summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/ssl.h')
-rw-r--r--src/lib/libssl/ssl.h539
1 files changed, 156 insertions, 383 deletions
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index e4c3f65010..ff8a128d3c 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -56,7 +56,7 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58/* ==================================================================== 58/* ====================================================================
59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. 59 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
60 * 60 *
61 * Redistribution and use in source and binary forms, with or without 61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions 62 * modification, are permitted provided that the following conditions
@@ -109,35 +109,62 @@
109 * 109 *
110 */ 110 */
111/* ==================================================================== 111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 112 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116/* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
118 * 113 *
119 * The portions of the attached software ("Contribution") is developed by 114 * Redistribution and use in source and binary forms, with or without
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 115 * modification, are permitted provided that the following conditions
121 * license. 116 * are met:
122 * 117 *
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 118 * 1. Redistributions of source code must retain the above copyright
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 119 * notice, this list of conditions and the following disclaimer.
125 * support (see RFC 4279) to OpenSSL.
126 * 120 *
127 * No patent licenses or other rights except those expressly stated in 121 * 2. Redistributions in binary form must reproduce the above copyright
128 * the OpenSSL open source license shall be deemed granted or received 122 * notice, this list of conditions and the following disclaimer in
129 * expressly, by implication, estoppel, or otherwise. 123 * the documentation and/or other materials provided with the
124 * distribution.
130 * 125 *
131 * No assurances are provided by Nokia that the Contribution does not 126 * 3. All advertising materials mentioning features or use of this
132 * infringe the patent or other intellectual property rights of any third 127 * software must display the following acknowledgment:
133 * party or that the license provides you with all the necessary rights 128 * "This product includes software developed by the OpenSSL Project
134 * to make use of the Contribution. 129 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
130 *
131 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
132 * endorse or promote products derived from this software without
133 * prior written permission. For written permission, please contact
134 * openssl-core@openssl.org.
135 *
136 * 5. Products derived from this software may not be called "OpenSSL"
137 * nor may "OpenSSL" appear in their names without prior written
138 * permission of the OpenSSL Project.
139 *
140 * 6. Redistributions of any form whatsoever must retain the following
141 * acknowledgment:
142 * "This product includes software developed by the OpenSSL Project
143 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
144 *
145 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
146 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
147 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
148 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
149 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
150 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
151 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
152 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
153 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
154 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
155 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
156 * OF THE POSSIBILITY OF SUCH DAMAGE.
157 * ====================================================================
158 *
159 * This product includes cryptographic software written by Eric Young
160 * (eay@cryptsoft.com). This product includes software written by Tim
161 * Hudson (tjh@cryptsoft.com).
135 * 162 *
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 163 */
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 164/* ====================================================================
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 165 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 166 * ECC cipher suite support in OpenSSL originally developed by
140 * OTHERWISE. 167 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
141 */ 168 */
142 169
143#ifndef HEADER_SSL_H 170#ifndef HEADER_SSL_H
@@ -221,88 +248,56 @@ extern "C" {
221#define SSL_MAX_KEY_ARG_LENGTH 8 248#define SSL_MAX_KEY_ARG_LENGTH 8
222#define SSL_MAX_MASTER_KEY_LENGTH 48 249#define SSL_MAX_MASTER_KEY_LENGTH 48
223 250
224
225/* These are used to specify which ciphers to use and not to use */ 251/* These are used to specify which ciphers to use and not to use */
226
227#define SSL_TXT_EXP40 "EXPORT40"
228#define SSL_TXT_EXP56 "EXPORT56"
229#define SSL_TXT_LOW "LOW" 252#define SSL_TXT_LOW "LOW"
230#define SSL_TXT_MEDIUM "MEDIUM" 253#define SSL_TXT_MEDIUM "MEDIUM"
231#define SSL_TXT_HIGH "HIGH" 254#define SSL_TXT_HIGH "HIGH"
232#define SSL_TXT_FIPS "FIPS" 255#define SSL_TXT_FIPS "FIPS"
233 256#define SSL_TXT_kFZA "kFZA"
234#define SSL_TXT_kFZA "kFZA" /* unused! */ 257#define SSL_TXT_aFZA "aFZA"
235#define SSL_TXT_aFZA "aFZA" /* unused! */ 258#define SSL_TXT_eFZA "eFZA"
236#define SSL_TXT_eFZA "eFZA" /* unused! */ 259#define SSL_TXT_FZA "FZA"
237#define SSL_TXT_FZA "FZA" /* unused! */
238 260
239#define SSL_TXT_aNULL "aNULL" 261#define SSL_TXT_aNULL "aNULL"
240#define SSL_TXT_eNULL "eNULL" 262#define SSL_TXT_eNULL "eNULL"
241#define SSL_TXT_NULL "NULL" 263#define SSL_TXT_NULL "NULL"
242 264
243#define SSL_TXT_kRSA "kRSA"
244#define SSL_TXT_kDHr "kDHr" /* no such ciphersuites supported! */
245#define SSL_TXT_kDHd "kDHd" /* no such ciphersuites supported! */
246#define SSL_TXT_kDH "kDH" /* no such ciphersuites supported! */
247#define SSL_TXT_kEDH "kEDH"
248#define SSL_TXT_kKRB5 "kKRB5" 265#define SSL_TXT_kKRB5 "kKRB5"
249#define SSL_TXT_kECDHr "kECDHr" 266#define SSL_TXT_aKRB5 "aKRB5"
250#define SSL_TXT_kECDHe "kECDHe" 267#define SSL_TXT_KRB5 "KRB5"
251#define SSL_TXT_kECDH "kECDH"
252#define SSL_TXT_kEECDH "kEECDH"
253#define SSL_TXT_kPSK "kPSK"
254#define SSL_TXT_kGOST "kGOST"
255 268
269#define SSL_TXT_kRSA "kRSA"
270#define SSL_TXT_kDHr "kDHr"
271#define SSL_TXT_kDHd "kDHd"
272#define SSL_TXT_kEDH "kEDH"
256#define SSL_TXT_aRSA "aRSA" 273#define SSL_TXT_aRSA "aRSA"
257#define SSL_TXT_aDSS "aDSS" 274#define SSL_TXT_aDSS "aDSS"
258#define SSL_TXT_aDH "aDH" /* no such ciphersuites supported! */ 275#define SSL_TXT_aDH "aDH"
259#define SSL_TXT_aECDH "aECDH"
260#define SSL_TXT_aKRB5 "aKRB5"
261#define SSL_TXT_aECDSA "aECDSA"
262#define SSL_TXT_aPSK "aPSK"
263#define SSL_TXT_aGOST94 "aGOST94"
264#define SSL_TXT_aGOST01 "aGOST01"
265#define SSL_TXT_aGOST "aGOST"
266
267#define SSL_TXT_DSS "DSS" 276#define SSL_TXT_DSS "DSS"
268#define SSL_TXT_DH "DH" 277#define SSL_TXT_DH "DH"
269#define SSL_TXT_EDH "EDH" /* same as "kEDH:-ADH" */ 278#define SSL_TXT_EDH "EDH"
270#define SSL_TXT_ADH "ADH" 279#define SSL_TXT_ADH "ADH"
271#define SSL_TXT_RSA "RSA" 280#define SSL_TXT_RSA "RSA"
272#define SSL_TXT_ECDH "ECDH"
273#define SSL_TXT_EECDH "EECDH" /* same as "kEECDH:-AECDH" */
274#define SSL_TXT_AECDH "AECDH"
275#define SSL_TXT_ECDSA "ECDSA"
276#define SSL_TXT_KRB5 "KRB5"
277#define SSL_TXT_PSK "PSK"
278
279#define SSL_TXT_DES "DES" 281#define SSL_TXT_DES "DES"
280#define SSL_TXT_3DES "3DES" 282#define SSL_TXT_3DES "3DES"
281#define SSL_TXT_RC4 "RC4" 283#define SSL_TXT_RC4 "RC4"
282#define SSL_TXT_RC2 "RC2" 284#define SSL_TXT_RC2 "RC2"
283#define SSL_TXT_IDEA "IDEA" 285#define SSL_TXT_IDEA "IDEA"
284#define SSL_TXT_SEED "SEED" 286#define SSL_TXT_SEED "SEED"
285#define SSL_TXT_AES128 "AES128"
286#define SSL_TXT_AES256 "AES256"
287#define SSL_TXT_AES "AES" 287#define SSL_TXT_AES "AES"
288#define SSL_TXT_CAMELLIA128 "CAMELLIA128"
289#define SSL_TXT_CAMELLIA256 "CAMELLIA256"
290#define SSL_TXT_CAMELLIA "CAMELLIA" 288#define SSL_TXT_CAMELLIA "CAMELLIA"
291
292#define SSL_TXT_MD5 "MD5" 289#define SSL_TXT_MD5 "MD5"
293#define SSL_TXT_SHA1 "SHA1" 290#define SSL_TXT_SHA1 "SHA1"
294#define SSL_TXT_SHA "SHA" /* same as "SHA1" */ 291#define SSL_TXT_SHA "SHA"
295#define SSL_TXT_GOST94 "GOST94" 292#define SSL_TXT_EXP "EXP"
296#define SSL_TXT_GOST89MAC "GOST89MAC" 293#define SSL_TXT_EXPORT "EXPORT"
297 294#define SSL_TXT_EXP40 "EXPORT40"
295#define SSL_TXT_EXP56 "EXPORT56"
298#define SSL_TXT_SSLV2 "SSLv2" 296#define SSL_TXT_SSLV2 "SSLv2"
299#define SSL_TXT_SSLV3 "SSLv3" 297#define SSL_TXT_SSLV3 "SSLv3"
300#define SSL_TXT_TLSV1 "TLSv1" 298#define SSL_TXT_TLSV1 "TLSv1"
301
302#define SSL_TXT_EXP "EXP"
303#define SSL_TXT_EXPORT "EXPORT"
304
305#define SSL_TXT_ALL "ALL" 299#define SSL_TXT_ALL "ALL"
300#define SSL_TXT_ECC "ECCdraft" /* ECC ciphersuites are not yet official */
306 301
307/* 302/*
308 * COMPLEMENTOF* definitions. These identifiers are used to (de-select) 303 * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
@@ -324,13 +319,7 @@ extern "C" {
324/* The following cipher list is used by default. 319/* The following cipher list is used by default.
