_NEGOTIATED 1 |
| 981 | #define OPENSSL_NPN_NO_OVERLAP 2 | 978 | #define OPENSSL_NPN_NO_OVERLAP 2 |
| 982 | #endif | ||
| 983 | 979 | ||
| 984 | int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos, | 980 | int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos, |
| 985 | unsigned int protos_len); | 981 | unsigned int protos_len); |
| @@ -1198,7 +1194,6 @@ struct ssl_st { | |||
| 1198 | 1194 | ||
| 1199 | SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */ | 1195 | SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */ |
| 1200 | 1196 | ||
| 1201 | #ifndef OPENSSL_NO_NEXTPROTONEG | ||
| 1202 | /* Next protocol negotiation. For the client, this is the protocol that | 1197 | /* Next protocol negotiation. For the client, this is the protocol that |
| 1203 | * we sent in NextProtocol and is set when handling ServerHello | 1198 | * we sent in NextProtocol and is set when handling ServerHello |
| 1204 | * extensions. | 1199 | * extensions. |
| @@ -1208,7 +1203,6 @@ struct ssl_st { | |||
| 1208 | * before the Finished message. */ | 1203 | * before the Finished message. */ |
| 1209 | unsigned char *next_proto_negotiated; | 1204 | unsigned char *next_proto_negotiated; |
| 1210 | unsigned char next_proto_negotiated_len; | 1205 | unsigned char next_proto_negotiated_len; |
| 1211 | #endif | ||
| 1212 | 1206 | ||
| 1213 | #define session_ctx initial_ctx | 1207 | #define session_ctx initial_ctx |
| 1214 | 1208 | ||
diff --git a/src/lib/libssl/src/ssl/ssl3.h b/src/lib/libssl/src/ssl/ssl3.h index 2d7d35b7b2..644e8df16b 100644 --- a/src/lib/libssl/src/ssl/ssl3.h +++ b/src/lib/libssl/src/ssl/ssl3.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl3.h,v 1.34 2015/02/09 10:53:28 jsing Exp $ */ | 1 | /* $OpenBSD: ssl3.h,v 1.35 2015/02/12 03:45:25 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -480,11 +480,9 @@ typedef struct ssl3_state_st { | |||
| 480 | unsigned char previous_server_finished_len; | 480 | unsigned char previous_server_finished_len; |
| 481 | int send_connection_binding; /* TODOEKR */ | 481 | int send_connection_binding; /* TODOEKR */ |
| 482 | 482 | ||
| 483 | #ifndef OPENSSL_NO_NEXTPROTONEG | ||
| 484 | /* Set if we saw the Next Protocol Negotiation extension from our peer. | 483 | /* Set if we saw the Next Protocol Negotiation extension from our peer. |
| 485 | */ | 484 | */ |
| 486 | int next_proto_neg_seen; | 485 | int next_proto_neg_seen; |
| 487 | #endif | ||
| 488 | 486 | ||
| 489 | /* | 487 | /* |
| 490 | * ALPN information | 488 | * ALPN information |
| @@ -539,10 +537,8 @@ typedef struct ssl3_state_st { | |||
| 539 | #define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT) | 537 | #define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT) |
| 540 | #define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT) | 538 | #define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT) |
| 541 | #define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT) | 539 | #define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT) |
| 542 | #ifndef OPENSSL_NO_NEXTPROTONEG | ||
| 543 | #define SSL3_ST_CW_NEXT_PROTO_A (0x200|SSL_ST_CONNECT) | 540 | #define SSL3_ST_CW_NEXT_PROTO_A (0x200|SSL_ST_CONNECT) |
| 544 | #define SSL3_ST_CW_NEXT_PROTO_B (0x201|SSL_ST_CONNECT) | 541 | #define SSL3_ST_CW_NEXT_PROTO_B (0x201|SSL_ST_CONNECT) |
| 545 | #endif | ||
| 546 | #define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT) | 542 | #define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT) |
| 547 | #define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT) | 543 | #define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT) |
| 548 | /* read from server */ | 544 | /* read from server */ |
| @@ -588,10 +584,8 @@ typedef struct ssl3_state_st { | |||
