1 files changed, 0 insertions, 426 deletions
diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h
deleted file mode 100644
index f616763830..0000000000
--- a/src/lib/libssl/ssl3.h
+++ /dev/null
@@ -1,426 +0,0 @@
-/* ssl/ssl3.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#ifndef HEADER_SSL3_H 
-#define HEADER_SSL3_H 
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-#include <openssl/ssl.h>
-#ifdef  __cplusplus
-extern "C" {
-#endif
-#define SSL3_CK_RSA_NULL_MD5                    0x03000001
-#define SSL3_CK_RSA_NULL_SHA                    0x03000002
-#define SSL3_CK_RSA_RC4_40_MD5                  0x03000003
-#define SSL3_CK_RSA_RC4_128_MD5                 0x03000004
-#define SSL3_CK_RSA_RC4_128_SHA                 0x03000005
-#define SSL3_CK_RSA_RC2_40_MD5                  0x03000006
-#define SSL3_CK_RSA_IDEA_128_SHA                0x03000007
-#define SSL3_CK_RSA_DES_40_CBC_SHA              0x03000008
-#define SSL3_CK_RSA_DES_64_CBC_SHA              0x03000009
-#define SSL3_CK_RSA_DES_192_CBC3_SHA            0x0300000A
-#define SSL3_CK_DH_DSS_DES_40_CBC_SHA           0x0300000B
-#define SSL3_CK_DH_DSS_DES_64_CBC_SHA           0x0300000C
-#define SSL3_CK_DH_DSS_DES_192_CBC3_SHA         0x0300000D
-#define SSL3_CK_DH_RSA_DES_40_CBC_SHA           0x0300000E
-#define SSL3_CK_DH_RSA_DES_64_CBC_SHA           0x0300000F
-#define SSL3_CK_DH_RSA_DES_192_CBC3_SHA         0x03000010
-#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA          0x03000011
-#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA          0x03000012
-#define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA        0x03000013
-#define SSL3_CK_EDH_RSA_DES_40_CBC_SHA          0x03000014
-#define SSL3_CK_EDH_RSA_DES_64_CBC_SHA          0x03000015
-#define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA        0x03000016
-#define SSL3_CK_ADH_RC4_40_MD5                  0x03000017
-#define SSL3_CK_ADH_RC4_128_MD5                 0x03000018
-#define SSL3_CK_ADH_DES_40_CBC_SHA              0x03000019
-#define SSL3_CK_ADH_DES_64_CBC_SHA              0x0300001A
-#define SSL3_CK_ADH_DES_192_CBC_SHA             0x0300001B
-#define SSL3_CK_FZA_DMS_NULL_SHA                0x0300001C
-#define SSL3_CK_FZA_DMS_FZA_SHA                 0x0300001D
-#define SSL3_CK_FZA_DMS_RC4_SHA                 0x0300001E
-#define SSL3_TXT_RSA_NULL_MD5                   "NULL-MD5"
-#define SSL3_TXT_RSA_NULL_SHA                   "NULL-SHA"
-#define SSL3_TXT_RSA_RC4_40_MD5                 "EXP-RC4-MD5"
-#define SSL3_TXT_RSA_RC4_128_MD5                "RC4-MD5"
-#define SSL3_TXT_RSA_RC4_128_SHA                "RC4-SHA"
-#define SSL3_TXT_RSA_RC2_40_MD5                 "EXP-RC2-CBC-MD5"
-#define SSL3_TXT_RSA_IDEA_128_SHA               "IDEA-CBC-SHA"
-#define SSL3_TXT_RSA_DES_40_CBC_SHA             "EXP-DES-CBC-SHA"
-#define SSL3_TXT_RSA_DES_64_CBC_SHA             "DES-CBC-SHA"
-#define SSL3_TXT_RSA_DES_192_CBC3_SHA           "DES-CBC3-SHA"
-#define SSL3_TXT_DH_DSS_DES_40_CBC_SHA          "EXP-DH-DSS-DES-CBC-SHA"
-#define SSL3_TXT_DH_DSS_DES_64_CBC_SHA          "DH-DSS-DES-CBC-SHA"
-#define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA        "DH-DSS-DES-CBC3-SHA"
-#define SSL3_TXT_DH_RSA_DES_40_CBC_SHA          "EXP-DH-RSA-DES-CBC-SHA"
-#define SSL3_TXT_DH_RSA_DES_64_CBC_SHA          "DH-RSA-DES-CBC-SHA"
-#define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA        "DH-RSA-DES-CBC3-SHA"
-#define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA         "EXP-EDH-DSS-DES-CBC-SHA"
-#define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA         "EDH-DSS-DES-CBC-SHA"
-#define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA       "EDH-DSS-DES-CBC3-SHA"
-#define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA         "EXP-EDH-RSA-DES-CBC-SHA"
-#define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA         "EDH-RSA-DES-CBC-SHA"
-#define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA       "EDH-RSA-DES-CBC3-SHA"
-#define SSL3_TXT_ADH_RC4_40_MD5                 "EXP-ADH-RC4-MD5"
-#define SSL3_TXT_ADH_RC4_128_MD5                "ADH-RC4-MD5"
-#define SSL3_TXT_ADH_DES_40_CBC_SHA             "EXP-ADH-DES-CBC-SHA"
-#define SSL3_TXT_ADH_DES_64_CBC_SHA             "ADH-DES-CBC-SHA"
-#define SSL3_TXT_ADH_DES_192_CBC_SHA            "ADH-DES-CBC3-SHA"
-#define SSL3_TXT_FZA_DMS_NULL_SHA               "FZA-NULL-SHA"
-#define SSL3_TXT_FZA_DMS_FZA_SHA                "FZA-FZA-CBC-SHA"