325 * It also is substituted when an application-defined cipher list string 320 * It also is substituted when an application-defined cipher list string
326 * starts with 'DEFAULT'. */ 321 * starts with 'DEFAULT'. */
327#define SSL_DEFAULT_CIPHER_LIST "ALL:!aNULL:!eNULL:!SSLv2" 322#define SSL_DEFAULT_CIPHER_LIST "AES:ALL:!aNULL:!eNULL:+RC4:@STRENGTH" /* low priority for RC4 */
328/* As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
329 * starts with a reasonable order, and all we have to do for DEFAULT is
330 * throwing out anonymous and unencrypted ciphersuites!
331 * (The latter are not actually enabled by ALL, but "ALL:RSA" would enable
332 * some of them.)
333 */
334 323
335/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */ 324/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
336#define SSL_SENT_SHUTDOWN 1 325#define SSL_SENT_SHUTDOWN 1
@@ -355,7 +344,6 @@ extern "C" {
355 * 'struct ssl_st *' function parameters used to prototype callbacks 344 * 'struct ssl_st *' function parameters used to prototype callbacks
356 * in SSL_CTX. */ 345 * in SSL_CTX. */
357typedef struct ssl_st *ssl_crock_st; 346typedef struct ssl_st *ssl_crock_st;
358typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT;
359 347
360/* used to hold info on the particular ciphers used */ 348/* used to hold info on the particular ciphers used */
361typedef struct ssl_cipher_st 349typedef struct ssl_cipher_st
@@ -363,25 +351,17 @@ typedef struct ssl_cipher_st
363 int valid; 351 int valid;
364 const char *name; /* text name */ 352 const char *name; /* text name */
365 unsigned long id; /* id, 4 bytes, first is version */ 353 unsigned long id; /* id, 4 bytes, first is version */
366 354 unsigned long algorithms; /* what ciphers are used */
367 /* changed in 0.9.9: these four used to be portions of a single value 'algorithms' */
368 unsigned long algorithm_mkey; /* key exchange algorithm */
369 unsigned long algorithm_auth; /* server authentication */
370 unsigned long algorithm_enc; /* symmetric encryption */
371 unsigned long algorithm_mac; /* symmetric authentication */
372 unsigned long algorithm_ssl; /* (major) protocol version */
373
374 unsigned long algo_strength; /* strength and export flags */ 355 unsigned long algo_strength; /* strength and export flags */
375 unsigned long algorithm2; /* Extra flags */ 356 unsigned long algorithm2; /* Extra flags */
376 int strength_bits; /* Number of bits really used */ 357 int strength_bits; /* Number of bits really used */
377 int alg_bits; /* Number of bits for algorithm */ 358 int alg_bits; /* Number of bits for algorithm */
359 unsigned long mask; /* used for matching */
360 unsigned long mask_strength; /* also used for matching */
378 } SSL_CIPHER; 361 } SSL_CIPHER;
379 362
380DECLARE_STACK_OF(SSL_CIPHER) 363DECLARE_STACK_OF(SSL_CIPHER)
381 364
382typedef int (*tls_session_ticket_ext_cb_fn)(SSL *s, const unsigned char *data, int len, void *arg);
383typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg);
384
385/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ 365/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */
386typedef struct ssl_method_st 366typedef struct ssl_method_st
387 { 367 {
@@ -405,12 +385,12 @@ typedef struct ssl_method_st
405 int (*ssl_dispatch_alert)(SSL *s); 385 int (*ssl_dispatch_alert)(SSL *s);
406 long (*ssl_ctrl)(SSL *s,int cmd,long larg,void *parg); 386 long (*ssl_ctrl)(SSL *s,int cmd,long larg,void *parg);
407 long (*ssl_ctx_ctrl)(SSL_CTX *ctx,int cmd,long larg,void *parg); 387 long (*ssl_ctx_ctrl)(SSL_CTX *ctx,int cmd,long larg,void *parg);
408 const SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr); 388 SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr);
409 int (*put_cipher_by_char)(const SSL_CIPHER *cipher,unsigned char *ptr); 389 int (*put_cipher_by_char)(const SSL_CIPHER *cipher,unsigned char *ptr);
410 int (*ssl_pending)(const SSL *s); 390 int (*ssl_pending)(const SSL *s);
411 int (*num_ciphers)(void); 391 int (*num_ciphers)(void);
412 const SSL_CIPHER *(*get_cipher)(unsigned ncipher); 392 SSL_CIPHER *(*get_cipher)(unsigned ncipher);
413 const struct ssl_method_st *(*get_ssl_method)(int version); 393 struct ssl_method_st *(*get_ssl_method)(int version);
414 long (*get_timeout)(void); 394 long (*get_timeout)(void);
415 struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */ 395 struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */
416 int (*ssl_version)(void); 396 int (*ssl_version)(void);
@@ -422,20 +402,17 @@ typedef struct ssl_method_st
422 * SSL_SESSION_ID ::= SEQUENCE { 402 * SSL_SESSION_ID ::= SEQUENCE {
423 * version INTEGER, -- structure version number 403 * version INTEGER, -- structure version number
424 * SSLversion INTEGER, -- SSL version number 404 * SSLversion INTEGER, -- SSL version number
425 * Cipher OCTET STRING, -- the 3 byte cipher ID 405 * Cipher OCTET_STRING, -- the 3 byte cipher ID
426 * Session_ID OCTET STRING, -- the Session ID 406 * Session_ID OCTET_STRING, -- the Session ID
427 * Master_key OCTET STRING, -- the master key 407 * Master_key OCTET_STRING, -- the master key
428 * KRB5_principal OCTET STRING -- optional Kerberos principal 408 * KRB5_principal OCTET_STRING -- optional Kerberos principal
429 * Key_Arg [ 0 ] IMPLICIT OCTET STRING, -- the optional Key argument 409 * Key_Arg [ 0 ] IMPLICIT OCTET_STRING, -- the optional Key argument
430 * Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time 410 * Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time
431 * Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds 411 * Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds
432 * Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate 412 * Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate
433 * Session_ID_context [ 4 ] EXPLICIT OCTET STRING, -- the Session ID context 413 * Session_ID_context [ 4 ] EXPLICIT OCTET_STRING, -- the Session ID context
434 * Verify_result [ 5 ] EXPLICIT INTEGER, -- X509_V_... code for `Peer' 414 * Verify_result [ 5 ] EXPLICIT INTEGER -- X509_V_... code for `Peer'
435 * HostName [ 6 ] EXPLICIT OCTET STRING, -- optional HostName from servername TLS extension 415 * Compression [6] IMPLICIT ASN1_OBJECT -- compression OID XXXXX
436 * ECPointFormatList [ 7 ] OCTET STRING, -- optional EC point format list from TLS extension
437 * PSK_identity_hint [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
438 * PSK_identity [ 9 ] EXPLICIT OCTET STRING -- optional PSK identity
439 * } 416 * }
440 * Look in ssl/ssl_asn1.c for more details 417 * Look in ssl/ssl_asn1.c for more details
441 * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-). 418 * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
@@ -463,10 +440,7 @@ typedef struct ssl_session_st
463 unsigned int krb5_client_princ_len; 440 unsigned int krb5_client_princ_len;
464 unsigned char krb5_client_princ[SSL_MAX_KRB5_PRINCIPAL_LENGTH]; 441 unsigned char krb5_client_princ[SSL_MAX_KRB5_PRINCIPAL_LENGTH];
465#endif /* OPENSSL_NO_KRB5 */ 442#endif /* OPENSSL_NO_KRB5 */
466#ifndef OPENSSL_NO_PSK 443
467 char *psk_identity_hint;
468 char *psk_identity;
469#endif
470 int not_resumable; 444 int not_resumable;
471 445
472 /* The cert is the certificate used to establish this connection */ 446 /* The cert is the certificate used to establish this connection */
@@ -485,9 +459,9 @@ typedef struct ssl_session_st
485 long timeout; 459 long timeout;
486 long time; 460 long time;
487 461
488 unsigned int compress_meth; /* Need to lookup the method */ 462 int compress_meth; /* Need to lookup the method */
489 463
490 const SSL_CIPHER *cipher; 464 SSL_CIPHER *cipher;
491 unsigned long cipher_id; /* when ASN.1 loaded, this 465 unsigned long cipher_id; /* when ASN.1 loaded, this
492 * needs to be used to load 466 * needs to be used to load
493 * the 'cipher' structure */ 467 * the 'cipher' structure */
@@ -501,12 +475,6 @@ typedef struct ssl_session_st
501 struct ssl_session_st *prev,*next; 475 struct ssl_session_st *prev,*next;
502#ifndef OPENSSL_NO_TLSEXT 476#ifndef OPENSSL_NO_TLSEXT
503 char *tlsext_hostname; 477 char *tlsext_hostname;
504#ifndef OPENSSL_NO_EC
505 size_t tlsext_ecpointformatlist_length;
506 unsigned char *tlsext_ecpointformatlist; /* peer's list */
507 size_t tlsext_ellipticcurvelist_length;
508 unsigned char *tlsext_ellipticcurvelist; /* peer's list */
509#endif /* OPENSSL_NO_EC */
510 /* RFC4507 info */ 478 /* RFC4507 info */
511 unsigned char *tlsext_tick; /* Session ticket */ 479 unsigned char *tlsext_tick; /* Session ticket */
512 size_t tlsext_ticklen; /* Session ticket length */ 480 size_t tlsext_ticklen; /* Session ticket length */
@@ -517,8 +485,6 @@ typedef struct ssl_session_st
517 485
518#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L 486#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L
519#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L 487#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L
520/* Allow initial connection to servers that don't support RI */
521#define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L
522#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L 488#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L
523#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L 489#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L
524#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L 490#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L
@@ -536,7 +502,7 @@ typedef struct ssl_session_st
536 502
537/* SSL_OP_ALL: various bug workarounds that should be rather harmless. 503/* SSL_OP_ALL: various bug workarounds that should be rather harmless.