| 588 | #define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT) | 584 | #define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT) |
| 589 | #define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT) | 585 | #define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT) |
| 590 | #define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT) | 586 | #define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT) |
| 591 | #ifndef OPENSSL_NO_NEXTPROTONEG | ||
| 592 | #define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT) | 587 | #define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT) |
| 593 | #define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT) | 588 | #define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT) |
| 594 | #endif | ||
| 595 | #define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT) | 589 | #define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT) |
| 596 | #define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT) | 590 | #define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT) |
| 597 | /* write to client */ | 591 | /* write to client */ |
| @@ -617,9 +611,7 @@ typedef struct ssl3_state_st { | |||
| 617 | #define SSL3_MT_FINISHED 20 | 611 | #define SSL3_MT_FINISHED 20 |
| 618 | #define SSL3_MT_CERTIFICATE_STATUS 22 | 612 | #define SSL3_MT_CERTIFICATE_STATUS 22 |
| 619 | 613 | ||
| 620 | #ifndef OPENSSL_NO_NEXTPROTONEG | ||
| 621 | #define SSL3_MT_NEXT_PROTO 67 | 614 | #define SSL3_MT_NEXT_PROTO 67 |
| 622 | #endif | ||
| 623 | 615 | ||
| 624 | #define DTLS1_MT_HELLO_VERIFY_REQUEST 3 | 616 | #define DTLS1_MT_HELLO_VERIFY_REQUEST 3 |
| 625 | 617 | ||
diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h index 20656682bd..3b7694fc94 100644 --- a/src/lib/libssl/src/ssl/ssl_locl.h +++ b/src/lib/libssl/src/ssl/ssl_locl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_locl.h,v 1.86 2015/02/07 04:17:11 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_locl.h,v 1.87 2015/02/12 03:45:25 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -725,9 +725,7 @@ int ssl3_get_key_exchange(SSL *s); | |||
| 725 | int ssl3_get_server_certificate(SSL *s); | 725 | int ssl3_get_server_certificate(SSL *s); |
| 726 | int ssl3_check_cert_and_algorithm(SSL *s); | 726 | int ssl3_check_cert_and_algorithm(SSL *s); |
| 727 | int ssl3_check_finished(SSL *s); | 727 | int ssl3_check_finished(SSL *s); |
| 728 | # ifndef OPENSSL_NO_NEXTPROTONEG | ||
| 729 | int ssl3_send_next_proto(SSL *s); | 728 | int ssl3_send_next_proto(SSL *s); |
| 730 | # endif | ||
| 731 | 729 | ||
| 732 | int dtls1_client_hello(SSL *s); | 730 | int dtls1_client_hello(SSL *s); |
| 733 | int dtls1_send_client_certificate(SSL *s); | 731 | int dtls1_send_client_certificate(SSL *s); |
| @@ -745,9 +743,7 @@ int ssl3_check_client_hello(SSL *s); | |||
| 745 | int ssl3_get_client_certificate(SSL *s); | 743 | int ssl3_get_client_certificate(SSL *s); |
| 746 | int ssl3_get_client_key_exchange(SSL *s); | 744 | int ssl3_get_client_key_exchange(SSL *s); |
| 747 | int ssl3_get_cert_verify(SSL *s); | 745 | int ssl3_get_cert_verify(SSL *s); |
| 748 | #ifndef OPENSSL_NO_NEXTPROTONEG | ||
| 749 | int ssl3_get_next_proto(SSL *s); | 746 | int ssl3_get_next_proto(SSL *s); |
| 750 | #endif | ||
| 751 | 747 | ||
| 752 | int dtls1_send_hello_request(SSL *s); | 748 | int dtls1_send_hello_request(SSL *s); |
| 753 | int dtls1_send_server_hello(SSL *s); | 749 | int dtls1_send_server_hello(SSL *s); |
diff --git a/src/lib/libssl/src/ssl/tls1.h b/src/lib/libssl/src/ssl/tls1.h index 60651572a2..6182daa837 100644 --- a/src/lib/libssl/src/ssl/tls1.h +++ b/src/lib/libssl/src/ssl/tls1.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls1.h,v 1.23 2014/12/16 05:47:28 miod Exp $ */ | 1 | /* $OpenBSD: tls1.h,v 1.24 2015/02/12 03:45:25 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -252,10 +252,8 @@ extern "C" { | |||