-#define SSL3_TXT_FZA_DMS_RC4_SHA                "FZA-RC4-SHA"
-#define SSL3_SSL_SESSION_ID_LENGTH              32
-#define SSL3_MAX_SSL_SESSION_ID_LENGTH          32
-#define SSL3_MASTER_SECRET_SIZE                 48
-#define SSL3_RANDOM_SIZE                        32
-#define SSL3_SESSION_ID_SIZE                    32
-#define SSL3_RT_HEADER_LENGTH                   5
-/* Due to MS stuffing up, this can change.... */
-#if defined(WIN16) || (defined(MSDOS) && !defined(WIN32))
-#define SSL3_RT_MAX_EXTRA                       (14000)
-#else
-#define SSL3_RT_MAX_EXTRA                       (16384)
-#endif
-#define SSL3_RT_MAX_PLAIN_LENGTH                16384
-#define SSL3_RT_MAX_COMPRESSED_LENGTH   (1024+SSL3_RT_MAX_PLAIN_LENGTH)
-#define SSL3_RT_MAX_ENCRYPTED_LENGTH    (1024+SSL3_RT_MAX_COMPRESSED_LENGTH)
-#define SSL3_RT_MAX_PACKET_SIZE         (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
-#define SSL3_RT_MAX_DATA_SIZE                   (1024*1024)
-#define SSL3_MD_CLIENT_FINISHED_CONST   "\x43\x4C\x4E\x54"
-#define SSL3_MD_SERVER_FINISHED_CONST   "\x53\x52\x56\x52"
-#define SSL3_VERSION                    0x0300
-#define SSL3_VERSION_MAJOR              0x03
-#define SSL3_VERSION_MINOR              0x00
-#define SSL3_RT_CHANGE_CIPHER_SPEC      20
-#define SSL3_RT_ALERT                   21
-#define SSL3_RT_HANDSHAKE               22
-#define SSL3_RT_APPLICATION_DATA        23
-#define SSL3_AL_WARNING                 1
-#define SSL3_AL_FATAL                   2
-#define SSL3_AD_CLOSE_NOTIFY             0
-#define SSL3_AD_UNEXPECTED_MESSAGE      10      /* fatal */
-#define SSL3_AD_BAD_RECORD_MAC          20      /* fatal */
-#define SSL3_AD_DECOMPRESSION_FAILURE   30      /* fatal */
-#define SSL3_AD_HANDSHAKE_FAILURE       40      /* fatal */
-#define SSL3_AD_NO_CERTIFICATE          41
-#define SSL3_AD_BAD_CERTIFICATE         42
-#define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
-#define SSL3_AD_CERTIFICATE_REVOKED     44
-#define SSL3_AD_CERTIFICATE_EXPIRED     45
-#define SSL3_AD_CERTIFICATE_UNKNOWN     46
-#define SSL3_AD_ILLEGAL_PARAMETER       47      /* fatal */
-typedef struct ssl3_record_st
-        {
-/*r */  int type;               /* type of record */
-/*rw*/  unsigned int length;    /* How many bytes available */
-/*r */  unsigned int off;       /* read/write offset into 'buf' */
-/*rw*/  unsigned char *data;    /* pointer to the record data */
-/*rw*/  unsigned char *input;   /* where the decode bytes are */
-/*r */  unsigned char *comp;    /* only used with decompression - malloc()ed */
-        } SSL3_RECORD;
-typedef struct ssl3_buffer_st
-        {
-        unsigned char *buf;     /* SSL3_RT_MAX_PACKET_SIZE bytes (more if
-                                 * SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER is set) */
-        int offset;             /* where to 'copy from' */
-        int left;               /* how many bytes left */
-        } SSL3_BUFFER;
-#define SSL3_CT_RSA_SIGN                        1
-#define SSL3_CT_DSS_SIGN                        2
-#define SSL3_CT_RSA_FIXED_DH                    3
-#define SSL3_CT_DSS_FIXED_DH                    4
-#define SSL3_CT_RSA_EPHEMERAL_DH                5
-#define SSL3_CT_DSS_EPHEMERAL_DH                6
-#define SSL3_CT_FORTEZZA_DMS                    20
-#define SSL3_CT_NUMBER                          7
-#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS       0x0001
-#define SSL3_FLAGS_DELAY_CLIENT_FINISHED        0x0002
-#define SSL3_FLAGS_POP_BUFFER                   0x0004
-#define TLS1_FLAGS_TLS_PADDING_BUG              0x0008
-typedef struct ssl3_state_st
-        {
-        long flags;
-        int delay_buf_pop_ret;
-        unsigned char read_sequence[8];
-        unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
-        unsigned char write_sequence[8];
-        unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
-        unsigned char server_random[SSL3_RANDOM_SIZE];
-        unsigned char client_random[SSL3_RANDOM_SIZE];
-        SSL3_BUFFER rbuf;       /* read IO goes into here */
-        SSL3_BUFFER wbuf;       /* write IO goes into here */
-        SSL3_RECORD rrec;       /* each decoded record goes in here */
-        SSL3_RECORD wrec;       /* goes out from here */
-        /* storage for Alert/Handshake protocol data received but not
-         * yet processed by ssl3_read_bytes: */
-        unsigned char alert_fragment[2];