538 * This used to be 0x000FFFFFL before 0.9.7. */ 504 * This used to be 0x000FFFFFL before 0.9.7. */
539#define SSL_OP_ALL 0x80000FFFL 505#define SSL_OP_ALL 0x00000FFFL
540 506
541/* DTLS options */ 507/* DTLS options */
542#define SSL_OP_NO_QUERY_MTU 0x00001000L 508#define SSL_OP_NO_QUERY_MTU 0x00001000L
@@ -544,15 +510,9 @@ typedef struct ssl_session_st
544#define SSL_OP_COOKIE_EXCHANGE 0x00002000L 510#define SSL_OP_COOKIE_EXCHANGE 0x00002000L
545/* Don't use RFC4507 ticket extension */ 511/* Don't use RFC4507 ticket extension */
546#define SSL_OP_NO_TICKET 0x00004000L 512#define SSL_OP_NO_TICKET 0x00004000L
547/* Use Cisco's "speshul" version of DTLS_BAD_VER (as client) */
548#define SSL_OP_CISCO_ANYCONNECT 0x00008000L
549 513
550/* As server, disallow session resumption on renegotiation */ 514/* As server, disallow session resumption on renegotiation */
551#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L 515#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L
552/* Don't use compression even if supported */
553#define SSL_OP_NO_COMPRESSION 0x00020000L
554/* Permit unsafe legacy renegotiation */
555#define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L
556/* If set, always create a new key when using tmp_ecdh parameters */ 516/* If set, always create a new key when using tmp_ecdh parameters */
557#define SSL_OP_SINGLE_ECDH_USE 0x00080000L 517#define SSL_OP_SINGLE_ECDH_USE 0x00080000L
558/* If set, always create a new key when using tmp_dh parameters */ 518/* If set, always create a new key when using tmp_dh parameters */
@@ -579,11 +539,7 @@ typedef struct ssl_session_st
579#define SSL_OP_PKCS1_CHECK_2 0x10000000L 539#define SSL_OP_PKCS1_CHECK_2 0x10000000L
580#define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L 540#define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L
581#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x40000000L 541#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x40000000L
582/* Make server add server-hello extension from early version of 542
583 * cryptopro draft, when GOST ciphersuite is negotiated.
584 * Required for interoperability with CryptoPro CSP 3.x
585 */
586#define SSL_OP_CRYPTOPRO_TLSEXT_BUG 0x80000000L
587 543
588/* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success 544/* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
589 * when just a single record has been written): */ 545 * when just a single record has been written): */
@@ -598,35 +554,24 @@ typedef struct ssl_session_st
598#define SSL_MODE_AUTO_RETRY 0x00000004L 554#define SSL_MODE_AUTO_RETRY 0x00000004L
599/* Don't attempt to automatically build certificate chain */ 555/* Don't attempt to automatically build certificate chain */
600#define SSL_MODE_NO_AUTO_CHAIN 0x00000008L 556#define SSL_MODE_NO_AUTO_CHAIN 0x00000008L
601/* Save RAM by releasing read and write buffers when they're empty. (SSL3 and 557
602 * TLS only.) "Released" buffers are put onto a free-list in the context
603 * or just freed (depending on the context's setting for freelist_max_len). */
604#define SSL_MODE_RELEASE_BUFFERS 0x00000010L
605 558
606/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, 559/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,
607 * they cannot be used to clear bits. */ 560 * they cannot be used to clear bits. */
608 561
609#define SSL_CTX_set_options(ctx,op) \ 562#define SSL_CTX_set_options(ctx,op) \
610 SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL) 563 SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
611#define SSL_CTX_clear_options(ctx,op) \
612 SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
613#define SSL_CTX_get_options(ctx) \ 564#define SSL_CTX_get_options(ctx) \
614 SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL) 565 SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL)
615#define SSL_set_options(ssl,op) \ 566#define SSL_set_options(ssl,op) \
616 SSL_ctrl((ssl),SSL_CTRL_OPTIONS,(op),NULL) 567 SSL_ctrl((ssl),SSL_CTRL_OPTIONS,(op),NULL)
617#define SSL_clear_options(ssl,op) \
618 SSL_ctrl((ssl),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
619#define SSL_get_options(ssl) \ 568#define SSL_get_options(ssl) \
620 SSL_ctrl((ssl),SSL_CTRL_OPTIONS,0,NULL) 569 SSL_ctrl((ssl),SSL_CTRL_OPTIONS,0,NULL)
621 570
622#define SSL_CTX_set_mode(ctx,op) \ 571#define SSL_CTX_set_mode(ctx,op) \
623 SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL) 572 SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
624#define SSL_CTX_clear_mode(ctx,op) \
625 SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
626#define SSL_CTX_get_mode(ctx) \ 573#define SSL_CTX_get_mode(ctx) \
627 SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL) 574 SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL)
628#define SSL_clear_mode(ssl,op) \
629 SSL_ctrl((ssl),SSL_CTRL_CLEAR_MODE,(op),NULL)
630#define SSL_set_mode(ssl,op) \ 575#define SSL_set_mode(ssl,op) \
631 SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL) 576 SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
632#define SSL_get_mode(ssl) \ 577#define SSL_get_mode(ssl) \
@@ -634,8 +579,6 @@ typedef struct ssl_session_st
634#define SSL_set_mtu(ssl, mtu) \ 579#define SSL_set_mtu(ssl, mtu) \
635 SSL_ctrl((ssl),SSL_CTRL_SET_MTU,(mtu),NULL) 580 SSL_ctrl((ssl),SSL_CTRL_SET_MTU,(mtu),NULL)
636 581
637#define SSL_get_secure_renegotiation_support(ssl) \
638 SSL_ctrl((ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL)
639 582
640void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)); 583void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
641void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)); 584void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
@@ -680,18 +623,17 @@ typedef struct ssl_comp_st
680 } SSL_COMP; 623 } SSL_COMP;
681 624
682DECLARE_STACK_OF(SSL_COMP) 625DECLARE_STACK_OF(SSL_COMP)
683DECLARE_LHASH_OF(SSL_SESSION);
684 626
685struct ssl_ctx_st 627struct ssl_ctx_st
686 { 628 {
687 const SSL_METHOD *method; 629 SSL_METHOD *method;
688 630
689 STACK_OF(SSL_CIPHER) *cipher_list; 631 STACK_OF(SSL_CIPHER) *cipher_list;
690 /* same as above but sorted for lookup */ 632 /* same as above but sorted for lookup */
691 STACK_OF(SSL_CIPHER) *cipher_list_by_id; 633 STACK_OF(SSL_CIPHER) *cipher_list_by_id;
692 634
693 struct x509_store_st /* X509_STORE */ *cert_store; 635 struct x509_store_st /* X509_STORE */ *cert_store;
694 LHASH_OF(SSL_SESSION) *sessions; 636 struct lhash_st /* LHASH */ *sessions; /* a set of SSL_SESSIONs */
695 /* Most session-ids that will be cached, default is 637 /* Most session-ids that will be cached, default is
696 * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. */ 638 * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. */
697 unsigned long session_cache_size; 639 unsigned long session_cache_size;
@@ -816,12 +758,6 @@ struct ssl_ctx_st
816 758
817 int quiet_shutdown; 759 int quiet_shutdown;
818 760
819 /* Maximum amount of data to send in one fragment.
820 * actual record size can be more than this due to
821 * padding and MAC overheads.
