summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/ssl.h')
-rw-r--r--src/lib/libssl/ssl.h313
1 files changed, 22 insertions, 291 deletions
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index 8b0c2a2dac..8f922eea72 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -252,7 +252,6 @@ extern "C" {
252#define SSL_TXT_kEECDH "kEECDH" 252#define SSL_TXT_kEECDH "kEECDH"
253#define SSL_TXT_kPSK "kPSK" 253#define SSL_TXT_kPSK "kPSK"
254#define SSL_TXT_kGOST "kGOST" 254#define SSL_TXT_kGOST "kGOST"
255#define SSL_TXT_kSRP "kSRP"
256 255
257#define SSL_TXT_aRSA "aRSA" 256#define SSL_TXT_aRSA "aRSA"
258#define SSL_TXT_aDSS "aDSS" 257#define SSL_TXT_aDSS "aDSS"
@@ -276,7 +275,6 @@ extern "C" {
276#define SSL_TXT_ECDSA "ECDSA" 275#define SSL_TXT_ECDSA "ECDSA"
277#define SSL_TXT_KRB5 "KRB5" 276#define SSL_TXT_KRB5 "KRB5"
278#define SSL_TXT_PSK "PSK" 277#define SSL_TXT_PSK "PSK"
279#define SSL_TXT_SRP "SRP"
280 278
281#define SSL_TXT_DES "DES" 279#define SSL_TXT_DES "DES"
282#define SSL_TXT_3DES "3DES" 280#define SSL_TXT_3DES "3DES"
@@ -287,7 +285,6 @@ extern "C" {
287#define SSL_TXT_AES128 "AES128" 285#define SSL_TXT_AES128 "AES128"
288#define SSL_TXT_AES256 "AES256" 286#define SSL_TXT_AES256 "AES256"
289#define SSL_TXT_AES "AES" 287#define SSL_TXT_AES "AES"
290#define SSL_TXT_AES_GCM "AESGCM"
291#define SSL_TXT_CAMELLIA128 "CAMELLIA128" 288#define SSL_TXT_CAMELLIA128 "CAMELLIA128"
292#define SSL_TXT_CAMELLIA256 "CAMELLIA256" 289#define SSL_TXT_CAMELLIA256 "CAMELLIA256"
293#define SSL_TXT_CAMELLIA "CAMELLIA" 290#define SSL_TXT_CAMELLIA "CAMELLIA"
@@ -297,14 +294,10 @@ extern "C" {
297#define SSL_TXT_SHA "SHA" /* same as "SHA1" */ 294#define SSL_TXT_SHA "SHA" /* same as "SHA1" */
298#define SSL_TXT_GOST94 "GOST94" 295#define SSL_TXT_GOST94 "GOST94"
299#define SSL_TXT_GOST89MAC "GOST89MAC" 296#define SSL_TXT_GOST89MAC "GOST89MAC"
300#define SSL_TXT_SHA256 "SHA256"
301#define SSL_TXT_SHA384 "SHA384"
302 297
303#define SSL_TXT_SSLV2 "SSLv2" 298#define SSL_TXT_SSLV2 "SSLv2"
304#define SSL_TXT_SSLV3 "SSLv3" 299#define SSL_TXT_SSLV3 "SSLv3"
305#define SSL_TXT_TLSV1 "TLSv1" 300#define SSL_TXT_TLSV1 "TLSv1"
306#define SSL_TXT_TLSV1_1 "TLSv1.1"
307#define SSL_TXT_TLSV1_2 "TLSv1.2"
308 301
309#define SSL_TXT_EXP "EXP" 302#define SSL_TXT_EXP "EXP"
310#define SSL_TXT_EXPORT "EXPORT" 303#define SSL_TXT_EXPORT "EXPORT"
@@ -363,29 +356,9 @@ extern "C" {
363 * in SSL_CTX. */ 356 * in SSL_CTX. */
364typedef struct ssl_st *ssl_crock_st; 357typedef struct ssl_st *ssl_crock_st;
365typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT; 358typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT;
366typedef struct ssl_method_st SSL_METHOD;
367typedef struct ssl_cipher_st SSL_CIPHER;
368typedef struct ssl_session_st SSL_SESSION;
369
370DECLARE_STACK_OF(SSL_CIPHER)
371
372/* SRTP protection profiles for use with the use_srtp extension (RFC 5764)*/
373typedef struct srtp_protection_profile_st
374 {
375 const char *name;
376 unsigned long id;
377 } SRTP_PROTECTION_PROFILE;
378
379DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE)
380
381typedef int (*tls_session_ticket_ext_cb_fn)(SSL *s, const unsigned char *data, int len, void *arg);
382typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg);
383
384
385#ifndef OPENSSL_NO_SSL_INTERN
386 359
387/* used to hold info on the particular ciphers used */ 360/* used to hold info on the particular ciphers used */
388struct ssl_cipher_st 361typedef struct ssl_cipher_st
389 { 362 {
390 int valid; 363 int valid;
391 const char *name; /* text name */ 364 const char *name; /* text name */
@@ -402,11 +375,15 @@ struct ssl_cipher_st
402 unsigned long algorithm2; /* Extra flags */ 375 unsigned long algorithm2; /* Extra flags */
403 int strength_bits; /* Number of bits really used */ 376 int strength_bits; /* Number of bits really used */
404 int alg_bits; /* Number of bits for algorithm */ 377 int alg_bits; /* Number of bits for algorithm */
405 }; 378 } SSL_CIPHER;
379
380DECLARE_STACK_OF(SSL_CIPHER)
406 381
382typedef int (*tls_session_ticket_ext_cb_fn)(SSL *s, const unsigned char *data, int len, void *arg);
383typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg);
407 384