-        unsigned int alert_fragment_len;
-        unsigned char handshake_fragment[4];
-        unsigned int handshake_fragment_len;
-        /* partial write - check the numbers match */
-        unsigned int wnum;      /* number of bytes sent so far */
-        int wpend_tot;          /* number bytes written */
-        int wpend_type;
-        int wpend_ret;          /* number of bytes submitted */
-        const unsigned char *wpend_buf;
-        /* used during startup, digest all incoming/outgoing packets */
-        EVP_MD_CTX finish_dgst1;
-        EVP_MD_CTX finish_dgst2;
-        /* this is set whenerver we see a change_cipher_spec message
-         * come in when we are not looking for one */
-        int change_cipher_spec;
-        int warn_alert;
-        int fatal_alert;
-        /* we allow one fatal and one warning alert to be outstanding,
-         * send close alert via the warning alert */
-        int alert_dispatch;
-        unsigned char send_alert[2];
-        /* This flag is set when we should renegotiate ASAP, basically when
-         * there is no more data in the read or write buffers */
-        int renegotiate;
-        int total_renegotiations;
-        int num_renegotiations;
-        int in_read_app_data;
-        struct  {
-                /* actually only needs to be 16+20 */
-                unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
-                /* actually only need to be 16+20 for SSLv3 and 12 for TLS */
-                unsigned char finish_md[EVP_MAX_MD_SIZE*2];
-                int finish_md_len;
-                unsigned char peer_finish_md[EVP_MAX_MD_SIZE*2];
-                int peer_finish_md_len;
-                
-                unsigned long message_size;
-                int message_type;
-                /* used to hold the new cipher we are going to use */
-                SSL_CIPHER *new_cipher;
-#ifndef NO_DH
-                DH *dh;
-#endif
-                /* used when SSL_ST_FLUSH_DATA is entered */
-                int next_state;                 
-                int reuse_message;
-                /* used for certificate requests */
-                int cert_req;
-                int ctype_num;
-                char ctype[SSL3_CT_NUMBER];
-                STACK_OF(X509_NAME) *ca_names;
-                int use_rsa_tmp;
-                int key_block_length;
-                unsigned char *key_block;
-                const EVP_CIPHER *new_sym_enc;
-                const EVP_MD *new_hash;
-#ifdef HEADER_COMP_H
-                const SSL_COMP *new_compression;
-#else
-                char *new_compression;
-#endif
-                int cert_request;
-                } tmp;
-        } SSL3_STATE;
-/* SSLv3 */
-/*client */
-/* extra state */
-#define SSL3_ST_CW_FLUSH                (0x100|SSL_ST_CONNECT)
-/* write to server */
-#define SSL3_ST_CW_CLNT_HELLO_A         (0x110|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CLNT_HELLO_B         (0x111|SSL_ST_CONNECT)
-/* read from server */
-#define SSL3_ST_CR_SRVR_HELLO_A         (0x120|SSL_ST_CONNECT)
-#define SSL3_ST_CR_SRVR_HELLO_B         (0x121|SSL_ST_CONNECT)
-#define SSL3_ST_CR_CERT_A               (0x130|SSL_ST_CONNECT)
-#define SSL3_ST_CR_CERT_B               (0x131|SSL_ST_CONNECT)
-#define SSL3_ST_CR_KEY_EXCH_A           (0x140|SSL_ST_CONNECT)
-#define SSL3_ST_CR_KEY_EXCH_B           (0x141|SSL_ST_CONNECT)
-#define SSL3_ST_CR_CERT_REQ_A           (0x150|SSL_ST_CONNECT)
-#define SSL3_ST_CR_CERT_REQ_B           (0x151|SSL_ST_CONNECT)
-#define SSL3_ST_CR_SRVR_DONE_A          (0x160|SSL_ST_CONNECT)
-#define SSL3_ST_CR_SRVR_DONE_B          (0x161|SSL_ST_CONNECT)
-/* write to server */
-#define SSL3_ST_CW_CERT_A               (0x170|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CERT_B               (0x171|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CERT_C               (0x172|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CERT_D               (0x173|SSL_ST_CONNECT)
-#define SSL3_ST_CW_KEY_EXCH_A           (0x180|SSL_ST_CONNECT)
-#define SSL3_ST_CW_KEY_EXCH_B           (0x181|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CERT_VRFY_A          (0x190|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CERT_VRFY_B          (0x191|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CHANGE_A             (0x1A0|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CHANGE_B             (0x1A1|SSL_ST_CONNECT)
