1 files changed, 18 insertions, 14 deletions
diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h
index 95772eef60..2a9714fc19 100644
--- a/src/lib/libssl/ssl3.h
+++ b/src/lib/libssl/ssl3.h
@@ -59,7 +59,9 @@
 #ifndef HEADER_SSL3_H 
 #define HEADER_SSL3_H 
-#include "buffer.h"
+#include <openssl/buffer.h>
+#include <openssl/evp.h>
+#include <openssl/ssl.h>
 #ifdef  __cplusplus
 extern "C" {
@@ -208,7 +210,7 @@ typedef struct ssl3_record_st
 /*r */  unsigned int off;       /* read/write offset into 'buf' */
 /*rw*/  unsigned char *data;    /* pointer to the record data */
 /*rw*/  unsigned char *input;   /* where the decode bytes are */
-/*rw*/  unsigned char *comp;    /* only used with decompression */
+/*r */  unsigned char *comp;    /* only used with decompression - malloc()ed */
        } SSL3_RECORD;
 typedef struct ssl3_buffer_st
@@ -220,10 +222,6 @@ typedef struct ssl3_buffer_st
 /*rw*/  unsigned char *buf;     /* SSL3_RT_MAX_PACKET_SIZE bytes */
        } SSL3_BUFFER;
-typedef struct ssl3_compression_st {
-        int nothing;
-        } SSL3_COMPRESSION;
 #define SSL3_CT_RSA_SIGN                        1
 #define SSL3_CT_DSS_SIGN                        2
 #define SSL3_CT_RSA_FIXED_DH                    3
@@ -236,7 +234,7 @@ typedef struct ssl3_compression_st {
 #define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS       0x0001
 #define SSL3_FLAGS_DELAY_CLIENT_FINISHED        0x0002
 #define SSL3_FLAGS_POP_BUFFER                   0x0004
-#define TLS1_FLAGS_TLS_PADDING_BUG              0x0008
+#define TLS1_FLAGS_TLS_PADDING_BUG              0x0008
 #if 0
 #define AD_CLOSE_NOTIFY                 0
@@ -290,7 +288,7 @@ typedef struct ssl3_ctx_st
        int wpend_tot;          /* number bytes written */
        int wpend_type;
        int wpend_ret;          /* number of bytes submitted */
-        char *wpend_buf;
+        const unsigned char *wpend_buf;
        /* used during startup, digest all incoming/outgoing packets */
        EVP_MD_CTX finish_dgst1;
@@ -305,7 +303,7 @@ typedef struct ssl3_ctx_st
        /* we alow one fatal and one warning alert to be outstanding,
         * send close alert via the warning alert */
        int alert_dispatch;
-        char send_alert[2];
+        unsigned char send_alert[2];
        /* This flag is set when we should renegotiate ASAP, basically when
         * there is no more data in the read or write buffers */
@@ -324,8 +322,9 @@ typedef struct ssl3_ctx_st
                /* used to hold the new cipher we are going to use */
                SSL_CIPHER *new_cipher;
+#ifndef NO_DH
                DH *dh;
+#endif
                /* used when SSL_ST_FLUSH_DATA is entered */
                int next_state;                 
@@ -335,18 +334,23 @@ typedef struct ssl3_ctx_st
                int cert_req;
                int ctype_num;
                char ctype[SSL3_CT_NUMBER];
-                STACK *ca_names;
+                STACK_OF(X509_NAME) *ca_names;
                int use_rsa_tmp;
                int key_block_length;
                unsigned char *key_block;
-                EVP_CIPHER *new_sym_enc;
+                const EVP_CIPHER *new_sym_enc;
-                EVP_MD *new_hash;
+                const EVP_MD *new_hash;
-                SSL_COMPRESSION *new_compression;
+#ifdef HEADER_COMP_H
+                const SSL_COMP *new_compression;
+#else
+                char *new_compression;
+#endif
                int cert_request;
                } tmp;
        } SSL3_CTX;
 /* SSLv3 */

diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h index 95772eef60..2a9714fc19 100644 --- a/src/lib/libssl/ssl3.h +++ b/src/lib/libssl/ssl3.h
@@ -59,7 +59,9 @@
59	#ifndef HEADER_SSL3_H	59	#ifndef HEADER_SSL3_H
60	#define HEADER_SSL3_H	60	#define HEADER_SSL3_H
61		61
62	#include "buffer.h"	62	#include <openssl/buffer.h>
		63	#include <openssl/evp.h>
		64	#include <openssl/ssl.h>
63		65
64	#ifdef __cplusplus	66	#ifdef __cplusplus
65	extern "C" {	67	extern "C" {
@@ -208,7 +210,7 @@ typedef struct ssl3_record_st
208	/r / unsigned int off; /* read/write offset into 'buf' */	210	/r / unsigned int off; /* read/write offset into 'buf' */