408/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ 385/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */
409struct ssl_method_st 386typedef struct ssl_method_st
410 { 387 {
411 int version; 388 int version;
412 int (*ssl_new)(SSL *s); 389 int (*ssl_new)(SSL *s);
@@ -439,7 +416,7 @@ struct ssl_method_st
439 int (*ssl_version)(void); 416 int (*ssl_version)(void);
440 long (*ssl_callback_ctrl)(SSL *s, int cb_id, void (*fp)(void)); 417 long (*ssl_callback_ctrl)(SSL *s, int cb_id, void (*fp)(void));
441 long (*ssl_ctx_callback_ctrl)(SSL_CTX *s, int cb_id, void (*fp)(void)); 418 long (*ssl_ctx_callback_ctrl)(SSL_CTX *s, int cb_id, void (*fp)(void));
442 }; 419 } SSL_METHOD;
443 420
444/* Lets make this into an ASN.1 type structure as follows 421/* Lets make this into an ASN.1 type structure as follows
445 * SSL_SESSION_ID ::= SEQUENCE { 422 * SSL_SESSION_ID ::= SEQUENCE {
@@ -456,17 +433,14 @@ struct ssl_method_st
456 * Session_ID_context [ 4 ] EXPLICIT OCTET STRING, -- the Session ID context 433 * Session_ID_context [ 4 ] EXPLICIT OCTET STRING, -- the Session ID context
457 * Verify_result [ 5 ] EXPLICIT INTEGER, -- X509_V_... code for `Peer' 434 * Verify_result [ 5 ] EXPLICIT INTEGER, -- X509_V_... code for `Peer'
458 * HostName [ 6 ] EXPLICIT OCTET STRING, -- optional HostName from servername TLS extension 435 * HostName [ 6 ] EXPLICIT OCTET STRING, -- optional HostName from servername TLS extension
459 * PSK_identity_hint [ 7 ] EXPLICIT OCTET STRING, -- optional PSK identity hint 436 * ECPointFormatList [ 7 ] OCTET STRING, -- optional EC point format list from TLS extension
460 * PSK_identity [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity 437 * PSK_identity_hint [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
461 * Ticket_lifetime_hint [9] EXPLICIT INTEGER, -- server's lifetime hint for session ticket 438 * PSK_identity [ 9 ] EXPLICIT OCTET STRING -- optional PSK identity
462 * Ticket [10] EXPLICIT OCTET STRING, -- session ticket (clients only)
463 * Compression_meth [11] EXPLICIT OCTET STRING, -- optional compression method
464 * SRP_username [ 12 ] EXPLICIT OCTET STRING -- optional SRP username
465 * } 439 * }
466 * Look in ssl/ssl_asn1.c for more details 440 * Look in ssl/ssl_asn1.c for more details
467 * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-). 441 * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
468 */ 442 */
469struct ssl_session_st 443typedef struct ssl_session_st
470 { 444 {
471 int ssl_version; /* what ssl version session info is 445 int ssl_version; /* what ssl version session info is
472 * being kept in here? */ 446 * being kept in here? */
@@ -538,12 +512,8 @@ struct ssl_session_st
538 size_t tlsext_ticklen; /* Session ticket length */ 512 size_t tlsext_ticklen; /* Session ticket length */
539 long tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */ 513 long tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */
540#endif 514#endif
541#ifndef OPENSSL_NO_SRP 515 } SSL_SESSION;
542 char *srp_username;
543#endif
544 };
545 516
546#endif
547 517
548#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L 518#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L
549#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L 519#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L
@@ -566,7 +536,7 @@ struct ssl_session_st
566 536
567/* SSL_OP_ALL: various bug workarounds that should be rather harmless. 537/* SSL_OP_ALL: various bug workarounds that should be rather harmless.
568 * This used to be 0x000FFFFFL before 0.9.7. */ 538 * This used to be 0x000FFFFFL before 0.9.7. */
569#define SSL_OP_ALL 0x80000BFFL 539#define SSL_OP_ALL 0x80000FFFL
570 540
571/* DTLS options */ 541/* DTLS options */
572#define SSL_OP_NO_QUERY_MTU 0x00001000L 542#define SSL_OP_NO_QUERY_MTU 0x00001000L
@@ -602,17 +572,11 @@ struct ssl_session_st
602#define SSL_OP_NO_SSLv2 0x01000000L 572#define SSL_OP_NO_SSLv2 0x01000000L
603#define SSL_OP_NO_SSLv3 0x02000000L 573#define SSL_OP_NO_SSLv3 0x02000000L
604#define SSL_OP_NO_TLSv1 0x04000000L 574#define SSL_OP_NO_TLSv1 0x04000000L
605#define SSL_OP_NO_TLSv1_2 0x08000000L
606#define SSL_OP_NO_TLSv1_1 0x10000000L
607 575
608/* These next two were never actually used for anything since SSLeay
609 * zap so we have some more flags.