-#define SSL3_ST_CW_FINISHED_A           (0x1B0|SSL_ST_CONNECT)
-#define SSL3_ST_CW_FINISHED_B           (0x1B1|SSL_ST_CONNECT)
-/* read from server */
-#define SSL3_ST_CR_CHANGE_A             (0x1C0|SSL_ST_CONNECT)
-#define SSL3_ST_CR_CHANGE_B             (0x1C1|SSL_ST_CONNECT)
-#define SSL3_ST_CR_FINISHED_A           (0x1D0|SSL_ST_CONNECT)
-#define SSL3_ST_CR_FINISHED_B           (0x1D1|SSL_ST_CONNECT)
-/* server */
-/* extra state */
-#define SSL3_ST_SW_FLUSH                (0x100|SSL_ST_ACCEPT)
-/* read from client */
-/* Do not change the number values, they do matter */
-#define SSL3_ST_SR_CLNT_HELLO_A         (0x110|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CLNT_HELLO_B         (0x111|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CLNT_HELLO_C         (0x112|SSL_ST_ACCEPT)
-/* write to client */
-#define SSL3_ST_SW_HELLO_REQ_A          (0x120|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_HELLO_REQ_B          (0x121|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_HELLO_REQ_C          (0x122|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_SRVR_HELLO_A         (0x130|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_SRVR_HELLO_B         (0x131|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_CERT_A               (0x140|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_CERT_B               (0x141|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_KEY_EXCH_A           (0x150|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_KEY_EXCH_B           (0x151|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_CERT_REQ_A           (0x160|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_CERT_REQ_B           (0x161|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_SRVR_DONE_A          (0x170|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_SRVR_DONE_B          (0x171|SSL_ST_ACCEPT)
-/* read from client */
-#define SSL3_ST_SR_CERT_A               (0x180|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CERT_B               (0x181|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_KEY_EXCH_A           (0x190|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_KEY_EXCH_B           (0x191|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CERT_VRFY_A          (0x1A0|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CERT_VRFY_B          (0x1A1|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CHANGE_A             (0x1B0|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CHANGE_B             (0x1B1|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_FINISHED_A           (0x1C0|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_FINISHED_B           (0x1C1|SSL_ST_ACCEPT)
-/* write to client */
-#define SSL3_ST_SW_CHANGE_A             (0x1D0|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_CHANGE_B             (0x1D1|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_FINISHED_A           (0x1E0|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_FINISHED_B           (0x1E1|SSL_ST_ACCEPT)
-#define SSL3_MT_HELLO_REQUEST                   0
-#define SSL3_MT_CLIENT_HELLO                    1
-#define SSL3_MT_SERVER_HELLO                    2
-#define SSL3_MT_CERTIFICATE                     11
-#define SSL3_MT_SERVER_KEY_EXCHANGE             12
-#define SSL3_MT_CERTIFICATE_REQUEST             13
-#define SSL3_MT_SERVER_DONE                     14
-#define SSL3_MT_CERTIFICATE_VERIFY              15
-#define SSL3_MT_CLIENT_KEY_EXCHANGE             16
-#define SSL3_MT_FINISHED                        20
-#define SSL3_MT_CCS                             1
-/* These are used when changing over to a new cipher */
-#define SSL3_CC_READ            0x01
-#define SSL3_CC_WRITE           0x02
-#define SSL3_CC_CLIENT          0x10
-#define SSL3_CC_SERVER          0x20
-#define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE)  
-#define SSL3_CHANGE_CIPHER_SERVER_READ  (SSL3_CC_SERVER|SSL3_CC_READ)
-#define SSL3_CHANGE_CIPHER_CLIENT_READ  (SSL3_CC_CLIENT|SSL3_CC_READ)
-#define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE)
-#ifdef  __cplusplus
-}
-#endif
-#endif

diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h deleted file mode 100644 index f616763830..0000000000 --- a/src/lib/libssl/ssl3.h +++ /dev/null
@@ -1,426 +0,0 @@
1	/* ssl/ssl3.h */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.
4	*
5	* This package is an SSL implementation written
6	* by Eric Young (eay@cryptsoft.com).