822 */
823 unsigned int max_send_fragment;
824
825#ifndef OPENSSL_ENGINE 761#ifndef OPENSSL_ENGINE
826 /* Engine to pass requests for client certs to 762 /* Engine to pass requests for client certs to
827 */ 763 */
@@ -840,33 +776,14 @@ struct ssl_ctx_st
840 int (*tlsext_ticket_key_cb)(SSL *ssl, 776 int (*tlsext_ticket_key_cb)(SSL *ssl,
841 unsigned char *name, unsigned char *iv, 777 unsigned char *name, unsigned char *iv,
842 EVP_CIPHER_CTX *ectx, 778 EVP_CIPHER_CTX *ectx,
843 HMAC_CTX *hctx, int enc); 779 HMAC_CTX *hctx, int enc);
844 780
845 /* certificate status request info */ 781 /* certificate status request info */
846 /* Callback for status request */ 782 /* Callback for status request */
847 int (*tlsext_status_cb)(SSL *ssl, void *arg); 783 int (*tlsext_status_cb)(SSL *ssl, void *arg);
848 void *tlsext_status_arg; 784 void *tlsext_status_arg;
849
850 /* draft-rescorla-tls-opaque-prf-input-00.txt information */
851 int (*tlsext_opaque_prf_input_callback)(SSL *, void *peerinput, size_t len, void *arg);
852 void *tlsext_opaque_prf_input_callback_arg;
853#endif
854
855#ifndef OPENSSL_NO_PSK
856 char *psk_identity_hint;
857 unsigned int (*psk_client_callback)(SSL *ssl, const char *hint, char *identity,
858 unsigned int max_identity_len, unsigned char *psk,
859 unsigned int max_psk_len);
860 unsigned int (*psk_server_callback)(SSL *ssl, const char *identity,
861 unsigned char *psk, unsigned int max_psk_len);
862#endif 785#endif
863 786
864#ifndef OPENSSL_NO_BUF_FREELISTS
865#define SSL_MAX_BUF_FREELIST_LEN_DEFAULT 32
866 unsigned int freelist_max_len;
867 struct ssl3_buf_freelist_st *wbuf_freelist;
868 struct ssl3_buf_freelist_st *rbuf_freelist;
869#endif
870 }; 787 };
871 788
872#define SSL_SESS_CACHE_OFF 0x0000 789#define SSL_SESS_CACHE_OFF 0x0000
@@ -880,7 +797,7 @@ struct ssl_ctx_st
880#define SSL_SESS_CACHE_NO_INTERNAL \ 797#define SSL_SESS_CACHE_NO_INTERNAL \
881 (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE) 798 (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE)
882 799
883LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx); 800 struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx);
884#define SSL_CTX_sess_number(ctx) \ 801#define SSL_CTX_sess_number(ctx) \
885 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL) 802 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
886#define SSL_CTX_sess_connect(ctx) \ 803#define SSL_CTX_sess_connect(ctx) \
@@ -922,31 +839,6 @@ int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e);
922void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len)); 839void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len));
923void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len)); 840void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len));
924 841
925#ifndef OPENSSL_NO_PSK
926/* the maximum length of the buffer given to callbacks containing the
927 * resulting identity/psk */
928#define PSK_MAX_IDENTITY_LEN 128
929#define PSK_MAX_PSK_LEN 256
930void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
931 unsigned int (*psk_client_callback)(SSL *ssl, const char *hint,
932 char *identity, unsigned int max_identity_len, unsigned char *psk,
933 unsigned int max_psk_len));
934void SSL_set_psk_client_callback(SSL *ssl,
935 unsigned int (*psk_client_callback)(SSL *ssl, const char *hint,
936 char *identity, unsigned int max_identity_len, unsigned char *psk,
937 unsigned int max_psk_len));
938void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
939 unsigned int (*psk_server_callback)(SSL *ssl, const char *identity,
940 unsigned char *psk, unsigned int max_psk_len));
941void SSL_set_psk_server_callback(SSL *ssl,
942 unsigned int (*psk_server_callback)(SSL *ssl, const char *identity,
943 unsigned char *psk, unsigned int max_psk_len));
944int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint);
945int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint);
946const char *SSL_get_psk_identity_hint(const SSL *s);
947const char *SSL_get_psk_identity(const SSL *s);
948#endif
949
950#define SSL_NOTHING 1 842#define SSL_NOTHING 1
951#define SSL_WRITING 2 843#define SSL_WRITING 2
952#define SSL_READING 3 844#define SSL_READING 3
@@ -958,9 +850,6 @@ const char *SSL_get_psk_identity(const SSL *s);
958#define SSL_want_write(s) (SSL_want(s) == SSL_WRITING) 850#define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
959#define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP) 851#define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
960 852
961#define SSL_MAC_FLAG_READ_MAC_STREAM 1
962#define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
963
964struct ssl_st 853struct ssl_st
965 { 854 {
966 /* protocol version 855 /* protocol version
@@ -969,7 +858,7 @@ struct ssl_st
969 int version; 858 int version;
970 int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */ 859 int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */
971 860
972 const SSL_METHOD *method; /* SSLv3 */ 861 SSL_METHOD *method; /* SSLv3 */
973 862
974 /* There are 2 BIO's even though they are normally both the 863 /* There are 2 BIO's even though they are normally both the
975 * same. This is so data can be read and written to different 864 * same. This is so data can be read and written to different
@@ -1052,9 +941,9 @@ struct ssl_st
1052 941
1053 /* These are the ones being used, the ones in SSL_SESSION are 942 /* These are the ones being used, the ones in SSL_SESSION are
1054 * the ones to be 'copied' into these ones */ 943 * the ones to be 'copied' into these ones */
1055 int mac_flags; 944
1056 EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */ 945 EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
1057 EVP_MD_CTX *read_hash; /* used for mac generation */ 946 const EVP_MD *read_hash; /* used for mac generation */
1058#ifndef OPENSSL_NO_COMP 947#ifndef OPENSSL_NO_COMP
1059 COMP_CTX *expand; /* uncompress */ 948 COMP_CTX *expand; /* uncompress */
1060#else 949#else
@@ -1062,7 +951,7 @@ struct ssl_st
1062#endif 951#endif
1063 952
1064 EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */ 953 EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
1065 EVP_MD_CTX *write_hash; /* used for mac generation */ 954 const EVP_MD *write_hash; /* used for mac generation */
1066#ifndef OPENSSL_NO_COMP 955#ifndef OPENSSL_NO_COMP
1067 COMP_CTX *compress; /* compression */ 956 COMP_CTX *compress; /* compression */
1068#else 957#else
@@ -1100,14 +989,6 @@ struct ssl_st
1100 KSSL_CTX *kssl_ctx; /* Kerberos 5 context */ 989 KSSL_CTX *kssl_ctx; /* Kerberos 5 context */
1101#endif /* OPENSSL_NO_KRB5 */ 990#endif /* OPENSSL_NO_KRB5 */
1102 991
1103#ifndef OPENSSL_NO_PSK
1104 unsigned int (*psk_client_callback)(SSL *ssl, const char *hint, char *identity,
1105 unsigned int max_identity_len, unsigned char *psk,
1106 unsigned int max_psk_len);
1107 unsigned int (*psk_server_callback)(SSL *ssl, const char *identity,
1108 unsigned char *psk, unsigned int max_psk_len);
1109#endif
1110
1111 SSL_CTX *ctx; 992 SSL_CTX *ctx;
1112 /* set this flag to 1 and a sleep(1) is put into all SSL_read() 993 /* set this flag to 1 and a sleep(1) is put into all SSL_read()
1113 * and SSL_write() calls, good for nbio debuging :-) */ 994 * and SSL_write() calls, good for nbio debuging :-) */
@@ -1127,7 +1008,6 @@ struct ssl_st
1127 int first_packet; 1008 int first_packet;
1128 int client_version; /* what was passed, used for 1009 int client_version; /* what was passed, used for
1129 * SSLv3/TLS rollback check */ 1010 * SSLv3/TLS rollback check */
1130 unsigned int max_send_fragment;
1131#ifndef OPENSSL_NO_TLSEXT 1011#ifndef OPENSSL_NO_TLSEXT
1132 /* TLS extension debug callback */ 1012 /* TLS extension debug callback */
1133 void (*tlsext_debug_cb)(SSL *s, int client_server, int type, 1013 void (*tlsext_debug_cb)(SSL *s, int client_server, int type,
@@ -1154,33 +1034,11 @@ struct ssl_st
1154 1034
1155 /* RFC4507 session ticket expected to be received or sent */ 1035 /* RFC4507 session ticket expected to be received or sent */
1156 int tlsext_ticket_expected; 1036 int tlsext_ticket_expected;
1157#ifndef OPENSSL_NO_EC
1158 size_t tlsext_ecpointformatlist_length;
1159 unsigned char *tlsext_ecpointformatlist; /* our list */
1160 size_t tlsext_ellipticcurvelist_length;
1161 unsigned char *tlsext_ellipticcurvelist; /* our list */
1162#endif /* OPENSSL_NO_EC */
1163
1164 /* draft-rescorla-tls-opaque-prf-input-00.txt information to be used for handshakes */
1165 void *tlsext_opaque_prf_input;
1166 size_t tlsext_opaque_prf_input_len;
1167
1168 /* TLS Session Ticket extension override */
1169 TLS_SESSION_TICKET_EXT *tlsext_session_ticket;
1170
1171 /* TLS Session Ticket extension callback */
1172 tls_session_ticket_ext_cb_fn tls_session_ticket_ext_cb;
1173 void *tls_session_ticket_ext_cb_arg;
1174
1175 /* TLS pre-shared secret session resumption */
1176 tls_session_secret_cb_fn tls_session_secret_cb;
1177 void *tls_session_secret_cb_arg;
1178
1179 SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */ 1037 SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */
1180#define session_ctx initial_ctx 1038#define session_ctx initial_ctx
1181#else 1039#else
1182#define session_ctx ctx 1040#define session_ctx ctx
1183#endif /* OPENSSL_NO_TLSEXT */ 1041#endif
1184 }; 1042 };
1185 1043
1186#ifdef __cplusplus 1044#ifdef __cplusplus
