1 files changed, 60 insertions, 1 deletions
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 2eace2567d..4d8659a493 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.153 2017/01/23 01:22:08 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.154 2017/01/23 04:15:28 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -392,6 +392,65 @@ typedef struct ssl_ctx_internal_st {
        uint16_t min_version;
        uint16_t max_version;
+        /* If this callback is not null, it will be called each
+         * time a session id is added to the cache.  If this function
+         * returns 1, it means that the callback will do a
+         * SSL_SESSION_free() when it has finished using it.  Otherwise,
+         * on 0, it means the callback has finished with it.
+         * If remove_session_cb is not null, it will be called when
+         * a session-id is removed from the cache.  After the call,
+         * OpenSSL will SSL_SESSION_free() it. */
+        int (*new_session_cb)(struct ssl_st *ssl, SSL_SESSION *sess);
+        void (*remove_session_cb)(struct ssl_ctx_st *ctx, SSL_SESSION *sess);
+        SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl,
+            unsigned char *data, int len, int *copy);
+        /* if defined, these override the X509_verify_cert() calls */
+        int (*app_verify_callback)(X509_STORE_CTX *, void *);
+            void *app_verify_arg;
+        /* Default password callback. */
+        pem_password_cb *default_passwd_callback;
+        /* Default password callback user data. */
+        void *default_passwd_callback_userdata;
+        /* get client cert callback */
+        int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
+        /* cookie generate callback */
+        int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie,
+            unsigned int *cookie_len);
+        /* verify cookie callback */
+        int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie,
+            unsigned int cookie_len);
+        void (*info_callback)(const SSL *ssl,int type,int val); /* used if SSL's info_callback is NULL */
+        /* callback that allows applications to peek at protocol messages */
+        void (*msg_callback)(int write_p, int version, int content_type,
+            const void *buf, size_t len, SSL *ssl, void *arg);
+        void *msg_callback_arg;
+        int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx); /* called 'verify_callback' in the SSL */
+        /* Default generate session ID callback. */
+        GEN_SESSION_CB generate_session_id;
+        /* TLS extensions servername callback */
+        int (*tlsext_servername_callback)(SSL*, int *, void *);
+        void *tlsext_servername_arg;
+        /* Callback to support customisation of ticket key setting */
+        int (*tlsext_ticket_key_cb)(SSL *ssl, unsigned char *name,
+            unsigned char *iv, EVP_CIPHER_CTX *ectx, HMAC_CTX *hctx, int enc);
+        /* certificate status request info */
+        /* Callback for status request */
+        int (*tlsext_status_cb)(SSL *ssl, void *arg);
+        void *tlsext_status_arg;
        struct {
                int sess_connect;       /* SSL new conn - started */
                int sess_connect_renegotiate;/* SSL reneg - requested */

diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 2eace2567d..4d8659a493 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_locl.h,v 1.153 2017/01/23 01:22:08 jsing Exp $ */	1	/* $OpenBSD: ssl_locl.h,v 1.154 2017/01/23 04:15:28 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -392,6 +392,65 @@ typedef struct ssl_ctx_internal_st {
392	uint16_t min_version;	392	uint16_t min_version;
393	uint16_t max_version;	393	uint16_t max_version;
394		394
		395	/* If this callback is not null, it will be called each
		396	* time a session id is added to the cache. If this function
		397	* returns 1, it means that the callback will do a
		398	* SSL_SESSION_free() when it has finished using it. Otherwise,
		399	* on 0, it means the callback has finished with it.
		400	* If remove_session_cb is not null, it will be called when
		401	* a session-id is removed from the cache. After the call,
		402	* OpenSSL will SSL_SESSION_free() it. */
		403	int (new_session_cb)(struct ssl_st ssl, SSL_SESSION *sess);
		404	void (remove_session_cb)(struct ssl_ctx_st ctx, SSL_SESSION *sess);
		405	SSL_SESSION (get_session_cb)(struct ssl_st *ssl,
		406	unsigned char data, int len, int copy);
		407
		408	/* if defined, these override the X509_verify_cert() calls */
		409	int (app_verify_callback)(X509_STORE_CTX , void *);
		410	void *app_verify_arg;
		411
		412	/* Default password callback. */
		413	pem_password_cb *default_passwd_callback;
		414
		415	/* Default password callback user data. */
		416	void *default_passwd_callback_userdata;
		417
		418	/* get client cert callback */
		419	int (client_cert_cb)(SSL ssl, X509 x509, EVP_PKEY pkey);
		420
		421	/* cookie generate callback */
		422	int (app_gen_cookie_cb)(SSL ssl, unsigned char *cookie,
		423	unsigned int *cookie_len);
		424
		425	/* verify cookie callback */
		426	int (app_verify_cookie_cb)(SSL ssl, unsigned char *cookie,
		427	unsigned int cookie_len);
		428
		429	void (info_callback)(const SSL ssl,int type,int val); /* used if SSL's info_callback is NULL */
		430
		431	/* callback that allows applications to peek at protocol messages */
		432	void (*msg_callback)(int write_p, int version, int content_type,
		433	const void buf, size_t len, SSL ssl, void *arg);
		434	void *msg_callback_arg;
		435
		436	int (default_verify_callback)(int ok,X509_STORE_CTX ctx); /* called 'verify_callback' in the SSL */
		437
		438	/* Default generate session ID callback. */
		439	GEN_SESSION_CB generate_session_id;
		440
		441	/* TLS extensions servername callback */
		442	int (tlsext_servername_callback)(SSL, int , void );
		443	void *tlsext_servername_arg;
		444
		445	/* Callback to support customisation of ticket key setting */
		446	int (tlsext_ticket_key_cb)(SSL ssl, unsigned char *name,
		447	unsigned char iv, EVP_CIPHER_CTX ectx, HMAC_CTX *hctx, int enc);
		448
		449	/* certificate status request info */
		450	/* Callback for status request */
		451	int (tlsext_status_cb)(SSL ssl, void *arg);
		452	void *tlsext_status_arg;
		453
395	struct {	454	struct {
396	int sess_connect; /* SSL new conn - started */	455	int sess_connect; /* SSL new conn - started */
397	int sess_connect_renegotiate;/* SSL reneg - requested */	456	int sess_connect_renegotiate;/* SSL reneg - requested */