7	* The implementation was written so as to conform with Netscapes SSL.
8	*
9	* This library is free for commercial and non-commercial use as long as
10	* the following conditions are aheared to. The following conditions
11	* apply to all code found in this distribution, be it the RC4, RSA,
12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
13	* included with this distribution is covered by the same copyright terms
14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
15	*
16	* Copyright remains Eric Young's, and as such any Copyright notices in
17	* the code are not to be removed.
18	* If this package is used in a product, Eric Young should be given attribution
19	* as the author of the parts of the library used.
20	* This can be in the form of a textual message at program startup or
21	* in documentation (online or textual) provided with the package.
22	*
23	* Redistribution and use in source and binary forms, with or without
24	* modification, are permitted provided that the following conditions
25	* are met:
26	* 1. Redistributions of source code must retain the copyright
27	* notice, this list of conditions and the following disclaimer.
28	* 2. Redistributions in binary form must reproduce the above copyright
29	* notice, this list of conditions and the following disclaimer in the
30	* documentation and/or other materials provided with the distribution.
31	* 3. All advertising materials mentioning features or use of this software
32	* must display the following acknowledgement:
33	* "This product includes cryptographic software written by
34	* Eric Young (eay@cryptsoft.com)"
35	* The word 'cryptographic' can be left out if the rouines from the library
36	* being used are not cryptographic related :-).
37	* 4. If you include any Windows specific code (or a derivative thereof) from
38	* the apps directory (application code) you must include an acknowledgement:
39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40	*
41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51	* SUCH DAMAGE.
52	*
53	* The licence and distribution terms for any publically available version or
54	* derivative of this code cannot be changed. i.e. this code cannot simply be
55	* copied and put under another distribution licence
56	* [including the GNU Public Licence.]
57	*/
58
59	#ifndef HEADER_SSL3_H
60	#define HEADER_SSL3_H
61
62	#include <openssl/buffer.h>
63	#include <openssl/evp.h>
64	#include <openssl/ssl.h>
65
66	#ifdef __cplusplus
67	extern "C" {
68	#endif
69
70	#define SSL3_CK_RSA_NULL_MD5 0x03000001
71	#define SSL3_CK_RSA_NULL_SHA 0x03000002
72	#define SSL3_CK_RSA_RC4_40_MD5 0x03000003
73	#define SSL3_CK_RSA_RC4_128_MD5 0x03000004
74	#define SSL3_CK_RSA_RC4_128_SHA 0x03000005
75	#define SSL3_CK_RSA_RC2_40_MD5 0x03000006
76	#define SSL3_CK_RSA_IDEA_128_SHA 0x03000007
77	#define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008
78	#define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009
79	#define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A
80
81	#define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B
82	#define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C
83	#define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D
84	#define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E
85	#define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F
86	#define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010
87
88	#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011
89	#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012
90	#define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 0x03000013
91	#define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014
92	#define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015
93	#define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016
94
95	#define SSL3_CK_ADH_RC4_40_MD5 0x03000017
96	#define SSL3_CK_ADH_RC4_128_MD5 0x03000018
97	#define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019
98	#define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A
99	#define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B
100
101	#define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C
102	#define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D
103	#define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E