610 */
611/* The next flag deliberately changes the ciphertest, this is a check 576/* The next flag deliberately changes the ciphertest, this is a check
612 * for the PKCS#1 attack */ 577 * for the PKCS#1 attack */
613#define SSL_OP_PKCS1_CHECK_1 0x0 578#define SSL_OP_PKCS1_CHECK_1 0x08000000L
614#define SSL_OP_PKCS1_CHECK_2 0x0 579#define SSL_OP_PKCS1_CHECK_2 0x10000000L
615
616#define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L 580#define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L
617#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x40000000L 581#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x40000000L
618/* Make server add server-hello extension from early version of 582/* Make server add server-hello extension from early version of
@@ -673,53 +637,12 @@ struct ssl_session_st
673#define SSL_get_secure_renegotiation_support(ssl) \ 637#define SSL_get_secure_renegotiation_support(ssl) \
674 SSL_ctrl((ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL) 638 SSL_ctrl((ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL)
675 639
676#ifndef OPENSSL_NO_HEARTBEATS
677#define SSL_heartbeat(ssl) \
678 SSL_ctrl((ssl),SSL_CTRL_TLS_EXT_SEND_HEARTBEAT,0,NULL)
679#endif
680
681void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)); 640void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
682void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)); 641void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
683#define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg)) 642#define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
684#define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg)) 643#define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
685 644
686#ifndef OPENSSL_NO_SRP
687 645
688#ifndef OPENSSL_NO_SSL_INTERN
689
690typedef struct srp_ctx_st
691 {
692 /* param for all the callbacks */
693 void *SRP_cb_arg;
694 /* set client Hello login callback */
695 int (*TLS_ext_srp_username_callback)(SSL *, int *, void *);
696 /* set SRP N/g param callback for verification */
697 int (*SRP_verify_param_callback)(SSL *, void *);
698 /* set SRP client passwd callback */
699 char *(*SRP_give_srp_client_pwd_callback)(SSL *, void *);
700
701 char *login;
702 BIGNUM *N,*g,*s,*B,*A;
703 BIGNUM *a,*b,*v;
704 char *info;
705 int strength;
706
707 unsigned long srp_Mask;
708 } SRP_CTX;
709
710#endif
711
712/* see tls_srp.c */
713int SSL_SRP_CTX_init(SSL *s);
714int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx);
715int SSL_SRP_CTX_free(SSL *ctx);
716int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx);
717int SSL_srp_server_param_with_username(SSL *s, int *ad);
718int SRP_generate_server_master_secret(SSL *s,unsigned char *master_key);
719int SRP_Calc_A_param(SSL *s);
720int SRP_generate_client_master_secret(SSL *s,unsigned char *master_key);
721
722#endif
723 646
724#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32) 647#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32)
725#define SSL_MAX_CERT_LIST_DEFAULT 1024*30 /* 30k max cert list :-) */ 648#define SSL_MAX_CERT_LIST_DEFAULT 1024*30 /* 30k max cert list :-) */
@@ -745,11 +668,7 @@ int SRP_generate_client_master_secret(SSL *s,unsigned char *master_key);
745typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id, 668typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id,
746 unsigned int *id_len); 669 unsigned int *id_len);
747 670
748typedef struct ssl_comp_st SSL_COMP; 671typedef struct ssl_comp_st
749
750#ifndef OPENSSL_NO_SSL_INTERN
751
752struct ssl_comp_st
753 { 672 {
754 int id; 673 int id;
755 const char *name; 674 const char *name;
@@ -758,7 +677,7 @@ struct ssl_comp_st
758#else 677#else
759 char *method; 678 char *method;
760#endif 679#endif
761 }; 680 } SSL_COMP;
762 681
763DECLARE_STACK_OF(SSL_COMP) 682DECLARE_STACK_OF(SSL_COMP)
764DECLARE_LHASH_OF(SSL_SESSION); 683DECLARE_LHASH_OF(SSL_SESSION);
@@ -927,6 +846,7 @@ struct ssl_ctx_st
927 /* Callback for status request */ 846 /* Callback for status request */
928 int (*tlsext_status_cb)(SSL *ssl, void *arg); 847 int (*tlsext_status_cb)(SSL *ssl, void *arg);
929 void *tlsext_status_arg; 848 void *tlsext_status_arg;
849
930 /* draft-rescorla-tls-opaque-prf-input-00.txt information */ 850 /* draft-rescorla-tls-opaque-prf-input-00.txt information */
931 int (*tlsext_opaque_prf_input_callback)(SSL *, void *peerinput, size_t len, void *arg); 851 int (*tlsext_opaque_prf_input_callback)(SSL *, void *peerinput, size_t len, void *arg);
932 void *tlsext_opaque_prf_input_callback_arg; 852 void *tlsext_opaque_prf_input_callback_arg;
@@ -947,36 +867,8 @@ struct ssl_ctx_st
947 struct ssl3_buf_freelist_st *wbuf_freelist; 867 struct ssl3_buf_freelist_st *wbuf_freelist;
948 struct ssl3_buf_freelist_st *rbuf_freelist; 868 struct ssl3_buf_freelist_st *rbuf_freelist;
949#endif 869#endif
950#ifndef OPENSSL_NO_SRP
951 SRP_CTX srp_ctx; /* ctx for SRP authentication */
952#endif
953
954#ifndef OPENSSL_NO_TLSEXT
955# ifndef OPENSSL_NO_NEXTPROTONEG
956 /* Next protocol negotiation information */
957 /* (for experimental NPN extension). */
958
959 /* For a server, this contains a callback function by which the set of
960 * advertised protocols can be provided. */
961 int (*next_protos_advertised_cb)(SSL *s, const unsigned char **buf,
962 unsigned int *len, void *arg);
963 void *next_protos_advertised_cb_arg;
964 /* For a client, this contains a callback function that selects the
965 * next protocol from the list provided by the server. */
966 int (*next_proto_select_cb)(SSL *s, unsigned char **out,
967 unsigned char *outlen,
968 const unsigned char *in,
969 unsigned int inlen,
970 void *arg);
971 void *next_proto_select_cb_arg;
972# endif
973 /* SRTP profiles we are willing to do from RFC 5764 */
974 STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
975#endif
976 }; 870 };
977 871
978#endif
979
980#define SSL_SESS_CACHE_OFF 0x0000 872#define SSL_SESS_CACHE_OFF 0x0000
981#define SSL_SESS_CACHE_CLIENT 0x0001 873#define SSL_SESS_CACHE_CLIENT 0x0001
982#define SSL_SESS_CACHE_SERVER 0x0002 874#define SSL_SESS_CACHE_SERVER 0x0002
@@ -1029,32 +921,6 @@ int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e);
1029#endif 921#endif
1030void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len)); 922void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len));
1031void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len)); 923void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len));
1032#ifndef OPENSSL_NO_NEXTPROTONEG
1033void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s,
1034 int (*cb) (SSL *ssl,
1035 const unsigned char **out,
1036 unsigned int *outlen,
1037 void *arg),
1038 void *arg);
1039void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s,
1040 int (*cb) (SSL *ssl,
1041 unsigned char **out,
1042 unsigned char *outlen,
1043 const unsigned char *in,
1044 unsigned int inlen,
1045 void *arg),
1046 void *arg);
1047
1048int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
1049 const unsigned char *in, unsigned int inlen,
1050 const unsigned char *client, unsigned int client_len);
1051void SSL_get0_next_proto_negotiated(const SSL *s,
1052 const unsigned char **data, unsigned *len);
1053
1054#define OPENSSL_NPN_UNSUPPORTED 0
1055#define OPENSSL_NPN_NEGOTIATED 1
1056#define OPENSSL_NPN_NO_OVERLAP 2
1057#endif
1058 924
1059#ifndef OPENSSL_NO_PSK 925#ifndef OPENSSL_NO_PSK
1060/* the maximum length of the buffer given to callbacks containing the 926/* the maximum length of the buffer given to callbacks containing the
@@ -1095,8 +961,6 @@ const char *SSL_get_psk_identity(const SSL *s);
1095#define SSL_MAC_FLAG_READ_MAC_STREAM 1 961#define SSL_MAC_FLAG_READ_MAC_STREAM 1
1096#define SSL_MAC_FLAG_WRITE_MAC_STREAM 2 962#define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
1097 963
1098#ifndef OPENSSL_NO_SSL_INTERN
1099
1100struct ssl_st 964struct ssl_st
1101 { 965 {
1102 /* protocol version 966 /* protocol version
@@ -1141,7 +1005,9 @@ struct ssl_st
1141 1005
1142 int server; /* are we the server side? - mostly used by SSL_clear*/ 1006 int server; /* are we the server side? - mostly used by SSL_clear*/
1143 1007
1144 int new_session;/* Generate a new session or reuse an old one. 1008 int new_session;/* 1 if we are to use a new session.
