OLD | NEW |
1 /* ssl/ssl.h */ | 1 /* ssl/ssl.h */ |
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 * All rights reserved. | 3 * All rights reserved. |
4 * | 4 * |
5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
8 * | 8 * |
9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
51 * SUCH DAMAGE. | 51 * SUCH DAMAGE. |
52 * | 52 * |
53 * The licence and distribution terms for any publically available version or | 53 * The licence and distribution terms for any publically available version or |
54 * derivative of this code cannot be changed. i.e. this code cannot simply be | 54 * derivative of this code cannot be changed. i.e. this code cannot simply be |
55 * copied and put under another distribution licence | 55 * copied and put under another distribution licence |
56 * [including the GNU Public Licence.] | 56 * [including the GNU Public Licence.] |
57 */ | 57 */ |
58 /* ==================================================================== | 58 /* ==================================================================== |
59 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. | 59 * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. |
60 * | 60 * |
61 * Redistribution and use in source and binary forms, with or without | 61 * Redistribution and use in source and binary forms, with or without |
62 * modification, are permitted provided that the following conditions | 62 * modification, are permitted provided that the following conditions |
63 * are met: | 63 * are met: |
64 * | 64 * |
65 * 1. Redistributions of source code must retain the above copyright | 65 * 1. Redistributions of source code must retain the above copyright |
66 * notice, this list of conditions and the following disclaimer. | 66 * notice, this list of conditions and the following disclaimer. |
67 * | 67 * |
68 * 2. Redistributions in binary form must reproduce the above copyright | 68 * 2. Redistributions in binary form must reproduce the above copyright |
69 * notice, this list of conditions and the following disclaimer in | 69 * notice, this list of conditions and the following disclaimer in |
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
103 * OF THE POSSIBILITY OF SUCH DAMAGE. | 103 * OF THE POSSIBILITY OF SUCH DAMAGE. |
104 * ==================================================================== | 104 * ==================================================================== |
105 * | 105 * |
106 * This product includes cryptographic software written by Eric Young | 106 * This product includes cryptographic software written by Eric Young |
107 * (eay@cryptsoft.com). This product includes software written by Tim | 107 * (eay@cryptsoft.com). This product includes software written by Tim |
108 * Hudson (tjh@cryptsoft.com). | 108 * Hudson (tjh@cryptsoft.com). |
109 * | 109 * |
110 */ | 110 */ |
111 /* ==================================================================== | 111 /* ==================================================================== |
112 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. | |
113 * | |
114 * Redistribution and use in source and binary forms, with or without | |
115 * modification, are permitted provided that the following conditions | |
116 * are met: | |
117 * | |
118 * 1. Redistributions of source code must retain the above copyright | |
