summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl.h
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libssl/ssl.h55
1 files changed, 2 insertions, 53 deletions
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index 4080af8999..9fc6c5e976 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl.h,v 1.111 2017/01/23 04:55:27 beck Exp $ */ 1/* $OpenBSD: ssl.h,v 1.112 2017/01/23 05:13:02 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -689,23 +689,8 @@ struct ssl_ctx_st {
689 const SSL_METHOD *method; 689 const SSL_METHOD *method;
690 690
691 STACK_OF(SSL_CIPHER) *cipher_list; 691 STACK_OF(SSL_CIPHER) *cipher_list;
692 /* same as above but sorted for lookup */
693 STACK_OF(SSL_CIPHER) *cipher_list_by_id;
694 692
695 struct x509_store_st /* X509_STORE */ *cert_store; 693 struct x509_store_st /* X509_STORE */ *cert_store;
696 struct lhash_st_SSL_SESSION *sessions;
697 /* Most session-ids that will be cached, default is
698 * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. */
699 unsigned long session_cache_size;
700 struct ssl_session_st *session_cache_head;
701 struct ssl_session_st *session_cache_tail;
702
703 /* This can have one of 2 values, ored together,
704 * SSL_SESS_CACHE_CLIENT,
705 * SSL_SESS_CACHE_SERVER,
706 * Default is SSL_SESSION_CACHE_SERVER, which means only
707 * SSL_accept which cache SSL_SESSIONS. */
708 int session_cache_mode;
709 694
710 /* If timeout is not 0, it is the default timeout value set 695 /* If timeout is not 0, it is the default timeout value set
711 * when SSL_new() is called. This has been put in to make 696 * when SSL_new() is called. This has been put in to make
@@ -714,26 +699,12 @@ struct ssl_ctx_st {
714 699
715 int references; 700 int references;
716 701
717 CRYPTO_EX_DATA ex_data;
718
719 const EVP_MD *md5; /* For SSLv3/TLSv1 'ssl3-md5' */
720 const EVP_MD *sha1; /* For SSLv3/TLSv1 'ssl3-sha1' */
721
722 STACK_OF(X509) *extra_certs;
723
724 /* Default values used when no per-SSL value is defined follow */
725
726 /* what we put in client cert requests */
727 STACK_OF(X509_NAME) *client_CA;
728
729 /* Default values to use in SSL structures follow (these are copied by SSL_new) */ 702 /* Default values to use in SSL structures follow (these are copied by SSL_new) */
730 703
731 unsigned long options; 704 unsigned long options;
732 unsigned long mode; 705 unsigned long mode;
733 long max_cert_list;
734 706
735 struct cert_st /* CERT */ *cert; 707 STACK_OF(X509) *extra_certs;
736 int read_ahead;
737 708
738 int verify_mode; 709 int verify_mode;
739 unsigned int sid_ctx_length; 710 unsigned int sid_ctx_length;
@@ -741,28 +712,6 @@ struct ssl_ctx_st {
741 712
742 X509_VERIFY_PARAM *param; 713 X509_VERIFY_PARAM *param;
743 714
744 int quiet_shutdown;
745
746 /* Maximum amount of data to send in one fragment.
747 * actual record size can be more than this due to
748 * padding and MAC overheads.
749 */
750 unsigned int max_send_fragment;
751
752#ifndef OPENSSL_NO_ENGINE
753 /* Engine to pass requests for client certs to
754 */
755 ENGINE *client_cert_engine;
756#endif
757
758 /* RFC 4507 session ticket keys */
759 unsigned char tlsext_tick_key_name[16];
760 unsigned char tlsext_tick_hmac_key[16];
761 unsigned char tlsext_tick_aes_key[16];
762
763 /* SRTP profiles we are willing to do from RFC 5764 */
764 STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
765
766 struct ssl_ctx_internal_st *internal; 715 struct ssl_ctx_internal_st *internal;
767}; 716};
768 717
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-24 14:38:07 +0000