OLD | NEW |
1 /* | 1 /* |
2 * This file is PRIVATE to SSL and should be the first thing included by | 2 * This file is PRIVATE to SSL and should be the first thing included by |
3 * any SSL implementation file. | 3 * any SSL implementation file. |
4 * | 4 * |
5 * ***** BEGIN LICENSE BLOCK ***** | 5 * ***** BEGIN LICENSE BLOCK ***** |
6 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 6 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
7 * | 7 * |
8 * The contents of this file are subject to the Mozilla Public License Version | 8 * The contents of this file are subject to the Mozilla Public License Version |
9 * 1.1 (the "License"); you may not use this file except in compliance with | 9 * 1.1 (the "License"); you may not use this file except in compliance with |
10 * the License. You may obtain a copy of the License at | 10 * the License. You may obtain a copy of the License at |
(...skipping 333 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
344 unsigned int noStepDown : 1; /* 15 */ | 344 unsigned int noStepDown : 1; /* 15 */ |
345 unsigned int bypassPKCS11 : 1; /* 16 */ | 345 unsigned int bypassPKCS11 : 1; /* 16 */ |
346 unsigned int noLocks : 1; /* 17 */ | 346 unsigned int noLocks : 1; /* 17 */ |
347 unsigned int enableSessionTickets : 1; /* 18 */ | 347 unsigned int enableSessionTickets : 1; /* 18 */ |
348 unsigned int enableDeflate : 1; /* 19 */ | 348 unsigned int enableDeflate : 1; /* 19 */ |
349 unsigned int enableRenegotiation : 2; /* 20-21 */ | 349 unsigned int enableRenegotiation : 2; /* 20-21 */ |
350 unsigned int requireSafeNegotiation : 1; /* 22 */ | 350 unsigned int requireSafeNegotiation : 1; /* 22 */ |
351 unsigned int enableFalseStart : 1; /* 23 */ | 351 unsigned int enableFalseStart : 1; /* 23 */ |
352 unsigned int enableSnapStart : 1; /* 24 */ | 352 unsigned int enableSnapStart : 1; /* 24 */ |
353 unsigned int enableOCSPStapling : 1; /* 25 */ | 353 unsigned int enableOCSPStapling : 1; /* 25 */ |
| 354 unsigned int enableCachedInfo : 1; /* 26 */ |
354 } sslOptions; | 355 } sslOptions; |
355 | 356 |
356 typedef enum { sslHandshakingUndetermined = 0, | 357 typedef enum { sslHandshakingUndetermined = 0, |
357 sslHandshakingAsClient, | 358 sslHandshakingAsClient, |
358 sslHandshakingAsServer | 359 sslHandshakingAsServer |
359 } sslHandshakingType; | 360 } sslHandshakingType; |
360 | 361 |
361 typedef struct sslServerCertsStr { | 362 typedef struct sslServerCertsStr { |
362 /* Configuration state for server sockets */ | 363 /* Configuration state for server sockets */ |
363 CERTCertificate * serverCert; | 364 CERTCertificate * serverCert; |
(...skipping 406 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
770 | 771 |
771 /* SNI Extension related data | 772 /* SNI Extension related data |
772 * Names data is not coppied from the input buffer. It can not be | 773 * Names data is not coppied from the input buffer. It can not be |
773 * used outside the scope where input buffer is defined and that | 774 * used outside the scope where input buffer is defined and that |
774 * is beyond ssl3_HandleClientHello function. */ | 775 * is beyond ssl3_HandleClientHello function. */ |
775 SECItem *sniNameArr; | 776 SECItem *sniNameArr; |
776 PRUint32 sniNameArrSize; | 777 PRUint32 sniNameArrSize; |
777 }; | 778 }; |
778 | 779 |
779 typedef enum { | 780 typedef enum { |
| 781 cached_info_certificate_chain = 1, |
| 782 cached_info_trusted_cas = 2 |
| 783 } TLSCachedInfoType; |
| 784 |
| 785 typedef enum { |
780 snap_start_none = 0, | 786 snap_start_none = 0, |
781 snap_start_full, | 787 snap_start_full, |
782 snap_start_recovery, | 788 snap_start_recovery, |
783 snap_start_resume, | 789 snap_start_resume, |
784 snap_start_resume_recovery | 790 snap_start_resume_recovery |
785 } TLSSnapStartType; | 791 } TLSSnapStartType; |
786 | 792 |
787 /* | 793 /* |
788 ** This is the "hs" member of the "ssl3" struct. | 794 ** This is the "hs" member of the "ssl3" struct. |
789 ** This entire struct is protected by ssl3HandshakeLock | 795 ** This entire struct is protected by ssl3HandshakeLock |
(...skipping 815 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1605 extern SECStatus ssl3_HandleServerNameXtn(sslSocket * ss, | 1611 extern SECStatus ssl3_HandleServerNameXtn(sslSocket * ss, |
1606 PRUint16 ex_type, SECItem *data); | 1612 PRUint16 ex_type, SECItem *data); |
1607 extern SECStatus ssl3_HandleSupportedCurvesXtn(sslSocket * ss, | 1613 extern SECStatus ssl3_HandleSupportedCurvesXtn(sslSocket * ss, |