1009 * 2 if we are a server and are inside a handshake
1010 * (i.e. not just sending a HelloRequest)
1145 * NB: For servers, the 'new' session may actually be a previously 1011 * NB: For servers, the 'new' session may actually be a previously
1146 * cached session or even the previous session unless 1012 * cached session or even the previous session unless
1147 * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */ 1013 * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
@@ -1311,46 +1177,12 @@ struct ssl_st
1311 void *tls_session_secret_cb_arg; 1177 void *tls_session_secret_cb_arg;
1312 1178
1313 SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */ 1179 SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */
1314
1315#ifndef OPENSSL_NO_NEXTPROTONEG
1316 /* Next protocol negotiation. For the client, this is the protocol that
1317 * we sent in NextProtocol and is set when handling ServerHello
1318 * extensions.
1319 *
1320 * For a server, this is the client's selected_protocol from
1321 * NextProtocol and is set when handling the NextProtocol message,
1322 * before the Finished message. */
1323 unsigned char *next_proto_negotiated;
1324 unsigned char next_proto_negotiated_len;
1325#endif
1326
1327#define session_ctx initial_ctx 1180#define session_ctx initial_ctx
1328
1329 STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles; /* What we'll do */
1330 SRTP_PROTECTION_PROFILE *srtp_profile; /* What's been chosen */
1331
1332 unsigned int tlsext_heartbeat; /* Is use of the Heartbeat extension negotiated?
1333 0: disabled
1334 1: enabled
1335 2: enabled, but not allowed to send Requests
1336 */
1337 unsigned int tlsext_hb_pending; /* Indicates if a HeartbeatRequest is in flight */
1338 unsigned int tlsext_hb_seq; /* HeartbeatRequest sequence number */
1339#else 1181#else
1340#define session_ctx ctx 1182#define session_ctx ctx
1341#endif /* OPENSSL_NO_TLSEXT */ 1183#endif /* OPENSSL_NO_TLSEXT */
1342
1343 int renegotiate;/* 1 if we are renegotiating.
1344 * 2 if we are a server and are inside a handshake
1345 * (i.e. not just sending a HelloRequest) */
1346
1347#ifndef OPENSSL_NO_SRP
1348 SRP_CTX srp_ctx; /* ctx for SRP authentication */
1349#endif
1350 }; 1184 };
1351 1185
1352#endif
1353
1354#ifdef __cplusplus 1186#ifdef __cplusplus
1355} 1187}
1356#endif 1188#endif
@@ -1360,7 +1192,6 @@ struct ssl_st
1360#include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */ 1192#include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
1361#include <openssl/dtls1.h> /* Datagram TLS */ 1193#include <openssl/dtls1.h> /* Datagram TLS */
1362#include <openssl/ssl23.h> 1194#include <openssl/ssl23.h>
1363#include <openssl/srtp.h> /* Support for the use_srtp extension */
1364 1195
1365#ifdef __cplusplus 1196#ifdef __cplusplus
1366extern "C" { 1197extern "C" {
@@ -1577,20 +1408,6 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
1577#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71 1408#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71
1578 1409
1579#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72 1410#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72
1580
1581#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB 75
1582#define SSL_CTRL_SET_SRP_VERIFY_PARAM_CB 76
1583#define SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB 77
1584
1585#define SSL_CTRL_SET_SRP_ARG 78
1586#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME 79
1587#define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 80
1588#define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 81
1589#ifndef OPENSSL_NO_HEARTBEATS
1590#define SSL_CTRL_TLS_EXT_SEND_HEARTBEAT 85
1591#define SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING 86
1592#define SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS 87
1593#endif
1594#endif 1411#endif
1595 1412
1596#define DTLS_CTRL_GET_TIMEOUT 73 1413#define DTLS_CTRL_GET_TIMEOUT 73
@@ -1601,9 +1418,6 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
1601#define SSL_CTRL_CLEAR_OPTIONS 77 1418#define SSL_CTRL_CLEAR_OPTIONS 77
1602#define SSL_CTRL_CLEAR_MODE 78 1419#define SSL_CTRL_CLEAR_MODE 78
1603 1420
1604#define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82
1605#define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83
1606
1607#define DTLSv1_get_timeout(ssl, arg) \ 1421#define DTLSv1_get_timeout(ssl, arg) \
1608 SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg) 1422 SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
1609#define DTLSv1_handle_timeout(ssl) \ 1423#define DTLSv1_handle_timeout(ssl) \
@@ -1640,10 +1454,6 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
1640 1454
1641#define SSL_CTX_add_extra_chain_cert(ctx,x509) \ 1455#define SSL_CTX_add_extra_chain_cert(ctx,x509) \
1642 SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509) 1456 SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
1643#define SSL_CTX_get_extra_chain_certs(ctx,px509) \
1644 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,0,px509)
1645#define SSL_CTX_clear_extra_chain_certs(ctx) \
1646 SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS,0,NULL)
1647 1457
1648#ifndef OPENSSL_NO_BIO 1458#ifndef OPENSSL_NO_BIO
1649BIO_METHOD *BIO_f_ssl(void); 1459BIO_METHOD *BIO_f_ssl(void);
@@ -1671,7 +1481,6 @@ const SSL_CIPHER *SSL_get_current_cipher(const SSL *s);
1671int SSL_CIPHER_get_bits(const SSL_CIPHER *c,int *alg_bits); 1481int SSL_CIPHER_get_bits(const SSL_CIPHER *c,int *alg_bits);
1672char * SSL_CIPHER_get_version(const SSL_CIPHER *c); 1482char * SSL_CIPHER_get_version(const SSL_CIPHER *c);
1673const char * SSL_CIPHER_get_name(const SSL_CIPHER *c); 1483const char * SSL_CIPHER_get_name(const SSL_CIPHER *c);
1674unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c);