209	/rw/ unsigned char data; / pointer to the record data */	211	/rw/ unsigned char data; / pointer to the record data */
210	/rw/ unsigned char input; / where the decode bytes are */	212	/rw/ unsigned char input; / where the decode bytes are */
211	/rw/ unsigned char comp; / only used with decompression */	213	/r / unsigned char comp; / only used with decompression - malloc()ed */
212	} SSL3_RECORD;	214	} SSL3_RECORD;
213		215
214	typedef struct ssl3_buffer_st	216	typedef struct ssl3_buffer_st
@@ -220,10 +222,6 @@ typedef struct ssl3_buffer_st
220	/rw/ unsigned char buf; / SSL3_RT_MAX_PACKET_SIZE bytes */	222	/rw/ unsigned char buf; / SSL3_RT_MAX_PACKET_SIZE bytes */
221	} SSL3_BUFFER;	223	} SSL3_BUFFER;
222		224
223	typedef struct ssl3_compression_st {
224	int nothing;
225	} SSL3_COMPRESSION;
226
227	#define SSL3_CT_RSA_SIGN 1	225	#define SSL3_CT_RSA_SIGN 1
228	#define SSL3_CT_DSS_SIGN 2	226	#define SSL3_CT_DSS_SIGN 2
229	#define SSL3_CT_RSA_FIXED_DH 3	227	#define SSL3_CT_RSA_FIXED_DH 3
@@ -236,7 +234,7 @@ typedef struct ssl3_compression_st {
236	#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001	234	#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001
237	#define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002	235	#define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002
238	#define SSL3_FLAGS_POP_BUFFER 0x0004	236	#define SSL3_FLAGS_POP_BUFFER 0x0004
239	#define TLS1_FLAGS_TLS_PADDING_BUG 0x0008	237	#define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
240		238
241	#if 0	239	#if 0
242	#define AD_CLOSE_NOTIFY 0	240	#define AD_CLOSE_NOTIFY 0
@@ -290,7 +288,7 @@ typedef struct ssl3_ctx_st
290	int wpend_tot; /* number bytes written */	288	int wpend_tot; /* number bytes written */
291	int wpend_type;	289	int wpend_type;
292	int wpend_ret; /* number of bytes submitted */	290	int wpend_ret; /* number of bytes submitted */
293	char *wpend_buf;	291	const unsigned char *wpend_buf;
294		292
295	/* used during startup, digest all incoming/outgoing packets */	293	/* used during startup, digest all incoming/outgoing packets */
296	EVP_MD_CTX finish_dgst1;	294	EVP_MD_CTX finish_dgst1;
@@ -305,7 +303,7 @@ typedef struct ssl3_ctx_st
305	/* we alow one fatal and one warning alert to be outstanding,	303	/* we alow one fatal and one warning alert to be outstanding,
306	* send close alert via the warning alert */	304	* send close alert via the warning alert */
307	int alert_dispatch;	305	int alert_dispatch;
308	char send_alert[2];	306	unsigned char send_alert[2];
309		307
310	/* This flag is set when we should renegotiate ASAP, basically when	308	/* This flag is set when we should renegotiate ASAP, basically when
311	* there is no more data in the read or write buffers */	309	* there is no more data in the read or write buffers */
@@ -324,8 +322,9 @@ typedef struct ssl3_ctx_st
324		322
325	/* used to hold the new cipher we are going to use */	323	/* used to hold the new cipher we are going to use */
326	SSL_CIPHER *new_cipher;	324	SSL_CIPHER *new_cipher;
		325	#ifndef NO_DH
327	DH *dh;	326	DH *dh;
328		327	#endif
329	/* used when SSL_ST_FLUSH_DATA is entered */	328	/* used when SSL_ST_FLUSH_DATA is entered */
330	int next_state;	329	int next_state;
331		330
@@ -335,18 +334,23 @@ typedef struct ssl3_ctx_st
335	int cert_req;	334	int cert_req;
336	int ctype_num;	335	int ctype_num;
337	char ctype[SSL3_CT_NUMBER];	336	char ctype[SSL3_CT_NUMBER];
338	STACK *ca_names;	337	STACK_OF(X509_NAME) *ca_names;
339		338
340	int use_rsa_tmp;	339	int use_rsa_tmp;
341		340
342	int key_block_length;	341	int key_block_length;
343	unsigned char *key_block;	342	unsigned char *key_block;
344		343
345	EVP_CIPHER *new_sym_enc;	344	const EVP_CIPHER *new_sym_enc;
346	EVP_MD *new_hash;	345	const EVP_MD *new_hash;
347	SSL_COMPRESSION *new_compression;	346	#ifdef HEADER_COMP_H
		347	const SSL_COMP *new_compression;
		348	#else
		349	char *new_compression;
		350	#endif
348	int cert_request;	351	int cert_request;
349	} tmp;	352	} tmp;
		353
350	} SSL3_CTX;	354	} SSL3_CTX;
351		355
352	/* SSLv3 */	356	/* SSLv3 */