119 * notice, this list of conditions and the following disclaimer. | |
120 * | |
121 * 2. Redistributions in binary form must reproduce the above copyright | |
122 * notice, this list of conditions and the following disclaimer in | |
123 * the documentation and/or other materials provided with the | |
124 * distribution. | |
125 * | |
126 * 3. All advertising materials mentioning features or use of this | |
127 * software must display the following acknowledgment: | |
128 * "This product includes software developed by the OpenSSL Project | |
129 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | |
130 * | |
131 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
132 * endorse or promote products derived from this software without | |
133 * prior written permission. For written permission, please contact | |
134 * openssl-core@openssl.org. | |
135 * | |
136 * 5. Products derived from this software may not be called "OpenSSL" | |
137 * nor may "OpenSSL" appear in their names without prior written | |
138 * permission of the OpenSSL Project. | |
139 * | |
140 * 6. Redistributions of any form whatsoever must retain the following | |
141 * acknowledgment: | |
142 * "This product includes software developed by the OpenSSL Project | |
143 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | |
144 * | |
145 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
146 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
147 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
148 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
149 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
150 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
151 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
152 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
153 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
154 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
155 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
156 * OF THE POSSIBILITY OF SUCH DAMAGE. | |
157 * ==================================================================== | |
158 * | |
159 * This product includes cryptographic software written by Eric Young | |
160 * (eay@cryptsoft.com). This product includes software written by Tim | |
161 * Hudson (tjh@cryptsoft.com). | |
162 * | |
163 */ | |
164 /* ==================================================================== | |
165 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. |
166 * ECC cipher suite support in OpenSSL originally developed by | 113 * ECC cipher suite support in OpenSSL originally developed by |
167 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. | 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. |
168 */ | 115 */ |
| 116 /* ==================================================================== |
| 117 * Copyright 2005 Nokia. All rights reserved. |
| 118 * |
| 119 * The portions of the attached software ("Contribution") is developed by |
| 120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source |
| 121 * license. |
| 122 * |
| 123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of |
| 124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites |
| 125 * support (see RFC 4279) to OpenSSL. |
| 126 * |
| 127 * No patent licenses or other rights except those expressly stated in |
| 128 * the OpenSSL open source license shall be deemed granted or received |