1675 1484
1676int SSL_get_fd(const SSL *s); 1485int SSL_get_fd(const SSL *s);
1677int SSL_get_rfd(const SSL *s); 1486int SSL_get_rfd(const SSL *s);
@@ -1737,14 +1546,10 @@ long SSL_SESSION_set_time(SSL_SESSION *s, long t);
1737long SSL_SESSION_get_timeout(const SSL_SESSION *s); 1546long SSL_SESSION_get_timeout(const SSL_SESSION *s);
1738long SSL_SESSION_set_timeout(SSL_SESSION *s, long t); 1547long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
1739void SSL_copy_session_id(SSL *to,const SSL *from); 1548void SSL_copy_session_id(SSL *to,const SSL *from);
1740X509 *SSL_SESSION_get0_peer(SSL_SESSION *s);
1741int SSL_SESSION_set1_id_context(SSL_SESSION *s,const unsigned char *sid_ctx,
1742 unsigned int sid_ctx_len);
1743 1549
1744SSL_SESSION *SSL_SESSION_new(void); 1550SSL_SESSION *SSL_SESSION_new(void);
1745const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, 1551const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,
1746 unsigned int *len); 1552 unsigned int *len);
1747unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s);
1748#ifndef OPENSSL_NO_FP_API 1553#ifndef OPENSSL_NO_FP_API
1749int SSL_SESSION_print_fp(FILE *fp,const SSL_SESSION *ses); 1554int SSL_SESSION_print_fp(FILE *fp,const SSL_SESSION *ses);
1750#endif 1555#endif
@@ -1807,30 +1612,6 @@ int SSL_set_trust(SSL *s, int trust);
1807int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm); 1612int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm);
1808int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm); 1613int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);
1809 1614
1810#ifndef OPENSSL_NO_SRP
1811int SSL_CTX_set_srp_username(SSL_CTX *ctx,char *name);
1812int SSL_CTX_set_srp_password(SSL_CTX *ctx,char *password);
1813int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength);
1814int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx,
1815 char *(*cb)(SSL *,void *));
1816int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx,
1817 int (*cb)(SSL *,void *));
1818int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
1819 int (*cb)(SSL *,int *,void *));
1820int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg);
1821
1822int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g,
1823 BIGNUM *sa, BIGNUM *v, char *info);
1824int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass,
1825 const char *grp);
1826
1827BIGNUM *SSL_get_srp_g(SSL *s);
1828BIGNUM *SSL_get_srp_N(SSL *s);
1829
1830char *SSL_get_srp_username(SSL *s);
1831char *SSL_get_srp_userinfo(SSL *s);
1832#endif
1833
1834void SSL_free(SSL *ssl); 1615void SSL_free(SSL *ssl);
1835int SSL_accept(SSL *ssl); 1616int SSL_accept(SSL *ssl);
1836int SSL_connect(SSL *ssl); 1617int SSL_connect(SSL *ssl);
@@ -1866,15 +1647,6 @@ const SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */
1866const SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */ 1647const SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
1867const SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */ 1648const SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */
1868 1649
1869const SSL_METHOD *TLSv1_1_method(void); /* TLSv1.1 */
1870const SSL_METHOD *TLSv1_1_server_method(void); /* TLSv1.1 */
1871const SSL_METHOD *TLSv1_1_client_method(void); /* TLSv1.1 */
1872
1873const SSL_METHOD *TLSv1_2_method(void); /* TLSv1.2 */
1874const SSL_METHOD *TLSv1_2_server_method(void); /* TLSv1.2 */
1875const SSL_METHOD *TLSv1_2_client_method(void); /* TLSv1.2 */
1876
1877
1878const SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */ 1650const SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */
1879const SSL_METHOD *DTLSv1_server_method(void); /* DTLSv1.0 */ 1651const SSL_METHOD *DTLSv1_server_method(void); /* DTLSv1.0 */
1880const SSL_METHOD *DTLSv1_client_method(void); /* DTLSv1.0 */ 1652const SSL_METHOD *DTLSv1_client_method(void); /* DTLSv1.0 */
@@ -1883,7 +1655,6 @@ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s);
1883 1655
1884int SSL_do_handshake(SSL *s); 1656int SSL_do_handshake(SSL *s);
1885int SSL_renegotiate(SSL *s); 1657int SSL_renegotiate(SSL *s);
1886int SSL_renegotiate_abbreviated(SSL *s);
1887int SSL_renegotiate_pending(SSL *s); 1658int SSL_renegotiate_pending(SSL *s);
1888int SSL_shutdown(SSL *s); 1659int SSL_shutdown(SSL *s);
1889 1660
@@ -1935,7 +1706,6 @@ void SSL_set_info_callback(SSL *ssl,
1935 void (*cb)(const SSL *ssl,int type,int val)); 1706 void (*cb)(const SSL *ssl,int type,int val));
1936void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl,int type,int val); 1707void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl,int type,int val);
1937int SSL_state(const SSL *ssl); 1708int SSL_state(const SSL *ssl);
1938void SSL_set_state(SSL *ssl, int state);
1939 1709
1940void SSL_set_verify_result(SSL *ssl,long v); 1710void SSL_set_verify_result(SSL *ssl,long v);
1941long SSL_get_verify_result(const SSL *ssl); 1711long SSL_get_verify_result(const SSL *ssl);
@@ -2036,9 +1806,6 @@ int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
2036/* Pre-shared secret session resumption functions */ 1806/* Pre-shared secret session resumption functions */
2037int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg); 1807int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg);
2038 1808
2039void SSL_set_debug(SSL *s, int debug);
2040int SSL_cache_hit(SSL *s);
2041
2042/* BEGIN ERROR CODES */ 1809/* BEGIN ERROR CODES */
2043/* The following lines are auto generated by the script mkerr.pl. Any changes 1810/* The following lines are auto generated by the script mkerr.pl. Any changes
2044 * made after this point may be overwritten when the script is next run. 1811 * made after this point may be overwritten when the script is next run.
