diff options
Diffstat (limited to 'src/lib/libssl/ssl_locl.h')
| -rw-r--r-- | src/lib/libssl/ssl_locl.h | 26 |
1 files changed, 20 insertions, 6 deletions
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index b2af8fd7c9..6f66a8932e 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_locl.h,v 1.324 2021/02/27 14:20:50 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_locl.h,v 1.325 2021/03/10 18:27:01 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -407,6 +407,23 @@ typedef struct ssl_session_internal_st { | |||
| 407 | #define SSI(s) (s->session->internal) | 407 | #define SSI(s) (s->session->internal) |
| 408 | 408 | ||
| 409 | typedef struct ssl_handshake_st { | 409 | typedef struct ssl_handshake_st { |
| 410 | /* | ||
| 411 | * Minimum and maximum versions supported for this handshake. These are | ||
| 412 | * initialised at the start of a handshake based on the method in use | ||
| 413 | * and the current protocol version configuration. | ||
| 414 | */ | ||
| 415 | uint16_t our_min_tls_version; | ||
| 416 | uint16_t our_max_tls_version; | ||
| 417 | |||
| 418 | /* | ||
| 419 | * Version negotiated for this session. For a client this is set once | ||
| 420 | * the server selected version is parsed from the ServerHello (either | ||
| 421 | * from the legacy version or supported versions extension). For a | ||
| 422 | * server this is set once we select the version we will use with the | ||
| 423 | * client. | ||
| 424 | */ | ||
| 425 | uint16_t negotiated_tls_version; | ||
| 426 | |||
| 410 | /* state contains one of the SSL3_ST_* values. */ | 427 | /* state contains one of the SSL3_ST_* values. */ |
| 411 | int state; | 428 | int state; |
| 412 | 429 | ||
| @@ -435,10 +452,6 @@ typedef struct cert_pkey_st { | |||
| 435 | } CERT_PKEY; | 452 | } CERT_PKEY; |
| 436 | 453 | ||
| 437 | typedef struct ssl_handshake_tls13_st { | 454 | typedef struct ssl_handshake_tls13_st { |
| 438 | uint16_t min_version; | ||
| 439 | uint16_t max_version; | ||
| 440 | uint16_t version; | ||
| 441 | |||
| 442 | int use_legacy; | 455 | int use_legacy; |
| 443 | int hrr; | 456 | int hrr; |
| 444 | 457 | ||
| @@ -468,7 +481,6 @@ typedef struct ssl_handshake_tls13_st { | |||
| 468 | EVP_MD_CTX *clienthello_md_ctx; | 481 | EVP_MD_CTX *clienthello_md_ctx; |
| 469 | unsigned char *clienthello_hash; | 482 | unsigned char *clienthello_hash; |
| 470 | unsigned int clienthello_hash_len; | 483 | unsigned int clienthello_hash_len; |
| 471 | |||
| 472 | } SSL_HANDSHAKE_TLS13; | 484 | } SSL_HANDSHAKE_TLS13; |
| 473 | 485 | ||
| 474 | struct tls12_record_layer; | 486 | struct tls12_record_layer; |
| @@ -1117,6 +1129,8 @@ int ssl_version_set_max(const SSL_METHOD *meth, uint16_t proto_ver, | |||
| 1117 | uint16_t min_tls_ver, uint16_t *out_tls_ver, uint16_t *out_proto_ver); | 1129 | uint16_t min_tls_ver, uint16_t *out_tls_ver, uint16_t *out_proto_ver); |
| 1118 | int ssl_enabled_tls_version_range(SSL *s, uint16_t *min_ver, uint16_t *max_ver); | 1130 | int ssl_enabled_tls_version_range(SSL *s, uint16_t *min_ver, uint16_t *max_ver); |
| 1119 | int ssl_supported_tls_version_range(SSL *s, uint16_t *min_ver, uint16_t *max_ver); | 1131 | int ssl_supported_tls_version_range(SSL *s, uint16_t *min_ver, uint16_t *max_ver); |
| 1132 | uint16_t ssl_tls_version(uint16_t version); | ||
| 1133 | uint16_t ssl_effective_tls_version(SSL *s); | ||
| 1120 | int ssl_downgrade_max_version(SSL *s, uint16_t *max_ver); | 1134 | int ssl_downgrade_max_version(SSL *s, uint16_t *max_ver); |
| 1121 | int ssl_max_supported_version(SSL *s, uint16_t *max_ver); | 1135 | int ssl_max_supported_version(SSL *s, uint16_t *max_ver); |
| 1122 | int ssl_max_shared_version(SSL *s, uint16_t peer_ver, uint16_t *max_ver); | 1136 | int ssl_max_shared_version(SSL *s, uint16_t peer_ver, uint16_t *max_ver); |