| 252 | /* Temporary extension type */ | 252 | /* Temporary extension type */ |
| 253 | #define TLSEXT_TYPE_renegotiate 0xff01 | 253 | #define TLSEXT_TYPE_renegotiate 0xff01 |
| 254 | 254 | ||
| 255 | #ifndef OPENSSL_NO_NEXTPROTONEG | ||
| 256 | /* This is not an IANA defined extension number */ | 255 | /* This is not an IANA defined extension number */ |
| 257 | #define TLSEXT_TYPE_next_proto_neg 13172 | 256 | #define TLSEXT_TYPE_next_proto_neg 13172 |
| 258 | #endif | ||
| 259 | 257 | ||
| 260 | /* NameType value from RFC 3546. */ | 258 | /* NameType value from RFC 3546. */ |
| 261 | #define TLSEXT_NAMETYPE_host_name 0 | 259 | #define TLSEXT_NAMETYPE_host_name 0 |
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h index 75103426f3..626b967f15 100644 --- a/src/lib/libssl/ssl.h +++ b/src/lib/libssl/ssl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl.h,v 1.81 2015/02/07 04:17:11 jsing Exp $ */ | 1 | /* $OpenBSD: ssl.h,v 1.82 2015/02/12 03:45:25 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -848,7 +848,6 @@ struct ssl_ctx_st { | |||
| 848 | 848 | ||
| 849 | 849 | ||
| 850 | 850 | ||
| 851 | # ifndef OPENSSL_NO_NEXTPROTONEG | ||
| 852 | /* Next protocol negotiation information */ | 851 | /* Next protocol negotiation information */ |
| 853 | /* (for experimental NPN extension). */ | 852 | /* (for experimental NPN extension). */ |
| 854 | 853 | ||
| @@ -863,7 +862,6 @@ struct ssl_ctx_st { | |||
| 863 | unsigned char *outlen, const unsigned char *in, | 862 | unsigned char *outlen, const unsigned char *in, |
| 864 | unsigned int inlen, void *arg); | 863 | unsigned int inlen, void *arg); |
| 865 | void *next_proto_select_cb_arg; | 864 | void *next_proto_select_cb_arg; |
| 866 | # endif | ||
| 867 | 865 | ||
| 868 | /* | 866 | /* |
| 869 | * ALPN information | 867 | * ALPN information |
| @@ -962,7 +960,6 @@ void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, | |||
| 962 | void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, | 960 | void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, |
| 963 | int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie, | 961 | int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie, |
| 964 | unsigned int cookie_len)); | 962 | unsigned int cookie_len)); |
| 965 | #ifndef OPENSSL_NO_NEXTPROTONEG | ||
| 966 | void | 963 | void |
| 967 | SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s, int (*cb)(SSL *ssl, | 964 | SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s, int (*cb)(SSL *ssl, |
| 968 | const unsigned char **out, unsigned int *outlen, void *arg), void *arg); | 965 | const unsigned char **out, unsigned int *outlen, void *arg), void *arg); |
| @@ -979,7 +976,6 @@ void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, | |||
| 979 | #define OPENSSL_NPN_UNSUPPORTED 0 | 976 | #define OPENSSL_NPN_UNSUPPORTED 0 |
| 980 | #define OPENSSL_NPN_NEGOTIATED 1 | 977 | #define OPENSSL_NPN_NEGOTIATED 1 |
| 981 | #define OPENSSL_NPN_NO_OVERLAP 2 | 978 | #define OPENSSL_NPN_NO_OVERLAP 2 |
| 982 | #endif | ||
| 983 | 979 | ||
| 984 | int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos, | 980 | int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos, |
| 985 | unsigned int protos_len); | 981 | unsigned int protos_len); |
| @@ -1198,7 +1194,6 @@ struct ssl_st { | |||
| 1198 | 1194 | ||
| 1199 | SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */ | 1195 | SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */ |
| 1200 | 1196 | ||
| 1201 | #ifndef OPENSSL_NO_NEXTPROTONEG | ||