104
105	#define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5"
106	#define SSL3_TXT_RSA_NULL_SHA "NULL-SHA"
107	#define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5"
108	#define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5"
109	#define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA"
110	#define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5"
111	#define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA"
112	#define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA"
113	#define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA"
114	#define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA"
115
116	#define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA"
117	#define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA"
118	#define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA"
119	#define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA"
120	#define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA"
121	#define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA"
122
123	#define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA"
124	#define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA"
125	#define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA"
126	#define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA"
127	#define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA"
128	#define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA"
129
130	#define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5"
131	#define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5"
132	#define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA"
133	#define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA"
134	#define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA"
135
136	#define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA"
137	#define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA"
138	#define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA"
139
140	#define SSL3_SSL_SESSION_ID_LENGTH 32
141	#define SSL3_MAX_SSL_SESSION_ID_LENGTH 32
142
143	#define SSL3_MASTER_SECRET_SIZE 48
144	#define SSL3_RANDOM_SIZE 32
145	#define SSL3_SESSION_ID_SIZE 32
146	#define SSL3_RT_HEADER_LENGTH 5
147
148	/* Due to MS stuffing up, this can change.... */
149	#if defined(WIN16) \|\| (defined(MSDOS) && !defined(WIN32))
150	#define SSL3_RT_MAX_EXTRA (14000)
151	#else
152	#define SSL3_RT_MAX_EXTRA (16384)
153	#endif
154
155	#define SSL3_RT_MAX_PLAIN_LENGTH 16384
156	#define SSL3_RT_MAX_COMPRESSED_LENGTH (1024+SSL3_RT_MAX_PLAIN_LENGTH)
157	#define SSL3_RT_MAX_ENCRYPTED_LENGTH (1024+SSL3_RT_MAX_COMPRESSED_LENGTH)
158	#define SSL3_RT_MAX_PACKET_SIZE (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
159	#define SSL3_RT_MAX_DATA_SIZE (1024*1024)
160
161	#define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54"
162	#define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52"
163
164	#define SSL3_VERSION 0x0300
165	#define SSL3_VERSION_MAJOR 0x03
166	#define SSL3_VERSION_MINOR 0x00
167
168	#define SSL3_RT_CHANGE_CIPHER_SPEC 20
169	#define SSL3_RT_ALERT 21
170	#define SSL3_RT_HANDSHAKE 22
171	#define SSL3_RT_APPLICATION_DATA 23
172
173	#define SSL3_AL_WARNING 1
174	#define SSL3_AL_FATAL 2
175
176	#define SSL3_AD_CLOSE_NOTIFY 0
177	#define SSL3_AD_UNEXPECTED_MESSAGE 10 /* fatal */
178	#define SSL3_AD_BAD_RECORD_MAC 20 /* fatal */
179	#define SSL3_AD_DECOMPRESSION_FAILURE 30 /* fatal */
180	#define SSL3_AD_HANDSHAKE_FAILURE 40 /* fatal */
181	#define SSL3_AD_NO_CERTIFICATE 41
182	#define SSL3_AD_BAD_CERTIFICATE 42
183	#define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
184	#define SSL3_AD_CERTIFICATE_REVOKED 44
185	#define SSL3_AD_CERTIFICATE_EXPIRED 45
186	#define SSL3_AD_CERTIFICATE_UNKNOWN 46
187	#define SSL3_AD_ILLEGAL_PARAMETER 47 /* fatal */
188
189	typedef struct ssl3_record_st
190	{
191	/r / int type; /* type of record */
192	/rw/ unsigned int length; /* How many bytes available */
193	/r / unsigned int off; /* read/write offset into 'buf' */
194	/rw/ unsigned char data; / pointer to the record data */
195	/rw/ unsigned char input; / where the decode bytes are */
196	/r / unsigned char comp; / only used with decompression - malloc()ed */