@@ -2058,7 +1825,6 @@ void ERR_load_SSL_strings(void);
2058#define SSL_F_DTLS1_ACCEPT 246 1825#define SSL_F_DTLS1_ACCEPT 246
2059#define SSL_F_DTLS1_ADD_CERT_TO_BUF 295 1826#define SSL_F_DTLS1_ADD_CERT_TO_BUF 295
2060#define SSL_F_DTLS1_BUFFER_RECORD 247 1827#define SSL_F_DTLS1_BUFFER_RECORD 247
2061#define SSL_F_DTLS1_CHECK_TIMEOUT_NUM 316
2062#define SSL_F_DTLS1_CLIENT_HELLO 248 1828#define SSL_F_DTLS1_CLIENT_HELLO 248
2063#define SSL_F_DTLS1_CONNECT 249 1829#define SSL_F_DTLS1_CONNECT 249
2064#define SSL_F_DTLS1_ENC 250 1830#define SSL_F_DTLS1_ENC 250
@@ -2067,7 +1833,6 @@ void ERR_load_SSL_strings(void);
2067#define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT 253 1833#define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT 253
2068#define SSL_F_DTLS1_GET_RECORD 254 1834#define SSL_F_DTLS1_GET_RECORD 254
2069#define SSL_F_DTLS1_HANDLE_TIMEOUT 297 1835#define SSL_F_DTLS1_HANDLE_TIMEOUT 297
2070#define SSL_F_DTLS1_HEARTBEAT 305
2071#define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 255 1836#define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 255
2072#define SSL_F_DTLS1_PREPROCESS_FRAGMENT 288 1837#define SSL_F_DTLS1_PREPROCESS_FRAGMENT 288
2073#define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256 1838#define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256
@@ -2136,7 +1901,6 @@ void ERR_load_SSL_strings(void);
2136#define SSL_F_SSL3_GET_KEY_EXCHANGE 141 1901#define SSL_F_SSL3_GET_KEY_EXCHANGE 141
2137#define SSL_F_SSL3_GET_MESSAGE 142 1902#define SSL_F_SSL3_GET_MESSAGE 142
2138#define SSL_F_SSL3_GET_NEW_SESSION_TICKET 283 1903#define SSL_F_SSL3_GET_NEW_SESSION_TICKET 283
2139#define SSL_F_SSL3_GET_NEXT_PROTO 306
2140#define SSL_F_SSL3_GET_RECORD 143 1904#define SSL_F_SSL3_GET_RECORD 143
2141#define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144 1905#define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144
2142#define SSL_F_SSL3_GET_SERVER_DONE 145 1906#define SSL_F_SSL3_GET_SERVER_DONE 145
@@ -2161,12 +1925,10 @@ void ERR_load_SSL_strings(void);
2161#define SSL_F_SSL3_WRITE_PENDING 159 1925#define SSL_F_SSL3_WRITE_PENDING 159
2162#define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT 298 1926#define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT 298
2163#define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT 277 1927#define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT 277
2164#define SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT 307
2165#define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215 1928#define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215
2166#define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216 1929#define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216
2167#define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT 299 1930#define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT 299
2168#define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT 278 1931#define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT 278
2169#define SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT 308
2170#define SSL_F_SSL_BAD_METHOD 160 1932#define SSL_F_SSL_BAD_METHOD 160
2171#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161 1933#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
2172#define SSL_F_SSL_CERT_DUP 221 1934#define SSL_F_SSL_CERT_DUP 221
@@ -2183,7 +1945,6 @@ void ERR_load_SSL_strings(void);
2183#define SSL_F_SSL_CREATE_CIPHER_LIST 166 1945#define SSL_F_SSL_CREATE_CIPHER_LIST 166
2184#define SSL_F_SSL_CTRL 232 1946#define SSL_F_SSL_CTRL 232
2185#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168 1947#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
2186#define SSL_F_SSL_CTX_MAKE_PROFILES 309
2187#define SSL_F_SSL_CTX_NEW 169 1948#define SSL_F_SSL_CTX_NEW 169
2188#define SSL_F_SSL_CTX_SET_CIPHER_LIST 269 1949#define SSL_F_SSL_CTX_SET_CIPHER_LIST 269
2189#define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE 290 1950#define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE 290
@@ -2212,10 +1973,8 @@ void ERR_load_SSL_strings(void);
2212#define SSL_F_SSL_NEW 186 1973#define SSL_F_SSL_NEW 186
2213#define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT 300 1974#define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT 300
2214#define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT 302 1975#define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT 302
2215#define SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT 310
2216#define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT 301 1976#define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT 301
2217#define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT 303 1977#define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT 303
2218#define SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT 311
2219#define SSL_F_SSL_PEEK 270 1978#define SSL_F_SSL_PEEK 270
2220#define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT 281 1979#define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT 281
2221#define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT 282 1980#define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT 282