@@ -1287,13 +1145,20 @@ size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
1287#define SSL_get_timeout(a) SSL_SESSION_get_timeout(a) 1145#define SSL_get_timeout(a) SSL_SESSION_get_timeout(a)
1288#define SSL_set_timeout(a,b) SSL_SESSION_set_timeout((a),(b)) 1146#define SSL_set_timeout(a,b) SSL_SESSION_set_timeout((a),(b))
1289 1147
1148#if 1 /*SSLEAY_MACROS*/
1290#define d2i_SSL_SESSION_bio(bp,s_id) ASN1_d2i_bio_of(SSL_SESSION,SSL_SESSION_new,d2i_SSL_SESSION,bp,s_id) 1149#define d2i_SSL_SESSION_bio(bp,s_id) ASN1_d2i_bio_of(SSL_SESSION,SSL_SESSION_new,d2i_SSL_SESSION,bp,s_id)
1291#define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio_of(SSL_SESSION,i2d_SSL_SESSION,bp,s_id) 1150#define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio_of(SSL_SESSION,i2d_SSL_SESSION,bp,s_id)
1151#define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \
1152 (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u)
1153#define PEM_read_bio_SSL_SESSION(bp,x,cb,u) PEM_ASN1_read_bio_of(SSL_SESSION,d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,x,cb,u)
1154#define PEM_write_SSL_SESSION(fp,x) \
1155 PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
1156 PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL)
1157#define PEM_write_bio_SSL_SESSION(bp,x) \
1158 PEM_ASN1_write_bio_of(SSL_SESSION,i2d_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,x,NULL,NULL,0,NULL,NULL)
1159#endif
1292 1160
1293DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) 1161#define SSL_AD_REASON_OFFSET 1000
1294
1295#define SSL_AD_REASON_OFFSET 1000 /* offset to get SSL_R_... value from SSL_AD_... */
1296
1297/* These alert types are for SSLv3 and TLSv1 */ 1162/* These alert types are for SSLv3 and TLSv1 */
1298#define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY 1163#define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY
1299#define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE /* fatal */ 1164#define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE /* fatal */
@@ -1323,8 +1188,6 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
1323#define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE 1188#define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE
1324#define SSL_AD_UNRECOGNIZED_NAME TLS1_AD_UNRECOGNIZED_NAME 1189#define SSL_AD_UNRECOGNIZED_NAME TLS1_AD_UNRECOGNIZED_NAME
1325#define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 1190#define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE
1326#define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE
1327#define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY /* fatal */
1328 1191
1329#define SSL_ERROR_NONE 0 1192#define SSL_ERROR_NONE 0
1330#define SSL_ERROR_SSL 1 1193#define SSL_ERROR_SSL 1
@@ -1383,8 +1246,6 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
1383#define SSL_CTRL_GET_MAX_CERT_LIST 50 1246#define SSL_CTRL_GET_MAX_CERT_LIST 50
1384#define SSL_CTRL_SET_MAX_CERT_LIST 51 1247#define SSL_CTRL_SET_MAX_CERT_LIST 51
1385 1248
1386#define SSL_CTRL_SET_MAX_SEND_FRAGMENT 52
1387
1388/* see tls1.h for macros based on these */ 1249/* see tls1.h for macros based on these */
1389#ifndef OPENSSL_NO_TLSEXT 1250#ifndef OPENSSL_NO_TLSEXT
1390#define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53 1251#define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53
@@ -1394,9 +1255,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
1394#define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57 1255#define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57
1395#define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58 1256#define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58
1396#define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59 1257#define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59
1397#define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT 60 1258
1398#define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB 61
1399#define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG 62
1400#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB 63 1259#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB 63
1401#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG 64 1260#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG 64
1402#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65 1261#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65
@@ -1410,21 +1269,6 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
1410#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72 1269#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72
1411#endif 1270#endif
1412 1271
1413#define DTLS_CTRL_GET_TIMEOUT 73
1414#define DTLS_CTRL_HANDLE_TIMEOUT 74
1415#define DTLS_CTRL_LISTEN 75
1416
1417#define SSL_CTRL_GET_RI_SUPPORT 76
1418#define SSL_CTRL_CLEAR_OPTIONS 77
1419#define SSL_CTRL_CLEAR_MODE 78
1420
1421#define DTLSv1_get_timeout(ssl, arg) \
1422 SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
1423#define DTLSv1_handle_timeout(ssl) \
1424 SSL_ctrl(ssl,DTLS_CTRL_HANDLE_TIMEOUT,0, NULL)
1425#define DTLSv1_listen(ssl, peer) \
1426 SSL_ctrl(ssl,DTLS_CTRL_LISTEN,0, (void *)peer)
1427
1428#define SSL_session_reused(ssl) \ 1272#define SSL_session_reused(ssl) \
1429 SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL) 1273 SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
1430#define SSL_num_renegotiations(ssl) \ 1274#define SSL_num_renegotiations(ssl) \
@@ -1466,7 +1310,7 @@ void BIO_ssl_shutdown(BIO *ssl_bio);
1466#endif 1310#endif
1467 1311
1468int SSL_CTX_set_cipher_list(SSL_CTX *,const char *str); 1312int SSL_CTX_set_cipher_list(SSL_CTX *,const char *str);
1469SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth); 1313SSL_CTX *SSL_CTX_new(SSL_METHOD *meth);
1470void SSL_CTX_free(SSL_CTX *); 1314void SSL_CTX_free(SSL_CTX *);
1471long SSL_CTX_set_timeout(SSL_CTX *ctx,long t); 1315long SSL_CTX_set_timeout(SSL_CTX *ctx,long t);
1472long SSL_CTX_get_timeout(const SSL_CTX *ctx); 1316long SSL_CTX_get_timeout(const SSL_CTX *ctx);
@@ -1477,7 +1321,7 @@ int SSL_clear(SSL *s);
1477 1321
1478void SSL_CTX_flush_sessions(SSL_CTX *ctx,long tm); 1322void SSL_CTX_flush_sessions(SSL_CTX *ctx,long tm);
1479 1323
1480const SSL_CIPHER *SSL_get_current_cipher(const SSL *s); 1324SSL_CIPHER *SSL_get_current_cipher(const SSL *s);
1481int SSL_CIPHER_get_bits(const SSL_CIPHER *c,int *alg_bits); 1325int SSL_CIPHER_get_bits(const SSL_CIPHER *c,int *alg_bits);
1482char * SSL_CIPHER_get_version(const SSL_CIPHER *c); 1326char * SSL_CIPHER_get_version(const SSL_CIPHER *c);
1483const char * SSL_CIPHER_get_name(const SSL_CIPHER *c); 1327const char * SSL_CIPHER_get_name(const SSL_CIPHER *c);
@@ -1548,8 +1392,9 @@ long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
1548void SSL_copy_session_id(SSL *to,const SSL *from); 1392void SSL_copy_session_id(SSL *to,const SSL *from);
1549 1393
1550SSL_SESSION *SSL_SESSION_new(void); 1394SSL_SESSION *SSL_SESSION_new(void);
1551const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, 1395unsigned long SSL_SESSION_hash(const SSL_SESSION *a);
1552 unsigned int *len); 1396int SSL_SESSION_cmp(const SSL_SESSION *a,const SSL_SESSION *b);
1397const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len);
1553#ifndef OPENSSL_NO_FP_API 1398#ifndef OPENSSL_NO_FP_API
1554int SSL_SESSION_print_fp(FILE *fp,const SSL_SESSION *ses); 1399int SSL_SESSION_print_fp(FILE *fp,const SSL_SESSION *ses);
1555#endif 1400#endif
@@ -1609,9 +1454,6 @@ int SSL_set_purpose(SSL *s, int purpose);
1609int SSL_CTX_set_trust(SSL_CTX *s, int trust); 1454int SSL_CTX_set_trust(SSL_CTX *s, int trust);
1610int SSL_set_trust(SSL *s, int trust); 1455int SSL_set_trust(SSL *s, int trust);
1611 1456
1612int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm);
1613int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);
1614
1615void SSL_free(SSL *ssl); 1457void SSL_free(SSL *ssl);
1616int SSL_accept(SSL *ssl); 1458int SSL_accept(SSL *ssl);
1617int SSL_connect(SSL *ssl); 1459int SSL_connect(SSL *ssl);
@@ -1627,29 +1469,27 @@ int SSL_get_error(const SSL *s,int ret_code);
1627const char *SSL_get_version(const SSL *s); 1469const char *SSL_get_version(const SSL *s);
1628 1470
1629/* This sets the 'default' SSL version that SSL_new() will create */ 1471/* This sets the 'default' SSL version that SSL_new() will create */
1630int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth); 1472int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth);
1631 1473
1632#ifndef OPENSSL_NO_SSL2 1474SSL_METHOD *SSLv2_method(void); /* SSLv2 */
1633const SSL_METHOD *SSLv2_method(void); /* SSLv2 */ 1475SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
1634const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */ 1476SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
1635const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
1636#endif
1637 1477
1638const SSL_METHOD *SSLv3_method(void); /* SSLv3 */ 1478SSL_METHOD *SSLv3_method(void); /* SSLv3 */
1639const SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */ 1479SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */
1640const SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */ 1480SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */
1641 1481
1642const SSL_METHOD *SSLv23_method(void); /* SSLv3 but can rollback to v2 */ 1482SSL_METHOD *SSLv23_method(void); /* SSLv3 but can rollback to v2 */