| 129 * expressly, by implication, estoppel, or otherwise. |
| 130 * |
| 131 * No assurances are provided by Nokia that the Contribution does not |
| 132 * infringe the patent or other intellectual property rights of any third |
| 133 * party or that the license provides you with all the necessary rights |
| 134 * to make use of the Contribution. |
| 135 * |
| 136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN |
| 137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA |
| 138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY |
| 139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR |
| 140 * OTHERWISE. |
| 141 */ |
169 | 142 |
170 #ifndef HEADER_SSL_H | 143 #ifndef HEADER_SSL_H |
171 #define HEADER_SSL_H | 144 #define HEADER_SSL_H |
172 | 145 |
173 #include <openssl/e_os2.h> | 146 #include <openssl/e_os2.h> |
174 | 147 |
175 #ifndef OPENSSL_NO_COMP | 148 #ifndef OPENSSL_NO_COMP |
176 #include <openssl/comp.h> | 149 #include <openssl/comp.h> |
177 #endif | 150 #endif |
178 #ifndef OPENSSL_NO_BIO | 151 #ifndef OPENSSL_NO_BIO |
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
241 #define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5 | 214 #define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5 |
242 #define SSL_MAX_KRB5_PRINCIPAL_LENGTH 256 | 215 #define SSL_MAX_KRB5_PRINCIPAL_LENGTH 256 |
243 | 216 |
244 #define SSL_MAX_SSL_SESSION_ID_LENGTH 32 | 217 #define SSL_MAX_SSL_SESSION_ID_LENGTH 32 |
245 #define SSL_MAX_SID_CTX_LENGTH 32 | 218 #define SSL_MAX_SID_CTX_LENGTH 32 |
246 | 219 |
247 #define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES (512/8) | 220 #define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES (512/8) |
248 #define SSL_MAX_KEY_ARG_LENGTH 8 | 221 #define SSL_MAX_KEY_ARG_LENGTH 8 |
249 #define SSL_MAX_MASTER_KEY_LENGTH 48 | 222 #define SSL_MAX_MASTER_KEY_LENGTH 48 |
250 | 223 |
| 224 |
251 /* These are used to specify which ciphers to use and not to use */ | 225 /* These are used to specify which ciphers to use and not to use */ |
| 226 |
| 227 #define SSL_TXT_EXP40 "EXPORT40" |
| 228 #define SSL_TXT_EXP56 "EXPORT56" |
252 #define SSL_TXT_LOW "LOW" | 229 #define SSL_TXT_LOW "LOW" |
253 #define SSL_TXT_MEDIUM "MEDIUM" | 230 #define SSL_TXT_MEDIUM "MEDIUM" |
254 #define SSL_TXT_HIGH "HIGH" | 231 #define SSL_TXT_HIGH "HIGH" |
255 #define SSL_TXT_FIPS "FIPS" | 232 #define SSL_TXT_FIPS "FIPS" |
256 #define SSL_TXT_kFZA» » "kFZA" | 233 |
257 #define»SSL_TXT_aFZA» » "aFZA" | 234 #define SSL_TXT_kFZA» » "kFZA" /* unused! */ |
258 #define SSL_TXT_eFZA» » "eFZA" | 235 #define»SSL_TXT_aFZA» » "aFZA" /* unused! */ |
259 #define SSL_TXT_FZA» » "FZA" | 236 #define SSL_TXT_eFZA» » "eFZA" /* unused! */ |
| 237 #define SSL_TXT_FZA» » "FZA" /* unused! */ |
260 | 238 |
261 #define SSL_TXT_aNULL "aNULL" | 239 #define SSL_TXT_aNULL "aNULL" |
262 #define SSL_TXT_eNULL "eNULL" | 240 #define SSL_TXT_eNULL "eNULL" |
263 #define SSL_TXT_NULL "NULL" | 241 #define SSL_TXT_NULL "NULL" |
264 | 242 |
| 243 #define SSL_TXT_kRSA "kRSA" |
| 244 #define SSL_TXT_kDHr "kDHr" /* no such ciphersuites supported! */ |
| 245 #define SSL_TXT_kDHd "kDHd" /* no such ciphersuites supported! */ |
| 246 #define SSL_TXT_kDH "kDH" /* no such ciphersuites supported! */ |
| 247 #define SSL_TXT_kEDH "kEDH" |
265 #define SSL_TXT_kKRB5 "kKRB5" | 248 #define SSL_TXT_kKRB5 "kKRB5" |