@@ -2224,7 +1983,6 @@ void ERR_load_SSL_strings(void);
2224#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188 1983#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188
2225#define SSL_F_SSL_SESSION_NEW 189 1984#define SSL_F_SSL_SESSION_NEW 189
2226#define SSL_F_SSL_SESSION_PRINT_FP 190 1985#define SSL_F_SSL_SESSION_PRINT_FP 190
2227#define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 312
2228#define SSL_F_SSL_SESS_CERT_NEW 225 1986#define SSL_F_SSL_SESS_CERT_NEW 225
2229#define SSL_F_SSL_SET_CERT 191 1987#define SSL_F_SSL_SET_CERT 191
2230#define SSL_F_SSL_SET_CIPHER_LIST 271 1988#define SSL_F_SSL_SET_CIPHER_LIST 271
@@ -2238,7 +1996,6 @@ void ERR_load_SSL_strings(void);
2238#define SSL_F_SSL_SET_TRUST 228 1996#define SSL_F_SSL_SET_TRUST 228
2239#define SSL_F_SSL_SET_WFD 196 1997#define SSL_F_SSL_SET_WFD 196
2240#define SSL_F_SSL_SHUTDOWN 224 1998#define SSL_F_SSL_SHUTDOWN 224
2241#define SSL_F_SSL_SRP_CTX_INIT 313
2242#define SSL_F_SSL_UNDEFINED_CONST_FUNCTION 243 1999#define SSL_F_SSL_UNDEFINED_CONST_FUNCTION 243
2243#define SSL_F_SSL_UNDEFINED_FUNCTION 197 2000#define SSL_F_SSL_UNDEFINED_FUNCTION 197
2244#define SSL_F_SSL_UNDEFINED_VOID_FUNCTION 244 2001#define SSL_F_SSL_UNDEFINED_VOID_FUNCTION 244
@@ -2258,8 +2015,6 @@ void ERR_load_SSL_strings(void);
2258#define SSL_F_TLS1_CHANGE_CIPHER_STATE 209 2015#define SSL_F_TLS1_CHANGE_CIPHER_STATE 209
2259#define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT 274 2016#define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT 274
2260#define SSL_F_TLS1_ENC 210 2017#define SSL_F_TLS1_ENC 210
2261#define SSL_F_TLS1_EXPORT_KEYING_MATERIAL 314
2262#define SSL_F_TLS1_HEARTBEAT 315
2263#define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT 275 2018#define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT 275
2264#define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT 276 2019#define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT 276
2265#define SSL_F_TLS1_PRF 284 2020#define SSL_F_TLS1_PRF 284
@@ -2299,13 +2054,6 @@ void ERR_load_SSL_strings(void);
2299#define SSL_R_BAD_RSA_MODULUS_LENGTH 121 2054#define SSL_R_BAD_RSA_MODULUS_LENGTH 121
2300#define SSL_R_BAD_RSA_SIGNATURE 122 2055#define SSL_R_BAD_RSA_SIGNATURE 122
2301#define SSL_R_BAD_SIGNATURE 123 2056#define SSL_R_BAD_SIGNATURE 123
2302#define SSL_R_BAD_SRP_A_LENGTH 347
2303#define SSL_R_BAD_SRP_B_LENGTH 348
2304#define SSL_R_BAD_SRP_G_LENGTH 349
2305#define SSL_R_BAD_SRP_N_LENGTH 350
2306#define SSL_R_BAD_SRP_S_LENGTH 351
2307#define SSL_R_BAD_SRTP_MKI_VALUE 352
2308#define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST 353
2309#define SSL_R_BAD_SSL_FILETYPE 124 2057#define SSL_R_BAD_SSL_FILETYPE 124
2310#define SSL_R_BAD_SSL_SESSION_ID_LENGTH 125 2058#define SSL_R_BAD_SSL_SESSION_ID_LENGTH 125
2311#define SSL_R_BAD_STATE 126 2059#define SSL_R_BAD_STATE 126
@@ -2344,15 +2092,12 @@ void ERR_load_SSL_strings(void);
2344#define SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE 322 2092#define SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE 322
2345#define SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE 323 2093#define SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE 323
2346#define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER 310 2094#define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER 310
2347#define SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST 354
2348#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150 2095#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
2349#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 282 2096#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 282
2350#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151 2097#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151
2351#define SSL_R_EXCESSIVE_MESSAGE_SIZE 152 2098#define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
2352#define SSL_R_EXTRA_DATA_IN_MESSAGE 153 2099#define SSL_R_EXTRA_DATA_IN_MESSAGE 153
2353#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154 2100#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154
2354#define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS 355
2355#define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION 356
2356#define SSL_R_HTTPS_PROXY_REQUEST 155 2101#define SSL_R_HTTPS_PROXY_REQUEST 155
2357#define SSL_R_HTTP_REQUEST 156 2102#define SSL_R_HTTP_REQUEST 156
2358#define SSL_R_ILLEGAL_PADDING 283 2103#define SSL_R_ILLEGAL_PADDING 283
@@ -2361,7 +2106,6 @@ void ERR_load_SSL_strings(void);
2361#define SSL_R_INVALID_COMMAND 280 2106#define SSL_R_INVALID_COMMAND 280
2362#define SSL_R_INVALID_COMPRESSION_ALGORITHM 341 2107#define SSL_R_INVALID_COMPRESSION_ALGORITHM 341
2363#define SSL_R_INVALID_PURPOSE 278 2108#define SSL_R_INVALID_PURPOSE 278
2364#define SSL_R_INVALID_SRP_USERNAME 357
2365#define SSL_R_INVALID_STATUS_RESPONSE 328 2109#define SSL_R_INVALID_STATUS_RESPONSE 328
2366#define SSL_R_INVALID_TICKET_KEYS_LENGTH 325 2110#define SSL_R_INVALID_TICKET_KEYS_LENGTH 325
2367#define SSL_R_INVALID_TRUST 279 2111#define SSL_R_INVALID_TRUST 279
@@ -2391,7 +2135,6 @@ void ERR_load_SSL_strings(void);