| 1202 | /* Next protocol negotiation. For the client, this is the protocol that | 1197 | /* Next protocol negotiation. For the client, this is the protocol that |
| 1203 | * we sent in NextProtocol and is set when handling ServerHello | 1198 | * we sent in NextProtocol and is set when handling ServerHello |
| 1204 | * extensions. | 1199 | * extensions. |
| @@ -1208,7 +1203,6 @@ struct ssl_st { | |||
| 1208 | * before the Finished message. */ | 1203 | * before the Finished message. */ |
| 1209 | unsigned char *next_proto_negotiated; | 1204 | unsigned char *next_proto_negotiated; |
| 1210 | unsigned char next_proto_negotiated_len; | 1205 | unsigned char next_proto_negotiated_len; |
| 1211 | #endif | ||
| 1212 | 1206 | ||
| 1213 | #define session_ctx initial_ctx | 1207 | #define session_ctx initial_ctx |
| 1214 | 1208 | ||
diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h index 2d7d35b7b2..644e8df16b 100644 --- a/src/lib/libssl/ssl3.h +++ b/src/lib/libssl/ssl3.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl3.h,v 1.34 2015/02/09 10:53:28 jsing Exp $ */ | 1 | /* $OpenBSD: ssl3.h,v 1.35 2015/02/12 03:45:25 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -480,11 +480,9 @@ typedef struct ssl3_state_st { | |||
| 480 | unsigned char previous_server_finished_len; | 480 | unsigned char previous_server_finished_len; |
| 481 | int send_connection_binding; /* TODOEKR */ | 481 | int send_connection_binding; /* TODOEKR */ |
| 482 | 482 | ||
| 483 | #ifndef OPENSSL_NO_NEXTPROTONEG | ||
| 484 | /* Set if we saw the Next Protocol Negotiation extension from our peer. | 483 | /* Set if we saw the Next Protocol Negotiation extension from our peer. |
| 485 | */ | 484 | */ |
| 486 | int next_proto_neg_seen; | 485 | int next_proto_neg_seen; |
| 487 | #endif | ||
| 488 | 486 | ||
| 489 | /* | 487 | /* |
| 490 | * ALPN information | 488 | * ALPN information |
| @@ -539,10 +537,8 @@ typedef struct ssl3_state_st { | |||
| 539 | #define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT) | 537 | #define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT) |
| 540 | #define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT) | 538 | #define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT) |
| 541 | #define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT) | 539 | #define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT) |
| 542 | #ifndef OPENSSL_NO_NEXTPROTONEG | ||
| 543 | #define SSL3_ST_CW_NEXT_PROTO_A (0x200|SSL_ST_CONNECT) | 540 | #define SSL3_ST_CW_NEXT_PROTO_A (0x200|SSL_ST_CONNECT) |
| 544 | #define SSL3_ST_CW_NEXT_PROTO_B (0x201|SSL_ST_CONNECT) | 541 | #define SSL3_ST_CW_NEXT_PROTO_B (0x201|SSL_ST_CONNECT) |
| 545 | #endif | ||
| 546 | #define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT) | 542 | #define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT) |
| 547 | #define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT) | 543 | #define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT) |
| 548 | /* read from server */ | 544 | /* read from server */ |
| @@ -588,10 +584,8 @@ typedef struct ssl3_state_st { | |||
| 588 | #define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT) | 584 | #define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT) |
| 589 | #define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT) | 585 | #define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT) |
| 590 | #define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT) | 586 | #define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT) |
| 591 | #ifndef OPENSSL_NO_NEXTPROTONEG | ||
| 592 | #define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT) | 587 | #define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT) |