266 #define SSL_TXT_aKRB5 » "aKRB5" | 249 #define SSL_TXT_kECDHr» » "kECDHr" |
267 #define SSL_TXT_KRB5 » "KRB5" | 250 #define SSL_TXT_kECDHe» » "kECDHe" |
| 251 #define SSL_TXT_kECDH» » "kECDH" |
| 252 #define SSL_TXT_kEECDH» » "kEECDH" |
| 253 #define SSL_TXT_kPSK "kPSK" |
| 254 #define SSL_TXT_kGOST» » "kGOST" |
268 | 255 |
269 #define SSL_TXT_kRSA "kRSA" | |
270 #define SSL_TXT_kDHr "kDHr" | |
271 #define SSL_TXT_kDHd "kDHd" | |
272 #define SSL_TXT_kEDH "kEDH" | |
273 #define SSL_TXT_aRSA "aRSA" | 256 #define SSL_TXT_aRSA "aRSA" |
274 #define SSL_TXT_aDSS "aDSS" | 257 #define SSL_TXT_aDSS "aDSS" |
275 #define»SSL_TXT_aDH» » "aDH" | 258 #define»SSL_TXT_aDH» » "aDH" /* no such ciphersuites supported! */ |
| 259 #define»SSL_TXT_aECDH» » "aECDH" |
| 260 #define SSL_TXT_aKRB5 » "aKRB5" |
| 261 #define SSL_TXT_aECDSA» » "aECDSA" |
| 262 #define SSL_TXT_aPSK "aPSK" |
| 263 #define SSL_TXT_aGOST94»"aGOST94" |
| 264 #define SSL_TXT_aGOST01 "aGOST01" |
| 265 #define SSL_TXT_aGOST "aGOST" |
| 266 |
276 #define SSL_TXT_DSS "DSS" | 267 #define SSL_TXT_DSS "DSS" |
277 #define SSL_TXT_DH "DH" | 268 #define SSL_TXT_DH "DH" |
278 #define SSL_TXT_EDH» » "EDH" | 269 #define SSL_TXT_EDH» » "EDH" /* same as "kEDH:-ADH" */ |
279 #define SSL_TXT_ADH "ADH" | 270 #define SSL_TXT_ADH "ADH" |
280 #define SSL_TXT_RSA "RSA" | 271 #define SSL_TXT_RSA "RSA" |
| 272 #define SSL_TXT_ECDH "ECDH" |
| 273 #define SSL_TXT_EECDH "EECDH" /* same as "kEECDH:-AECDH" */ |
| 274 #define SSL_TXT_AECDH "AECDH" |
| 275 #define SSL_TXT_ECDSA "ECDSA" |
| 276 #define SSL_TXT_KRB5 "KRB5" |
| 277 #define SSL_TXT_PSK "PSK" |
| 278 |
281 #define SSL_TXT_DES "DES" | 279 #define SSL_TXT_DES "DES" |
282 #define SSL_TXT_3DES "3DES" | 280 #define SSL_TXT_3DES "3DES" |
283 #define SSL_TXT_RC4 "RC4" | 281 #define SSL_TXT_RC4 "RC4" |
284 #define SSL_TXT_RC2 "RC2" | 282 #define SSL_TXT_RC2 "RC2" |
285 #define SSL_TXT_IDEA "IDEA" | 283 #define SSL_TXT_IDEA "IDEA" |
286 #define SSL_TXT_SEED "SEED" | 284 #define SSL_TXT_SEED "SEED" |
| 285 #define SSL_TXT_AES128 "AES128" |
| 286 #define SSL_TXT_AES256 "AES256" |
287 #define SSL_TXT_AES "AES" | 287 #define SSL_TXT_AES "AES" |
| 288 #define SSL_TXT_CAMELLIA128 "CAMELLIA128" |
| 289 #define SSL_TXT_CAMELLIA256 "CAMELLIA256" |
288 #define SSL_TXT_CAMELLIA "CAMELLIA" | 290 #define SSL_TXT_CAMELLIA "CAMELLIA" |
| 291 |
289 #define SSL_TXT_MD5 "MD5" | 292 #define SSL_TXT_MD5 "MD5" |
290 #define SSL_TXT_SHA1 "SHA1" | 293 #define SSL_TXT_SHA1 "SHA1" |
291 #define SSL_TXT_SHA» » "SHA" | 294 #define SSL_TXT_SHA» » "SHA" /* same as "SHA1" */ |
292 #define SSL_TXT_EXP» » "EXP" | 295 #define SSL_TXT_GOST94» » "GOST94" |
293 #define SSL_TXT_EXPORT» » "EXPORT" | 296 #define SSL_TXT_GOST89MAC» » "GOST89MAC" |
294 #define SSL_TXT_EXP40» » "EXPORT40" | 297 |
295 #define SSL_TXT_EXP56» » "EXPORT56" | |
296 #define SSL_TXT_SSLV2 "SSLv2" | 298 #define SSL_TXT_SSLV2 "SSLv2" |
297 #define SSL_TXT_SSLV3 "SSLv3" | 299 #define SSL_TXT_SSLV3 "SSLv3" |
298 #define SSL_TXT_TLSV1 "TLSv1" | 300 #define SSL_TXT_TLSV1 "TLSv1" |
| 301 |
| 302 #define SSL_TXT_EXP "EXP" |
| 303 #define SSL_TXT_EXPORT "EXPORT" |
| 304 |
299 #define SSL_TXT_ALL "ALL" | 305 #define SSL_TXT_ALL "ALL" |
300 #define SSL_TXT_ECC "ECCdraft" /* ECC ciphersuites are not yet offic
ial */ | |
301 | 306 |
302 /* | 307 /* |
