From b64270d1e45fe7f3241e4c9b6ce60d5ac89bc2e9 Mon Sep 17 00:00:00 2001 From: beck <> Date: Wed, 15 May 2002 02:29:21 +0000 Subject: OpenSSL 0.9.7 stable 2002 05 08 merge --- src/lib/libssl/ssl3.h | 91 ++++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 83 insertions(+), 8 deletions(-) (limited to 'src/lib/libssl/ssl3.h') diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h index 7ee1feaa67..8fd6951d77 100644 --- a/src/lib/libssl/ssl3.h +++ b/src/lib/libssl/ssl3.h @@ -55,11 +55,64 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* ==================================================================== + * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ #ifndef HEADER_SSL3_H #define HEADER_SSL3_H -#ifndef NO_COMP +#ifndef OPENSSL_NO_COMP #include #endif #include @@ -105,6 +158,22 @@ extern "C" { #define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D #define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E +/* VRS Additional Kerberos5 entries + */ +#define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000021 +#define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000022 +#define SSL3_CK_KRB5_DES_64_CBC_SHA 0x03000023 +#define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000024 +#define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x03000025 +#define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000026 + +#define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA" +#define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5" +#define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA" +#define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5" +#define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA" +#define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5" + #define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5" #define SSL3_TXT_RSA_NULL_SHA "NULL-SHA" #define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5" @@ -149,7 +218,8 @@ extern "C" { #define SSL3_RT_HEADER_LENGTH 5 /* Due to MS stuffing up, this can change.... */ -#if defined(WIN16) || (defined(MSDOS) && !defined(WIN32)) +#if defined(OPENSSL_SYS_WIN16) || \ + (defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32)) #define SSL3_RT_MAX_EXTRA (14000) #else #define SSL3_RT_MAX_EXTRA (16384) @@ -201,10 +271,11 @@ typedef struct ssl3_record_st typedef struct ssl3_buffer_st { - unsigned char *buf; /* SSL3_RT_MAX_PACKET_SIZE bytes (more if - * SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER is set) */ - int offset; /* where to 'copy from' */ - int left; /* how many bytes left */ + unsigned char *buf; /* at least SSL3_RT_MAX_PACKET_SIZE bytes, + * see ssl3_setup_buffers() */ + size_t len; /* buffer size */ + int offset; /* where to 'copy from' */ + int left; /* how many bytes left */ } SSL3_BUFFER; #define SSL3_CT_RSA_SIGN 1 @@ -234,6 +305,10 @@ typedef struct ssl3_state_st unsigned char server_random[SSL3_RANDOM_SIZE]; unsigned char client_random[SSL3_RANDOM_SIZE]; + /* flags for countermeasure against known-IV weakness */ + int need_empty_fragments; + int empty_fragment_done; + SSL3_BUFFER rbuf; /* read IO goes into here */ SSL3_BUFFER wbuf; /* write IO goes into here */ @@ -292,7 +367,7 @@ typedef struct ssl3_state_st /* used to hold the new cipher we are going to use */ SSL_CIPHER *new_cipher; -#ifndef NO_DH +#ifndef OPENSSL_NO_DH DH *dh; #endif /* used when SSL_ST_FLUSH_DATA is entered */ @@ -313,7 +388,7 @@ typedef struct ssl3_state_st const EVP_CIPHER *new_sym_enc; const EVP_MD *new_hash; -#ifndef NO_COMP +#ifndef OPENSSL_NO_COMP const SSL_COMP *new_compression; #else char *new_compression; -- cgit v1.2.3-55-g6feb