197	} SSL3_RECORD;
198
199	typedef struct ssl3_buffer_st
200	{
201	unsigned char buf; / SSL3_RT_MAX_PACKET_SIZE bytes (more if
202	* SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER is set) */
203	int offset; /* where to 'copy from' */
204	int left; /* how many bytes left */
205	} SSL3_BUFFER;
206
207	#define SSL3_CT_RSA_SIGN 1
208	#define SSL3_CT_DSS_SIGN 2
209	#define SSL3_CT_RSA_FIXED_DH 3
210	#define SSL3_CT_DSS_FIXED_DH 4
211	#define SSL3_CT_RSA_EPHEMERAL_DH 5
212	#define SSL3_CT_DSS_EPHEMERAL_DH 6
213	#define SSL3_CT_FORTEZZA_DMS 20
214	#define SSL3_CT_NUMBER 7
215
216	#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001
217	#define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002
218	#define SSL3_FLAGS_POP_BUFFER 0x0004
219	#define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
220
221	typedef struct ssl3_state_st
222	{
223	long flags;
224	int delay_buf_pop_ret;
225
226	unsigned char read_sequence[8];
227	unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
228	unsigned char write_sequence[8];
229	unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
230
231	unsigned char server_random[SSL3_RANDOM_SIZE];
232	unsigned char client_random[SSL3_RANDOM_SIZE];
233
234	SSL3_BUFFER rbuf; /* read IO goes into here */
235	SSL3_BUFFER wbuf; /* write IO goes into here */
236
237	SSL3_RECORD rrec; /* each decoded record goes in here */
238	SSL3_RECORD wrec; /* goes out from here */
239
240	/* storage for Alert/Handshake protocol data received but not
241	* yet processed by ssl3_read_bytes: */
242	unsigned char alert_fragment[2];
243	unsigned int alert_fragment_len;
244	unsigned char handshake_fragment[4];
245	unsigned int handshake_fragment_len;
246
247	/* partial write - check the numbers match */
248	unsigned int wnum; /* number of bytes sent so far */
249	int wpend_tot; /* number bytes written */
250	int wpend_type;
251	int wpend_ret; /* number of bytes submitted */
252	const unsigned char *wpend_buf;
253
254	/* used during startup, digest all incoming/outgoing packets */
255	EVP_MD_CTX finish_dgst1;
256	EVP_MD_CTX finish_dgst2;
257
258	/* this is set whenerver we see a change_cipher_spec message
259	* come in when we are not looking for one */
260	int change_cipher_spec;
261
262	int warn_alert;
263	int fatal_alert;
264	/* we allow one fatal and one warning alert to be outstanding,
265	* send close alert via the warning alert */
266	int alert_dispatch;
267	unsigned char send_alert[2];
268
269	/* This flag is set when we should renegotiate ASAP, basically when
270	* there is no more data in the read or write buffers */
271	int renegotiate;
272	int total_renegotiations;
273	int num_renegotiations;
274
275	int in_read_app_data;
276
277	struct {
278	/* actually only needs to be 16+20 */
279	unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
280
281	/* actually only need to be 16+20 for SSLv3 and 12 for TLS */
282	unsigned char finish_md[EVP_MAX_MD_SIZE*2];
283	int finish_md_len;
284	unsigned char peer_finish_md[EVP_MAX_MD_SIZE*2];
285	int peer_finish_md_len;
286
287	unsigned long message_size;
288	int message_type;
289
290	/* used to hold the new cipher we are going to use */
291	SSL_CIPHER *new_cipher;
292	#ifndef NO_DH
293	DH *dh;
294	#endif
295	/* used when SSL_ST_FLUSH_DATA is entered */
296	int next_state;
297
298	int reuse_message;
299
300	/* used for certificate requests */
301	int cert_req;
302	int ctype_num;
303	char ctype[SSL3_CT_NUMBER];
304	STACK_OF(X509_NAME) *ca_names;
305
306	int use_rsa_tmp;
307
308	int key_block_length;
309	unsigned char *key_block;
310
311	const EVP_CIPHER *new_sym_enc;
312	const EVP_MD *new_hash;
313	#ifdef HEADER_COMP_H
314	const SSL_COMP *new_compression;
315	#else
316	char *new_compression;
317	#endif
318	int cert_request;
319	} tmp;
320
321	} SSL3_STATE;
322
323	/* SSLv3 */
324	/client /
325	/* extra state */
326	#define SSL3_ST_CW_FLUSH (0x100\|SSL_ST_CONNECT)
327	/* write to server */
328	#define SSL3_ST_CW_CLNT_HELLO_A (0x110\|SSL_ST_CONNECT)
329	#define SSL3_ST_CW_CLNT_HELLO_B (0x111\|SSL_ST_CONNECT)
330	/* read from server */
331	#define SSL3_ST_CR_SRVR_HELLO_A (0x120\|SSL_ST_CONNECT)
332	#define SSL3_ST_CR_SRVR_HELLO_B (0x121\|SSL_ST_CONNECT)
333	#define SSL3_ST_CR_CERT_A (0x130\|SSL_ST_CONNECT)
334	#define SSL3_ST_CR_CERT_B (0x131\|SSL_ST_CONNECT)