303 * COMPLEMENTOF* definitions. These identifiers are used to (de-select) | 308 * COMPLEMENTOF* definitions. These identifiers are used to (de-select) |
304 * ciphers normally not being used. | 309 * ciphers normally not being used. |
305 * Example: "RC4" will activate all ciphers using RC4 including ciphers | 310 * Example: "RC4" will activate all ciphers using RC4 including ciphers |
306 * without authentication, which would normally disabled by DEFAULT (due | 311 * without authentication, which would normally disabled by DEFAULT (due |
307 * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT" | 312 * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT" |
308 * will make sure that it is also disabled in the specific selection. | 313 * will make sure that it is also disabled in the specific selection. |
309 * COMPLEMENTOF* identifiers are portable between version, as adjustments | 314 * COMPLEMENTOF* identifiers are portable between version, as adjustments |
310 * to the default cipher setup will also be included here. | 315 * to the default cipher setup will also be included here. |
311 * | 316 * |
312 * COMPLEMENTOFDEFAULT does not experience the same special treatment that | 317 * COMPLEMENTOFDEFAULT does not experience the same special treatment that |
313 * DEFAULT gets, as only selection is being done and no sorting as needed | 318 * DEFAULT gets, as only selection is being done and no sorting as needed |
314 * for DEFAULT. | 319 * for DEFAULT. |
315 */ | 320 */ |
316 #define SSL_TXT_CMPALL "COMPLEMENTOFALL" | 321 #define SSL_TXT_CMPALL "COMPLEMENTOFALL" |
317 #define SSL_TXT_CMPDEF "COMPLEMENTOFDEFAULT" | 322 #define SSL_TXT_CMPDEF "COMPLEMENTOFDEFAULT" |
318 | 323 |
319 /* The following cipher list is used by default. | 324 /* The following cipher list is used by default. |
320 * It also is substituted when an application-defined cipher list string | 325 * It also is substituted when an application-defined cipher list string |
321 * starts with 'DEFAULT'. */ | 326 * starts with 'DEFAULT'. */ |
322 #define SSL_DEFAULT_CIPHER_LIST»"AES:ALL:!aNULL:!eNULL:+RC4:@STRENGTH" /* low pr
iority for RC4 */ | 327 #define SSL_DEFAULT_CIPHER_LIST»"ALL:!aNULL:!eNULL:!SSLv2" |
| 328 /* As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always |
| 329 * starts with a reasonable order, and all we have to do for DEFAULT is |
| 330 * throwing out anonymous and unencrypted ciphersuites! |
| 331 * (The latter are not actually enabled by ALL, but "ALL:RSA" would enable |
| 332 * some of them.) |
| 333 */ |
323 | 334 |
324 /* Used in SSL_set_shutdown()/SSL_get_shutdown(); */ | 335 /* Used in SSL_set_shutdown()/SSL_get_shutdown(); */ |
325 #define SSL_SENT_SHUTDOWN 1 | 336 #define SSL_SENT_SHUTDOWN 1 |
326 #define SSL_RECEIVED_SHUTDOWN 2 | 337 #define SSL_RECEIVED_SHUTDOWN 2 |
327 | 338 |
328 #ifdef __cplusplus | 339 #ifdef __cplusplus |
329 } | 340 } |
330 #endif | 341 #endif |
331 | 342 |
332 #ifdef __cplusplus | 343 #ifdef __cplusplus |
333 extern "C" { | 344 extern "C" { |
334 #endif | 345 #endif |
335 | 346 |
336 #if (defined(OPENSSL_NO_RSA) || defined(OPENSSL_NO_MD5)) && !defined(OPENSSL_NO_
SSL2) | 347 #if (defined(OPENSSL_NO_RSA) || defined(OPENSSL_NO_MD5)) && !defined(OPENSSL_NO_
SSL2) |
337 #define OPENSSL_NO_SSL2 | 348 #define OPENSSL_NO_SSL2 |
338 #endif | 349 #endif |
339 | 350 |