1608 PRUint16 ex_type, SECItem *data); | 1614 PRUint16 ex_type, SECItem *data); |
1609 extern SECStatus ssl3_HandleSupportedPointFormatsXtn(sslSocket * ss, | 1615 extern SECStatus ssl3_HandleSupportedPointFormatsXtn(sslSocket * ss, |
1610 PRUint16 ex_type, SECItem *data); | 1616 PRUint16 ex_type, SECItem *data); |
1611 extern SECStatus ssl3_ClientHandleSessionTicketXtn(sslSocket *ss, | 1617 extern SECStatus ssl3_ClientHandleSessionTicketXtn(sslSocket *ss, |
1612 PRUint16 ex_type, SECItem *data); | 1618 PRUint16 ex_type, SECItem *data); |
1613 extern SECStatus ssl3_ClientHandleNextProtoNegoXtn(sslSocket *ss, | 1619 extern SECStatus ssl3_ClientHandleNextProtoNegoXtn(sslSocket *ss, |
1614 PRUint16 ex_type, SECItem *data); | 1620 PRUint16 ex_type, SECItem *data); |
| 1621 extern SECStatus ssl3_ClientHandleCachedInfoXtn(sslSocket *ss, |
| 1622 PRUint16 ex_type, SECItem *data); |
1615 extern SECStatus ssl3_ClientHandleStatusRequestXtn(sslSocket *ss, | 1623 extern SECStatus ssl3_ClientHandleStatusRequestXtn(sslSocket *ss, |
1616 PRUint16 ex_type, SECItem *data); | 1624 PRUint16 ex_type, SECItem *data); |
1617 extern SECStatus ssl3_ServerHandleSessionTicketXtn(sslSocket *ss, | 1625 extern SECStatus ssl3_ServerHandleSessionTicketXtn(sslSocket *ss, |
1618 PRUint16 ex_type, SECItem *data); | 1626 PRUint16 ex_type, SECItem *data); |
1619 extern SECStatus ssl3_ServerHandleNextProtoNegoXtn(sslSocket *ss, | 1627 extern SECStatus ssl3_ServerHandleNextProtoNegoXtn(sslSocket *ss, |
1620 PRUint16 ex_type, SECItem *data); | 1628 PRUint16 ex_type, SECItem *data); |
1621 | 1629 |
1622 /* ClientHello and ServerHello extension senders. | 1630 /* ClientHello and ServerHello extension senders. |
1623 * Note that not all extension senders are exposed here; only those that | 1631 * Note that not all extension senders are exposed here; only those that |
1624 * that need exposure. | 1632 * that need exposure. |
1625 */ | 1633 */ |
1626 extern PRInt32 ssl3_SendSessionTicketXtn(sslSocket *ss, PRBool append, | 1634 extern PRInt32 ssl3_SendSessionTicketXtn(sslSocket *ss, PRBool append, |
1627 PRUint32 maxBytes); | 1635 PRUint32 maxBytes); |
1628 extern PRInt32 ssl3_ClientSendStatusRequestXtn(sslSocket *ss, PRBool append, | 1636 extern PRInt32 ssl3_ClientSendStatusRequestXtn(sslSocket *ss, PRBool append, |
1629 PRUint32 maxBytes); | 1637 PRUint32 maxBytes); |
1630 | 1638 |
1631 /* ClientHello and ServerHello extension senders. | 1639 /* ClientHello and ServerHello extension senders. |
1632 * The code is in ssl3ext.c. | 1640 * The code is in ssl3ext.c. |
1633 */ | 1641 */ |
1634 extern PRInt32 ssl3_SendServerNameXtn(sslSocket *ss, PRBool append, | 1642 extern PRInt32 ssl3_SendServerNameXtn(sslSocket *ss, PRBool append, |
1635 PRUint32 maxBytes); | 1643 PRUint32 maxBytes); |
| 1644 extern PRInt32 ssl3_ClientSendCachedInfoXtn(sslSocket *ss, PRBool append, |
| 1645 PRUint32 maxBytes); |
1636 extern PRInt32 ssl3_SendSnapStartXtn(sslSocket *ss, PRBool append, | 1646 extern PRInt32 ssl3_SendSnapStartXtn(sslSocket *ss, PRBool append, |
1637 PRUint32 maxBytes); | 1647 PRUint32 maxBytes); |
1638 extern SECStatus ssl3_ClientHandleSnapStartXtn(sslSocket *ss, PRUint16 ex_type, | 1648 extern SECStatus ssl3_ClientHandleSnapStartXtn(sslSocket *ss, PRUint16 ex_type, |
1639 SECItem *data); | 1649 SECItem *data); |
1640 | 1650 |
1641 extern SECStatus ssl3_ResetForSnapStartRecovery(sslSocket *ss, | 1651 extern SECStatus ssl3_ResetForSnapStartRecovery(sslSocket *ss, |
1642 SSL3Opaque *b, PRUint32 length); | 1652 SSL3Opaque *b, PRUint32 length); |
1643 | 1653 |
1644 /* Assigns new cert, cert chain and keys to ss->serverCerts | 1654 /* Assigns new cert, cert chain and keys to ss->serverCerts |
1645 * struct. If certChain is NULL, tries to find one. Aborts if | 1655 * struct. If certChain is NULL, tries to find one. Aborts if |
(...skipping 139 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1785 #elif defined(_WIN32_WCE) | 1795 #elif defined(_WIN32_WCE) |
1786 #define SSL_GETPID GetCurrentProcessId | 1796 #define SSL_GETPID GetCurrentProcessId |
1787 #elif defined(WIN32) | 1797 #elif defined(WIN32) |
1788 extern int __cdecl _getpid(void); | 1798 extern int __cdecl _getpid(void); |
1789 #define SSL_GETPID _getpid | 1799 #define SSL_GETPID _getpid |
1790 #else | 1800 #else |
1791 #define SSL_GETPID() 0 | 1801 #define SSL_GETPID() 0 |
1792 #endif | 1802 #endif |
1793 | 1803 |
1794 #endif /* __sslimpl_h_ */ | 1804 #endif /* __sslimpl_h_ */ |
OLD | NEW |