1643const SSL_METHOD *SSLv23_server_method(void); /* SSLv3 but can rollback to v2 */ 1483SSL_METHOD *SSLv23_server_method(void); /* SSLv3 but can rollback to v2 */
1644const SSL_METHOD *SSLv23_client_method(void); /* SSLv3 but can rollback to v2 */ 1484SSL_METHOD *SSLv23_client_method(void); /* SSLv3 but can rollback to v2 */
1645 1485
1646const SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */ 1486SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */
1647const SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */ 1487SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
1648const SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */ 1488SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */
1649 1489
1650const SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */ 1490SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */
1651const SSL_METHOD *DTLSv1_server_method(void); /* DTLSv1.0 */ 1491SSL_METHOD *DTLSv1_server_method(void); /* DTLSv1.0 */
1652const SSL_METHOD *DTLSv1_client_method(void); /* DTLSv1.0 */ 1492SSL_METHOD *DTLSv1_client_method(void); /* DTLSv1.0 */
1653 1493
1654STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s); 1494STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s);
1655 1495
@@ -1658,8 +1498,8 @@ int SSL_renegotiate(SSL *s);
1658int SSL_renegotiate_pending(SSL *s); 1498int SSL_renegotiate_pending(SSL *s);
1659int SSL_shutdown(SSL *s); 1499int SSL_shutdown(SSL *s);
1660 1500
1661const SSL_METHOD *SSL_get_ssl_method(SSL *s); 1501SSL_METHOD *SSL_get_ssl_method(SSL *s);
1662int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method); 1502int SSL_set_ssl_method(SSL *s,SSL_METHOD *method);
1663const char *SSL_alert_type_string_long(int value); 1503const char *SSL_alert_type_string_long(int value);
1664const char *SSL_alert_type_string(int value); 1504const char *SSL_alert_type_string(int value);
1665const char *SSL_alert_desc_string_long(int value); 1505const char *SSL_alert_desc_string_long(int value);
@@ -1679,7 +1519,7 @@ long SSL_get_default_timeout(const SSL *s);
1679 1519
1680int SSL_library_init(void ); 1520int SSL_library_init(void );
1681 1521
1682char *SSL_CIPHER_description(const SSL_CIPHER *,char *buf,int size); 1522char *SSL_CIPHER_description(SSL_CIPHER *,char *buf,int size);
1683STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk); 1523STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);
1684 1524
1685SSL *SSL_dup(SSL *ssl); 1525SSL *SSL_dup(SSL *ssl);
@@ -1751,11 +1591,6 @@ int SSL_get_ex_data_X509_STORE_CTX_idx(void );
1751#define SSL_set_max_cert_list(ssl,m) \ 1591#define SSL_set_max_cert_list(ssl,m) \
1752 SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL) 1592 SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
1753 1593
1754#define SSL_CTX_set_max_send_fragment(ctx,m) \
1755 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
1756#define SSL_set_max_send_fragment(ssl,m) \
1757 SSL_ctrl(ssl,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
1758
1759 /* NB: the keylength is only applicable when is_export is true */ 1594 /* NB: the keylength is only applicable when is_export is true */
1760#ifndef OPENSSL_NO_RSA 1595#ifndef OPENSSL_NO_RSA
1761void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, 1596void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
@@ -1797,15 +1632,6 @@ void *SSL_COMP_get_compression_methods(void);
1797int SSL_COMP_add_compression_method(int id,void *cm); 1632int SSL_COMP_add_compression_method(int id,void *cm);
1798#endif 1633#endif
1799 1634
1800/* TLS extensions functions */
1801int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len);
1802
1803int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
1804 void *arg);
1805
1806/* Pre-shared secret session resumption functions */
1807int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg);
1808
1809/* BEGIN ERROR CODES */ 1635/* BEGIN ERROR CODES */
1810/* The following lines are auto generated by the script mkerr.pl. Any changes 1636/* The following lines are auto generated by the script mkerr.pl. Any changes
1811 * made after this point may be overwritten when the script is next run. 1637 * made after this point may be overwritten when the script is next run.
@@ -1823,7 +1649,6 @@ void ERR_load_SSL_strings(void);
1823#define SSL_F_DO_DTLS1_WRITE 245 1649#define SSL_F_DO_DTLS1_WRITE 245
1824#define SSL_F_DO_SSL3_WRITE 104 1650#define SSL_F_DO_SSL3_WRITE 104
1825#define SSL_F_DTLS1_ACCEPT 246 1651#define SSL_F_DTLS1_ACCEPT 246
1826#define SSL_F_DTLS1_ADD_CERT_TO_BUF 295
1827#define SSL_F_DTLS1_BUFFER_RECORD 247 1652#define SSL_F_DTLS1_BUFFER_RECORD 247
1828#define SSL_F_DTLS1_CLIENT_HELLO 248 1653#define SSL_F_DTLS1_CLIENT_HELLO 248
1829#define SSL_F_DTLS1_CONNECT 249 1654#define SSL_F_DTLS1_CONNECT 249
@@ -1832,9 +1657,8 @@ void ERR_load_SSL_strings(void);
1832#define SSL_F_DTLS1_GET_MESSAGE 252 1657#define SSL_F_DTLS1_GET_MESSAGE 252
1833#define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT 253 1658#define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT 253
1834#define SSL_F_DTLS1_GET_RECORD 254 1659#define SSL_F_DTLS1_GET_RECORD 254
1835#define SSL_F_DTLS1_HANDLE_TIMEOUT 297
1836#define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 255 1660#define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 255
1837#define SSL_F_DTLS1_PREPROCESS_FRAGMENT 288 1661#define SSL_F_DTLS1_PREPROCESS_FRAGMENT 277
1838#define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256 1662#define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256
1839#define SSL_F_DTLS1_PROCESS_RECORD 257 1663#define SSL_F_DTLS1_PROCESS_RECORD 257
1840#define SSL_F_DTLS1_READ_BYTES 258 1664#define SSL_F_DTLS1_READ_BYTES 258
@@ -1878,7 +1702,6 @@ void ERR_load_SSL_strings(void);
1878#define SSL_F_SSL2_SET_CERTIFICATE 126 1702#define SSL_F_SSL2_SET_CERTIFICATE 126
1879#define SSL_F_SSL2_WRITE 127 1703#define SSL_F_SSL2_WRITE 127
1880#define SSL_F_SSL3_ACCEPT 128 1704#define SSL_F_SSL3_ACCEPT 128
1881#define SSL_F_SSL3_ADD_CERT_TO_BUF 296
1882#define SSL_F_SSL3_CALLBACK_CTRL 233 1705#define SSL_F_SSL3_CALLBACK_CTRL 233
1883#define SSL_F_SSL3_CHANGE_CIPHER_STATE 129 1706#define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
1884#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130 1707#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
@@ -1886,12 +1709,11 @@ void ERR_load_SSL_strings(void);
1886#define SSL_F_SSL3_CONNECT 132 1709#define SSL_F_SSL3_CONNECT 132
1887#define SSL_F_SSL3_CTRL 213 1710#define SSL_F_SSL3_CTRL 213
1888#define SSL_F_SSL3_CTX_CTRL 133 1711#define SSL_F_SSL3_CTX_CTRL 133
1889#define SSL_F_SSL3_DIGEST_CACHED_RECORDS 293 1712#define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC 279
1890#define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC 292
1891#define SSL_F_SSL3_ENC 134 1713#define SSL_F_SSL3_ENC 134
1892#define SSL_F_SSL3_GENERATE_KEY_BLOCK 238 1714#define SSL_F_SSL3_GENERATE_KEY_BLOCK 238
1893#define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135 1715#define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135
1894#define SSL_F_SSL3_GET_CERT_STATUS 289 1716#define SSL_F_SSL3_GET_CERT_STATUS 288
1895#define SSL_F_SSL3_GET_CERT_VERIFY 136 1717#define SSL_F_SSL3_GET_CERT_VERIFY 136
1896#define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137 1718#define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137
1897#define SSL_F_SSL3_GET_CLIENT_HELLO 138 1719#define SSL_F_SSL3_GET_CLIENT_HELLO 138
@@ -1904,8 +1726,7 @@ void ERR_load_SSL_strings(void);
1904#define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144 1726#define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144
1905#define SSL_F_SSL3_GET_SERVER_DONE 145 1727#define SSL_F_SSL3_GET_SERVER_DONE 145
1906#define SSL_F_SSL3_GET_SERVER_HELLO 146 1728#define SSL_F_SSL3_GET_SERVER_HELLO 146
1907#define SSL_F_SSL3_HANDSHAKE_MAC 285 1729#define SSL_F_SSL3_NEW_SESSION_TICKET 284
1908#define SSL_F_SSL3_NEW_SESSION_TICKET 287
1909#define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147 1730#define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147
1910#define SSL_F_SSL3_PEEK 235 1731#define SSL_F_SSL3_PEEK 235
1911#define SSL_F_SSL3_READ_BYTES 148 1732#define SSL_F_SSL3_READ_BYTES 148
@@ -1917,17 +1738,14 @@ void ERR_load_SSL_strings(void);
1917#define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154 1738#define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154
1918#define SSL_F_SSL3_SEND_SERVER_HELLO 242 1739#define SSL_F_SSL3_SEND_SERVER_HELLO 242
1919#define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155 1740#define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155
1741#define SSL_F_SSL3_SETUP_BUFFERS 156
1920#define SSL_F_SSL3_SETUP_KEY_BLOCK 157 1742#define SSL_F_SSL3_SETUP_KEY_BLOCK 157
1921#define SSL_F_SSL3_SETUP_READ_BUFFER 156
1922#define SSL_F_SSL3_SETUP_WRITE_BUFFER 291
1923#define SSL_F_SSL3_WRITE_BYTES 158 1743#define SSL_F_SSL3_WRITE_BYTES 158
1924#define SSL_F_SSL3_WRITE_PENDING 159 1744#define SSL_F_SSL3_WRITE_PENDING 159
1925#define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT 298 1745#define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT 272
1926#define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT 277