340 #define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1 | 351 #define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1 |
341 #define SSL_FILETYPE_PEM X509_FILETYPE_PEM | 352 #define SSL_FILETYPE_PEM X509_FILETYPE_PEM |
342 | 353 |
343 /* This is needed to stop compilers complaining about the | 354 /* This is needed to stop compilers complaining about the |
344 * 'struct ssl_st *' function parameters used to prototype callbacks | 355 * 'struct ssl_st *' function parameters used to prototype callbacks |
345 * in SSL_CTX. */ | 356 * in SSL_CTX. */ |
346 typedef struct ssl_st *ssl_crock_st; | 357 typedef struct ssl_st *ssl_crock_st; |
| 358 typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT; |
347 | 359 |
348 /* used to hold info on the particular ciphers used */ | 360 /* used to hold info on the particular ciphers used */ |
349 typedef struct ssl_cipher_st | 361 typedef struct ssl_cipher_st |
350 { | 362 { |
351 int valid; | 363 int valid; |
352 const char *name; /* text name */ | 364 const char *name; /* text name */ |
353 unsigned long id; /* id, 4 bytes, first is version */ | 365 unsigned long id; /* id, 4 bytes, first is version */ |
354 » unsigned long algorithms;» /* what ciphers are used */ | 366 |
| 367 » /* changed in 0.9.9: these four used to be portions of a single value 'a
lgorithms' */ |
| 368 » unsigned long algorithm_mkey;» /* key exchange algorithm */ |
| 369 » unsigned long algorithm_auth;» /* server authentication */ |
| 370 » unsigned long algorithm_enc;» /* symmetric encryption */ |
| 371 » unsigned long algorithm_mac;» /* symmetric authentication */ |
| 372 » unsigned long algorithm_ssl;» /* (major) protocol version */ |
| 373 |
355 unsigned long algo_strength; /* strength and export flags */ | 374 unsigned long algo_strength; /* strength and export flags */ |
356 unsigned long algorithm2; /* Extra flags */ | 375 unsigned long algorithm2; /* Extra flags */ |
357 int strength_bits; /* Number of bits really used */ | 376 int strength_bits; /* Number of bits really used */ |
358 int alg_bits; /* Number of bits for algorithm */ | 377 int alg_bits; /* Number of bits for algorithm */ |
359 unsigned long mask; /* used for matching */ | |
360 unsigned long mask_strength; /* also used for matching */ | |
361 } SSL_CIPHER; | 378 } SSL_CIPHER; |
362 | 379 |
363 DECLARE_STACK_OF(SSL_CIPHER) | 380 DECLARE_STACK_OF(SSL_CIPHER) |
364 | 381 |
| 382 typedef int (*tls_session_ticket_ext_cb_fn)(SSL *s, const unsigned char *data, i
nt len, void *arg); |
| 383 typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, S
TACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg); |
| 384 |
365 /* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ | 385 /* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ |
366 typedef struct ssl_method_st | 386 typedef struct ssl_method_st |
367 { | 387 { |
368 int version; | 388 int version; |
369 int (*ssl_new)(SSL *s); | 389 int (*ssl_new)(SSL *s); |
370 void (*ssl_clear)(SSL *s); | 390 void (*ssl_clear)(SSL *s); |
371 void (*ssl_free)(SSL *s); | 391 void (*ssl_free)(SSL *s); |
372 int (*ssl_accept)(SSL *s); | 392 int (*ssl_accept)(SSL *s); |
373 int (*ssl_connect)(SSL *s); | 393 int (*ssl_connect)(SSL *s); |
374 int (*ssl_read)(SSL *s,void *buf,int len); | 394 int (*ssl_read)(SSL *s,void *buf,int len); |
375 int (*ssl_peek)(SSL *s,void *buf,int len); | 395 int (*ssl_peek)(SSL *s,void *buf,int len); |