2391#define SSL_R_MISSING_RSA_CERTIFICATE 168 2135#define SSL_R_MISSING_RSA_CERTIFICATE 168
2392#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169 2136#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169
2393#define SSL_R_MISSING_RSA_SIGNING_CERT 170 2137#define SSL_R_MISSING_RSA_SIGNING_CERT 170
2394#define SSL_R_MISSING_SRP_PARAM 358
2395#define SSL_R_MISSING_TMP_DH_KEY 171 2138#define SSL_R_MISSING_TMP_DH_KEY 171
2396#define SSL_R_MISSING_TMP_ECDH_KEY 311 2139#define SSL_R_MISSING_TMP_ECDH_KEY 311
2397#define SSL_R_MISSING_TMP_RSA_KEY 172 2140#define SSL_R_MISSING_TMP_RSA_KEY 172
@@ -2421,7 +2164,6 @@ void ERR_load_SSL_strings(void);
2421#define SSL_R_NO_RENEGOTIATION 339 2164#define SSL_R_NO_RENEGOTIATION 339
2422#define SSL_R_NO_REQUIRED_DIGEST 324 2165#define SSL_R_NO_REQUIRED_DIGEST 324
2423#define SSL_R_NO_SHARED_CIPHER 193 2166#define SSL_R_NO_SHARED_CIPHER 193
2424#define SSL_R_NO_SRTP_PROFILES 359
2425#define SSL_R_NO_VERIFY_CALLBACK 194 2167#define SSL_R_NO_VERIFY_CALLBACK 194
2426#define SSL_R_NULL_SSL_CTX 195 2168#define SSL_R_NULL_SSL_CTX 195
2427#define SSL_R_NULL_SSL_METHOD_PASSED 196 2169#define SSL_R_NULL_SSL_METHOD_PASSED 196
@@ -2465,12 +2207,7 @@ void ERR_load_SSL_strings(void);
2465#define SSL_R_SERVERHELLO_TLSEXT 275 2207#define SSL_R_SERVERHELLO_TLSEXT 275
2466#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277 2208#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
2467#define SSL_R_SHORT_READ 219 2209#define SSL_R_SHORT_READ 219
2468#define SSL_R_SIGNATURE_ALGORITHMS_ERROR 360
2469#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220 2210#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
2470#define SSL_R_SRP_A_CALC 361
2471#define SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES 362
2472#define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG 363
2473#define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE 364
2474#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221 2211#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
2475#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 299 2212#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 299
2476#define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT 321 2213#define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT 321
@@ -2515,9 +2252,6 @@ void ERR_load_SSL_strings(void);
2515#define SSL_R_TLSV1_UNRECOGNIZED_NAME 1112 2252#define SSL_R_TLSV1_UNRECOGNIZED_NAME 1112
2516#define SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110 2253#define SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110
2517#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232 2254#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232
2518#define SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT 365
2519#define SSL_R_TLS_HEARTBEAT_PENDING 366
2520#define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
2521#define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157 2255#define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
2522#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233 2256#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
2523#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234 2257#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
@@ -2539,7 +2273,6 @@ void ERR_load_SSL_strings(void);
2539#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 247 2273#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 247
2540#define SSL_R_UNKNOWN_CIPHER_RETURNED 248 2274#define SSL_R_UNKNOWN_CIPHER_RETURNED 248
2541#define SSL_R_UNKNOWN_CIPHER_TYPE 249 2275#define SSL_R_UNKNOWN_CIPHER_TYPE 249
2542#define SSL_R_UNKNOWN_DIGEST 368
2543#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250 2276#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250
2544#define SSL_R_UNKNOWN_PKEY_TYPE 251 2277#define SSL_R_UNKNOWN_PKEY_TYPE 251
2545#define SSL_R_UNKNOWN_PROTOCOL 252 2278#define SSL_R_UNKNOWN_PROTOCOL 252
@@ -2554,14 +2287,12 @@ void ERR_load_SSL_strings(void);
2554#define SSL_R_UNSUPPORTED_PROTOCOL 258 2287#define SSL_R_UNSUPPORTED_PROTOCOL 258
2555#define SSL_R_UNSUPPORTED_SSL_VERSION 259 2288#define SSL_R_UNSUPPORTED_SSL_VERSION 259
2556#define SSL_R_UNSUPPORTED_STATUS_TYPE 329 2289#define SSL_R_UNSUPPORTED_STATUS_TYPE 329
2557#define SSL_R_USE_SRTP_NOT_NEGOTIATED 369
2558#define SSL_R_WRITE_BIO_NOT_SET 260 2290#define SSL_R_WRITE_BIO_NOT_SET 260
2559#define SSL_R_WRONG_CIPHER_RETURNED 261 2291#define SSL_R_WRONG_CIPHER_RETURNED 261
2560#define SSL_R_WRONG_MESSAGE_TYPE 262 2292#define SSL_R_WRONG_MESSAGE_TYPE 262
2561#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 263 2293#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 263
2562#define SSL_R_WRONG_SIGNATURE_LENGTH 264 2294#define SSL_R_WRONG_SIGNATURE_LENGTH 264
2563#define SSL_R_WRONG_SIGNATURE_SIZE 265 2295#define SSL_R_WRONG_SIGNATURE_SIZE 265
2564#define SSL_R_WRONG_SIGNATURE_TYPE 370
2565#define SSL_R_WRONG_SSL_VERSION 266 2296#define SSL_R_WRONG_SSL_VERSION 266
2566#define SSL_R_WRONG_VERSION_NUMBER 267 2297#define SSL_R_WRONG_VERSION_NUMBER 267
2567#define SSL_R_X509_LIB 268 2298#define SSL_R_X509_LIB 268
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-26 00:31:03 +0000