1927#define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215 1746#define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215
1928#define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216 1747#define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216
1929#define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT 299 1748#define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT 273
1930#define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT 278
1931#define SSL_F_SSL_BAD_METHOD 160 1749#define SSL_F_SSL_BAD_METHOD 160
1932#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161 1750#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
1933#define SSL_F_SSL_CERT_DUP 221 1751#define SSL_F_SSL_CERT_DUP 221
@@ -1935,8 +1753,7 @@ void ERR_load_SSL_strings(void);
1935#define SSL_F_SSL_CERT_INSTANTIATE 214 1753#define SSL_F_SSL_CERT_INSTANTIATE 214
1936#define SSL_F_SSL_CERT_NEW 162 1754#define SSL_F_SSL_CERT_NEW 162
1937#define SSL_F_SSL_CHECK_PRIVATE_KEY 163 1755#define SSL_F_SSL_CHECK_PRIVATE_KEY 163
1938#define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT 280 1756#define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT 274
1939#define SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG 279
1940#define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230 1757#define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230
1941#define SSL_F_SSL_CIPHER_STRENGTH_SORT 231 1758#define SSL_F_SSL_CIPHER_STRENGTH_SORT 231
1942#define SSL_F_SSL_CLEAR 164 1759#define SSL_F_SSL_CLEAR 164
@@ -1946,7 +1763,7 @@ void ERR_load_SSL_strings(void);
1946#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168 1763#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
1947#define SSL_F_SSL_CTX_NEW 169 1764#define SSL_F_SSL_CTX_NEW 169
1948#define SSL_F_SSL_CTX_SET_CIPHER_LIST 269 1765#define SSL_F_SSL_CTX_SET_CIPHER_LIST 269
1949#define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE 290 1766#define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE 278
1950#define SSL_F_SSL_CTX_SET_PURPOSE 226 1767#define SSL_F_SSL_CTX_SET_PURPOSE 226
1951#define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219 1768#define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219
1952#define SSL_F_SSL_CTX_SET_SSL_VERSION 170 1769#define SSL_F_SSL_CTX_SET_SSL_VERSION 170
@@ -1958,7 +1775,6 @@ void ERR_load_SSL_strings(void);
1958#define SSL_F_SSL_CTX_USE_PRIVATEKEY 174 1775#define SSL_F_SSL_CTX_USE_PRIVATEKEY 174
1959#define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 175 1776#define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 175
1960#define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 176 1777#define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 176
1961#define SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT 272
1962#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 177 1778#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 177
1963#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 178 1779#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 178
1964#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 179 1780#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 179
@@ -1970,13 +1786,9 @@ void ERR_load_SSL_strings(void);
1970#define SSL_F_SSL_INIT_WBIO_BUFFER 184 1786#define SSL_F_SSL_INIT_WBIO_BUFFER 184
1971#define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185 1787#define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185
1972#define SSL_F_SSL_NEW 186 1788#define SSL_F_SSL_NEW 186
1973#define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT 300
1974#define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT 302
1975#define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT 301
1976#define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT 303
1977#define SSL_F_SSL_PEEK 270 1789#define SSL_F_SSL_PEEK 270
1978#define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT 281 1790#define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT 275
1979#define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT 282 1791#define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT 276
1980#define SSL_F_SSL_READ 223 1792#define SSL_F_SSL_READ 223
1981#define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187 1793#define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187
1982#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188 1794#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188
@@ -1991,7 +1803,6 @@ void ERR_load_SSL_strings(void);
1991#define SSL_F_SSL_SET_RFD 194 1803#define SSL_F_SSL_SET_RFD 194
1992#define SSL_F_SSL_SET_SESSION 195 1804#define SSL_F_SSL_SET_SESSION 195
1993#define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218 1805#define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218
1994#define SSL_F_SSL_SET_SESSION_TICKET_EXT 294
1995#define SSL_F_SSL_SET_TRUST 228 1806#define SSL_F_SSL_SET_TRUST 228
1996#define SSL_F_SSL_SET_WFD 196 1807#define SSL_F_SSL_SET_WFD 196
1997#define SSL_F_SSL_SHUTDOWN 224 1808#define SSL_F_SSL_SHUTDOWN 224
@@ -2004,19 +1815,13 @@ void ERR_load_SSL_strings(void);
2004#define SSL_F_SSL_USE_PRIVATEKEY 201 1815#define SSL_F_SSL_USE_PRIVATEKEY 201
2005#define SSL_F_SSL_USE_PRIVATEKEY_ASN1 202 1816#define SSL_F_SSL_USE_PRIVATEKEY_ASN1 202
2006#define SSL_F_SSL_USE_PRIVATEKEY_FILE 203 1817#define SSL_F_SSL_USE_PRIVATEKEY_FILE 203
2007#define SSL_F_SSL_USE_PSK_IDENTITY_HINT 273
2008#define SSL_F_SSL_USE_RSAPRIVATEKEY 204 1818#define SSL_F_SSL_USE_RSAPRIVATEKEY 204
2009#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 205 1819#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 205
2010#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 206 1820#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 206
2011#define SSL_F_SSL_VERIFY_CERT_CHAIN 207 1821#define SSL_F_SSL_VERIFY_CERT_CHAIN 207
2012#define SSL_F_SSL_WRITE 208 1822#define SSL_F_SSL_WRITE 208
2013#define SSL_F_TLS1_CERT_VERIFY_MAC 286
2014#define SSL_F_TLS1_CHANGE_CIPHER_STATE 209 1823#define SSL_F_TLS1_CHANGE_CIPHER_STATE 209
2015#define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT 274
2016#define SSL_F_TLS1_ENC 210 1824#define SSL_F_TLS1_ENC 210
2017#define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT 275
2018#define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT 276
2019#define SSL_F_TLS1_PRF 284
2020#define SSL_F_TLS1_SETUP_KEY_BLOCK 211 1825#define SSL_F_TLS1_SETUP_KEY_BLOCK 211
2021#define SSL_F_WRITE_PENDING 212 1826#define SSL_F_WRITE_PENDING 212
2022 1827
@@ -2037,15 +1842,12 @@ void ERR_load_SSL_strings(void);
2037#define SSL_R_BAD_ECC_CERT 304 1842#define SSL_R_BAD_ECC_CERT 304
2038#define SSL_R_BAD_ECDSA_SIGNATURE 305 1843#define SSL_R_BAD_ECDSA_SIGNATURE 305
2039#define SSL_R_BAD_ECPOINT 306 1844#define SSL_R_BAD_ECPOINT 306
2040#define SSL_R_BAD_HANDSHAKE_LENGTH 332
2041#define SSL_R_BAD_HELLO_REQUEST 105 1845#define SSL_R_BAD_HELLO_REQUEST 105
2042#define SSL_R_BAD_LENGTH 271 1846#define SSL_R_BAD_LENGTH 271
2043#define SSL_R_BAD_MAC_DECODE 113 1847#define SSL_R_BAD_MAC_DECODE 113
2044#define SSL_R_BAD_MAC_LENGTH 333
2045#define SSL_R_BAD_MESSAGE_TYPE 114 1848#define SSL_R_BAD_MESSAGE_TYPE 114
2046#define SSL_R_BAD_PACKET_LENGTH 115 1849#define SSL_R_BAD_PACKET_LENGTH 115
2047#define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116 1850#define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116
2048#define SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH 316
2049#define SSL_R_BAD_RESPONSE_ARGUMENT 117 1851#define SSL_R_BAD_RESPONSE_ARGUMENT 117
2050#define SSL_R_BAD_RSA_DECRYPT 118 1852#define SSL_R_BAD_RSA_DECRYPT 118
2051#define SSL_R_BAD_RSA_ENCRYPT 119 1853#define SSL_R_BAD_RSA_ENCRYPT 119
@@ -2069,9 +1871,8 @@ void ERR_load_SSL_strings(void);
2069#define SSL_R_CIPHER_CODE_WRONG_LENGTH 137 1871#define SSL_R_CIPHER_CODE_WRONG_LENGTH 137
2070#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138 1872#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138
2071#define SSL_R_CIPHER_TABLE_SRC_ERROR 139 1873#define SSL_R_CIPHER_TABLE_SRC_ERROR 139
2072#define SSL_R_CLIENTHELLO_TLSEXT 226 1874#define SSL_R_CLIENTHELLO_TLSEXT 157
2073#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140 1875#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140
2074#define SSL_R_COMPRESSION_DISABLED 343
2075#define SSL_R_COMPRESSION_FAILURE 141 1876#define SSL_R_COMPRESSION_FAILURE 141
2076#define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE 307 1877#define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE 307
2077#define SSL_R_COMPRESSION_LIBRARY_ERROR 142 1878#define SSL_R_COMPRESSION_LIBRARY_ERROR 142
@@ -2084,12 +1885,7 @@ void ERR_load_SSL_strings(void);
2084#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 281 1885#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 281
2085#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148 1886#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148
2086#define SSL_R_DIGEST_CHECK_FAILED 149 1887#define SSL_R_DIGEST_CHECK_FAILED 149
2087#define SSL_R_DTLS_MESSAGE_TOO_BIG 334
2088#define SSL_R_DUPLICATE_COMPRESSION_ID 309 1888#define SSL_R_DUPLICATE_COMPRESSION_ID 309
2089#define SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT 317
2090#define SSL_R_ECC_CERT_NOT_FOR_SIGNING 318
2091#define SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE 322