335	#define SSL3_ST_CR_KEY_EXCH_A (0x140\|SSL_ST_CONNECT)
336	#define SSL3_ST_CR_KEY_EXCH_B (0x141\|SSL_ST_CONNECT)
337	#define SSL3_ST_CR_CERT_REQ_A (0x150\|SSL_ST_CONNECT)
338	#define SSL3_ST_CR_CERT_REQ_B (0x151\|SSL_ST_CONNECT)
339	#define SSL3_ST_CR_SRVR_DONE_A (0x160\|SSL_ST_CONNECT)
340	#define SSL3_ST_CR_SRVR_DONE_B (0x161\|SSL_ST_CONNECT)
341	/* write to server */
342	#define SSL3_ST_CW_CERT_A (0x170\|SSL_ST_CONNECT)
343	#define SSL3_ST_CW_CERT_B (0x171\|SSL_ST_CONNECT)
344	#define SSL3_ST_CW_CERT_C (0x172\|SSL_ST_CONNECT)
345	#define SSL3_ST_CW_CERT_D (0x173\|SSL_ST_CONNECT)
346	#define SSL3_ST_CW_KEY_EXCH_A (0x180\|SSL_ST_CONNECT)
347	#define SSL3_ST_CW_KEY_EXCH_B (0x181\|SSL_ST_CONNECT)
348	#define SSL3_ST_CW_CERT_VRFY_A (0x190\|SSL_ST_CONNECT)
349	#define SSL3_ST_CW_CERT_VRFY_B (0x191\|SSL_ST_CONNECT)
350	#define SSL3_ST_CW_CHANGE_A (0x1A0\|SSL_ST_CONNECT)
351	#define SSL3_ST_CW_CHANGE_B (0x1A1\|SSL_ST_CONNECT)
352	#define SSL3_ST_CW_FINISHED_A (0x1B0\|SSL_ST_CONNECT)
353	#define SSL3_ST_CW_FINISHED_B (0x1B1\|SSL_ST_CONNECT)
354	/* read from server */
355	#define SSL3_ST_CR_CHANGE_A (0x1C0\|SSL_ST_CONNECT)
356	#define SSL3_ST_CR_CHANGE_B (0x1C1\|SSL_ST_CONNECT)
357	#define SSL3_ST_CR_FINISHED_A (0x1D0\|SSL_ST_CONNECT)
358	#define SSL3_ST_CR_FINISHED_B (0x1D1\|SSL_ST_CONNECT)
359
360	/* server */
361	/* extra state */
362	#define SSL3_ST_SW_FLUSH (0x100\|SSL_ST_ACCEPT)
363	/* read from client */
364	/* Do not change the number values, they do matter */
365	#define SSL3_ST_SR_CLNT_HELLO_A (0x110\|SSL_ST_ACCEPT)
366	#define SSL3_ST_SR_CLNT_HELLO_B (0x111\|SSL_ST_ACCEPT)
367	#define SSL3_ST_SR_CLNT_HELLO_C (0x112\|SSL_ST_ACCEPT)
368	/* write to client */
369	#define SSL3_ST_SW_HELLO_REQ_A (0x120\|SSL_ST_ACCEPT)
370	#define SSL3_ST_SW_HELLO_REQ_B (0x121\|SSL_ST_ACCEPT)
371	#define SSL3_ST_SW_HELLO_REQ_C (0x122\|SSL_ST_ACCEPT)
372	#define SSL3_ST_SW_SRVR_HELLO_A (0x130\|SSL_ST_ACCEPT)
373	#define SSL3_ST_SW_SRVR_HELLO_B (0x131\|SSL_ST_ACCEPT)
374	#define SSL3_ST_SW_CERT_A (0x140\|SSL_ST_ACCEPT)
375	#define SSL3_ST_SW_CERT_B (0x141\|SSL_ST_ACCEPT)
376	#define SSL3_ST_SW_KEY_EXCH_A (0x150\|SSL_ST_ACCEPT)
377	#define SSL3_ST_SW_KEY_EXCH_B (0x151\|SSL_ST_ACCEPT)
378	#define SSL3_ST_SW_CERT_REQ_A (0x160\|SSL_ST_ACCEPT)
379	#define SSL3_ST_SW_CERT_REQ_B (0x161\|SSL_ST_ACCEPT)
380	#define SSL3_ST_SW_SRVR_DONE_A (0x170\|SSL_ST_ACCEPT)
381	#define SSL3_ST_SW_SRVR_DONE_B (0x171\|SSL_ST_ACCEPT)
382	/* read from client */
383	#define SSL3_ST_SR_CERT_A (0x180\|SSL_ST_ACCEPT)
384	#define SSL3_ST_SR_CERT_B (0x181\|SSL_ST_ACCEPT)
385	#define SSL3_ST_SR_KEY_EXCH_A (0x190\|SSL_ST_ACCEPT)
386	#define SSL3_ST_SR_KEY_EXCH_B (0x191\|SSL_ST_ACCEPT)
387	#define SSL3_ST_SR_CERT_VRFY_A (0x1A0\|SSL_ST_ACCEPT)
388	#define SSL3_ST_SR_CERT_VRFY_B (0x1A1\|SSL_ST_ACCEPT)
389	#define SSL3_ST_SR_CHANGE_A (0x1B0\|SSL_ST_ACCEPT)
390	#define SSL3_ST_SR_CHANGE_B (0x1B1\|SSL_ST_ACCEPT)
391	#define SSL3_ST_SR_FINISHED_A (0x1C0\|SSL_ST_ACCEPT)
392	#define SSL3_ST_SR_FINISHED_B (0x1C1\|SSL_ST_ACCEPT)
393	/* write to client */
394	#define SSL3_ST_SW_CHANGE_A (0x1D0\|SSL_ST_ACCEPT)
395	#define SSL3_ST_SW_CHANGE_B (0x1D1\|SSL_ST_ACCEPT)
396	#define SSL3_ST_SW_FINISHED_A (0x1E0\|SSL_ST_ACCEPT)
397	#define SSL3_ST_SW_FINISHED_B (0x1E1\|SSL_ST_ACCEPT)
398
399	#define SSL3_MT_HELLO_REQUEST 0
400	#define SSL3_MT_CLIENT_HELLO 1
401	#define SSL3_MT_SERVER_HELLO 2
402	#define SSL3_MT_CERTIFICATE 11
403	#define SSL3_MT_SERVER_KEY_EXCHANGE 12
404	#define SSL3_MT_CERTIFICATE_REQUEST 13
405	#define SSL3_MT_SERVER_DONE 14
406	#define SSL3_MT_CERTIFICATE_VERIFY 15
407	#define SSL3_MT_CLIENT_KEY_EXCHANGE 16
408	#define SSL3_MT_FINISHED 20
409
410	#define SSL3_MT_CCS 1
411
412	/* These are used when changing over to a new cipher */
413	#define SSL3_CC_READ 0x01
414	#define SSL3_CC_WRITE 0x02
415	#define SSL3_CC_CLIENT 0x10
416	#define SSL3_CC_SERVER 0x20
417	#define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT\|SSL3_CC_WRITE)
418	#define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER\|SSL3_CC_READ)
419	#define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT\|SSL3_CC_READ)
420	#define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER\|SSL3_CC_WRITE)
421
422	#ifdef __cplusplus
423	}
424	#endif
425	#endif
426