| 593 | #define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT) | 588 | #define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT) |
| 594 | #endif | ||
| 595 | #define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT) | 589 | #define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT) |
| 596 | #define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT) | 590 | #define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT) |
| 597 | /* write to client */ | 591 | /* write to client */ |
| @@ -617,9 +611,7 @@ typedef struct ssl3_state_st { | |||
| 617 | #define SSL3_MT_FINISHED 20 | 611 | #define SSL3_MT_FINISHED 20 |
| 618 | #define SSL3_MT_CERTIFICATE_STATUS 22 | 612 | #define SSL3_MT_CERTIFICATE_STATUS 22 |
| 619 | 613 | ||
| 620 | #ifndef OPENSSL_NO_NEXTPROTONEG | ||
| 621 | #define SSL3_MT_NEXT_PROTO 67 | 614 | #define SSL3_MT_NEXT_PROTO 67 |
| 622 | #endif | ||
| 623 | 615 | ||
| 624 | #define DTLS1_MT_HELLO_VERIFY_REQUEST 3 | 616 | #define DTLS1_MT_HELLO_VERIFY_REQUEST 3 |
| 625 | 617 | ||
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 20656682bd..3b7694fc94 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_locl.h,v 1.86 2015/02/07 04:17:11 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_locl.h,v 1.87 2015/02/12 03:45:25 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -725,9 +725,7 @@ int ssl3_get_key_exchange(SSL *s); | |||
| 725 | int ssl3_get_server_certificate(SSL *s); | 725 | int ssl3_get_server_certificate(SSL *s); |
| 726 | int ssl3_check_cert_and_algorithm(SSL *s); | 726 | int ssl3_check_cert_and_algorithm(SSL *s); |
| 727 | int ssl3_check_finished(SSL *s); | 727 | int ssl3_check_finished(SSL *s); |
| 728 | # ifndef OPENSSL_NO_NEXTPROTONEG | ||
| 729 | int ssl3_send_next_proto(SSL *s); | 728 | int ssl3_send_next_proto(SSL *s); |
| 730 | # endif | ||
| 731 | 729 | ||
| 732 | int dtls1_client_hello(SSL *s); | 730 | int dtls1_client_hello(SSL *s); |
| 733 | int dtls1_send_client_certificate(SSL *s); | 731 | int dtls1_send_client_certificate(SSL *s); |
| @@ -745,9 +743,7 @@ int ssl3_check_client_hello(SSL *s); | |||
| 745 | int ssl3_get_client_certificate(SSL *s); | 743 | int ssl3_get_client_certificate(SSL *s); |
| 746 | int ssl3_get_client_key_exchange(SSL *s); | 744 | int ssl3_get_client_key_exchange(SSL *s); |
| 747 | int ssl3_get_cert_verify(SSL *s); | 745 | int ssl3_get_cert_verify(SSL *s); |
| 748 | #ifndef OPENSSL_NO_NEXTPROTONEG | ||
| 749 | int ssl3_get_next_proto(SSL *s); | 746 | int ssl3_get_next_proto(SSL *s); |
| 750 | #endif | ||
| 751 | 747 | ||
| 752 | int dtls1_send_hello_request(SSL *s); | 748 | int dtls1_send_hello_request(SSL *s); |
| 753 | int dtls1_send_server_hello(SSL *s); | 749 | int dtls1_send_server_hello(SSL *s); |
diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h index 60651572a2..6182daa837 100644 --- a/src/lib/libssl/tls1.h +++ b/src/lib/libssl/tls1.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls1.h,v 1.23 2014/12/16 05:47:28 miod Exp $ */ | 1 | /* $OpenBSD: tls1.h,v 1.24 2015/02/12 03:45:25 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -252,10 +252,8 @@ extern "C" { | |||
| 252 | /* Temporary extension type */ | 252 | /* Temporary extension type */ |
| 253 | #define TLSEXT_TYPE_renegotiate 0xff01 | 253 | #define TLSEXT_TYPE_renegotiate 0xff01 |
| 254 | 254 | ||
| 255 | #ifndef OPENSSL_NO_NEXTPROTONEG | ||
| 256 | /* This is not an IANA defined extension number */ | 255 | /* This is not an IANA defined extension number */ |
| 257 | #define TLSEXT_TYPE_next_proto_neg 13172 | 256 | #define TLSEXT_TYPE_next_proto_neg 13172 |
| 258 | #endif | ||
| 259 | 257 | ||
| 260 | /* NameType value from RFC 3546. */ | 258 | /* NameType value from RFC 3546. */ |
| 261 | #define TLSEXT_NAMETYPE_host_name 0 | 259 | #define TLSEXT_NAMETYPE_host_name 0 |