2092#define SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE 323
2093#define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER 310 1889#define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER 310
2094#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150 1890#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
2095#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 282 1891#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 282
@@ -2100,13 +1896,11 @@ void ERR_load_SSL_strings(void);
2100#define SSL_R_HTTPS_PROXY_REQUEST 155 1896#define SSL_R_HTTPS_PROXY_REQUEST 155
2101#define SSL_R_HTTP_REQUEST 156 1897#define SSL_R_HTTP_REQUEST 156
2102#define SSL_R_ILLEGAL_PADDING 283 1898#define SSL_R_ILLEGAL_PADDING 283
2103#define SSL_R_INCONSISTENT_COMPRESSION 340
2104#define SSL_R_INVALID_CHALLENGE_LENGTH 158 1899#define SSL_R_INVALID_CHALLENGE_LENGTH 158
2105#define SSL_R_INVALID_COMMAND 280 1900#define SSL_R_INVALID_COMMAND 280
2106#define SSL_R_INVALID_COMPRESSION_ALGORITHM 341
2107#define SSL_R_INVALID_PURPOSE 278 1901#define SSL_R_INVALID_PURPOSE 278
2108#define SSL_R_INVALID_STATUS_RESPONSE 328 1902#define SSL_R_INVALID_STATUS_RESPONSE 316
2109#define SSL_R_INVALID_TICKET_KEYS_LENGTH 325 1903#define SSL_R_INVALID_TICKET_KEYS_LENGTH 275
2110#define SSL_R_INVALID_TRUST 279 1904#define SSL_R_INVALID_TRUST 279
2111#define SSL_R_KEY_ARG_TOO_LONG 284 1905#define SSL_R_KEY_ARG_TOO_LONG 284
2112#define SSL_R_KRB5 285 1906#define SSL_R_KRB5 285
@@ -2150,27 +1944,22 @@ void ERR_load_SSL_strings(void);
2150#define SSL_R_NO_CIPHERS_SPECIFIED 183 1944#define SSL_R_NO_CIPHERS_SPECIFIED 183
2151#define SSL_R_NO_CIPHER_LIST 184 1945#define SSL_R_NO_CIPHER_LIST 184
2152#define SSL_R_NO_CIPHER_MATCH 185 1946#define SSL_R_NO_CIPHER_MATCH 185
2153#define SSL_R_NO_CLIENT_CERT_METHOD 331 1947#define SSL_R_NO_CLIENT_CERT_METHOD 317
2154#define SSL_R_NO_CLIENT_CERT_RECEIVED 186 1948#define SSL_R_NO_CLIENT_CERT_RECEIVED 186
2155#define SSL_R_NO_COMPRESSION_SPECIFIED 187 1949#define SSL_R_NO_COMPRESSION_SPECIFIED 187
2156#define SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER 330
2157#define SSL_R_NO_METHOD_SPECIFIED 188 1950#define SSL_R_NO_METHOD_SPECIFIED 188
2158#define SSL_R_NO_PRIVATEKEY 189 1951#define SSL_R_NO_PRIVATEKEY 189
2159#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190 1952#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190
2160#define SSL_R_NO_PROTOCOLS_AVAILABLE 191 1953#define SSL_R_NO_PROTOCOLS_AVAILABLE 191
2161#define SSL_R_NO_PUBLICKEY 192 1954#define SSL_R_NO_PUBLICKEY 192
2162#define SSL_R_NO_RENEGOTIATION 339
2163#define SSL_R_NO_REQUIRED_DIGEST 324
2164#define SSL_R_NO_SHARED_CIPHER 193 1955#define SSL_R_NO_SHARED_CIPHER 193
2165#define SSL_R_NO_VERIFY_CALLBACK 194 1956#define SSL_R_NO_VERIFY_CALLBACK 194
2166#define SSL_R_NULL_SSL_CTX 195 1957#define SSL_R_NULL_SSL_CTX 195
2167#define SSL_R_NULL_SSL_METHOD_PASSED 196 1958#define SSL_R_NULL_SSL_METHOD_PASSED 196
2168#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197 1959#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
2169#define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
2170#define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE 297 1960#define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE 297
2171#define SSL_R_OPAQUE_PRF_INPUT_TOO_LONG 327
2172#define SSL_R_PACKET_LENGTH_TOO_LONG 198 1961#define SSL_R_PACKET_LENGTH_TOO_LONG 198
2173#define SSL_R_PARSE_TLSEXT 227 1962#define SSL_R_PARSE_TLSEXT 223
2174#define SSL_R_PATH_TOO_LONG 270 1963#define SSL_R_PATH_TOO_LONG 270
2175#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199 1964#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199
2176#define SSL_R_PEER_ERROR 200 1965#define SSL_R_PEER_ERROR 200
@@ -2181,9 +1970,6 @@ void ERR_load_SSL_strings(void);
2181#define SSL_R_PRE_MAC_LENGTH_TOO_LONG 205 1970#define SSL_R_PRE_MAC_LENGTH_TOO_LONG 205
2182#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 206 1971#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 206
2183#define SSL_R_PROTOCOL_IS_SHUTDOWN 207 1972#define SSL_R_PROTOCOL_IS_SHUTDOWN 207
2184#define SSL_R_PSK_IDENTITY_NOT_FOUND 223
2185#define SSL_R_PSK_NO_CLIENT_CB 224
2186#define SSL_R_PSK_NO_SERVER_CB 225
2187#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 208 1973#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 208
2188#define SSL_R_PUBLIC_KEY_IS_NOT_RSA 209 1974#define SSL_R_PUBLIC_KEY_IS_NOT_RSA 209
2189#define SSL_R_PUBLIC_KEY_NOT_RSA 210 1975#define SSL_R_PUBLIC_KEY_NOT_RSA 210
@@ -2193,24 +1979,18 @@ void ERR_load_SSL_strings(void);
2193#define SSL_R_RECORD_LENGTH_MISMATCH 213 1979#define SSL_R_RECORD_LENGTH_MISMATCH 213
2194#define SSL_R_RECORD_TOO_LARGE 214 1980#define SSL_R_RECORD_TOO_LARGE 214
2195#define SSL_R_RECORD_TOO_SMALL 298 1981#define SSL_R_RECORD_TOO_SMALL 298
2196#define SSL_R_RENEGOTIATE_EXT_TOO_LONG 335
2197#define SSL_R_RENEGOTIATION_ENCODING_ERR 336
2198#define SSL_R_RENEGOTIATION_MISMATCH 337
2199#define SSL_R_REQUIRED_CIPHER_MISSING 215 1982#define SSL_R_REQUIRED_CIPHER_MISSING 215
2200#define SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING 342
2201#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216 1983#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216
2202#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217 1984#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217
2203#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218 1985#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218
2204#define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING 345 1986#define SSL_R_SERVERHELLO_TLSEXT 224
2205#define SSL_R_SERVERHELLO_TLSEXT 275
2206#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277 1987#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
2207#define SSL_R_SHORT_READ 219 1988#define SSL_R_SHORT_READ 219
2208#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220 1989#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
2209#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221 1990#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
2210#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 299 1991#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 299
2211#define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT 321 1992#define SSL_R_SSL3_EXT_INVALID_SERVERNAME 225
2212#define SSL_R_SSL3_EXT_INVALID_SERVERNAME 319 1993#define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE 226
2213#define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE 320
2214#define SSL_R_SSL3_SESSION_ID_TOO_LONG 300 1994#define SSL_R_SSL3_SESSION_ID_TOO_LONG 300
2215#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222 1995#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222
2216#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042 1996#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042
@@ -2244,13 +2024,8 @@ void ERR_load_SSL_strings(void);
2244#define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022 2024#define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022
2245#define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048 2025#define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048
2246#define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090 2026#define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090
2247#define SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE 1114
2248#define SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE 1113
2249#define SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE 1111
2250#define SSL_R_TLSV1_UNRECOGNIZED_NAME 1112
2251#define SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110
2252#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232 2027#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232
2253#define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157 2028#define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 227
2254#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233 2029#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
2255#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234 2030#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
2256#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235 2031#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235
@@ -2277,10 +2052,8 @@ void ERR_load_SSL_strings(void);
2277#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 253 2052#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 253
2278#define SSL_R_UNKNOWN_SSL_VERSION 254 2053#define SSL_R_UNKNOWN_SSL_VERSION 254
2279#define SSL_R_UNKNOWN_STATE 255 2054#define SSL_R_UNKNOWN_STATE 255
2280#define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED 338
2281#define SSL_R_UNSUPPORTED_CIPHER 256 2055#define SSL_R_UNSUPPORTED_CIPHER 256
2282#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257 2056#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257
2283#define SSL_R_UNSUPPORTED_DIGEST_TYPE 326
2284#define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE 315 2057#define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE 315
2285#define SSL_R_UNSUPPORTED_PROTOCOL 258 2058#define SSL_R_UNSUPPORTED_PROTOCOL 258
2286#define SSL_R_UNSUPPORTED_SSL_VERSION 259 2059#define SSL_R_UNSUPPORTED_SSL_VERSION 259
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-27 07:13:48 +0000