376 int (*ssl_write)(SSL *s,const void *buf,int len); | 396 int (*ssl_write)(SSL *s,const void *buf,int len); |
377 int (*ssl_shutdown)(SSL *s); | 397 int (*ssl_shutdown)(SSL *s); |
378 int (*ssl_renegotiate)(SSL *s); | 398 int (*ssl_renegotiate)(SSL *s); |
379 int (*ssl_renegotiate_check)(SSL *s); | 399 int (*ssl_renegotiate_check)(SSL *s); |
380 long (*ssl_get_message)(SSL *s, int st1, int stn, int mt, long | 400 long (*ssl_get_message)(SSL *s, int st1, int stn, int mt, long |
381 max, int *ok); | 401 max, int *ok); |
382 int (*ssl_read_bytes)(SSL *s, int type, unsigned char *buf, int len, | 402 int (*ssl_read_bytes)(SSL *s, int type, unsigned char *buf, int len, |
383 int peek); | 403 int peek); |
384 int (*ssl_write_bytes)(SSL *s, int type, const void *buf_, int len); | 404 int (*ssl_write_bytes)(SSL *s, int type, const void *buf_, int len); |
385 int (*ssl_dispatch_alert)(SSL *s); | 405 int (*ssl_dispatch_alert)(SSL *s); |
386 long (*ssl_ctrl)(SSL *s,int cmd,long larg,void *parg); | 406 long (*ssl_ctrl)(SSL *s,int cmd,long larg,void *parg); |
387 long (*ssl_ctx_ctrl)(SSL_CTX *ctx,int cmd,long larg,void *parg); | 407 long (*ssl_ctx_ctrl)(SSL_CTX *ctx,int cmd,long larg,void *parg); |
388 » SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr); | 408 » const SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr); |
389 int (*put_cipher_by_char)(const SSL_CIPHER *cipher,unsigned char *ptr); | 409 int (*put_cipher_by_char)(const SSL_CIPHER *cipher,unsigned char *ptr); |
390 int (*ssl_pending)(const SSL *s); | 410 int (*ssl_pending)(const SSL *s); |
391 int (*num_ciphers)(void); | 411 int (*num_ciphers)(void); |
392 » SSL_CIPHER *(*get_cipher)(unsigned ncipher); | 412 » const SSL_CIPHER *(*get_cipher)(unsigned ncipher); |
393 » struct ssl_method_st *(*get_ssl_method)(int version); | 413 » const struct ssl_method_st *(*get_ssl_method)(int version); |
394 long (*get_timeout)(void); | 414 long (*get_timeout)(void); |
395 struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */ | 415 struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */ |
396 int (*ssl_version)(void); | 416 int (*ssl_version)(void); |
397 long (*ssl_callback_ctrl)(SSL *s, int cb_id, void (*fp)(void)); | 417 long (*ssl_callback_ctrl)(SSL *s, int cb_id, void (*fp)(void)); |
398 long (*ssl_ctx_callback_ctrl)(SSL_CTX *s, int cb_id, void (*fp)(void)); | 418 long (*ssl_ctx_callback_ctrl)(SSL_CTX *s, int cb_id, void (*fp)(void)); |
399 } SSL_METHOD; | 419 } SSL_METHOD; |
400 | 420 |
401 /* Lets make this into an ASN.1 type structure as follows | 421 /* Lets make this into an ASN.1 type structure as follows |
402 * SSL_SESSION_ID ::= SEQUENCE { | 422 * SSL_SESSION_ID ::= SEQUENCE { |
403 * version INTEGER, -- structure version number | 423 * version INTEGER, -- structure version number |
404 * SSLversion INTEGER, -- SSL version number | 424 * SSLversion INTEGER, -- SSL version number |
405 *» Cipher »» » OCTET_STRING,» -- the 3 byte cipher ID | 425 *» Cipher »» » OCTET STRING,» -- the 3 byte cipher ID |
406 *» Session_ID » » OCTET_STRING,» -- the Session ID | 426 *» Session_ID » » OCTET STRING,» -- the Session ID |
407 *» Master_key » » OCTET_STRING,» -- the master key | 427 *» Master_key » » OCTET STRING,» -- the master key |
408 *» KRB5_principal» » OCTET_STRING» -- optional Kerberos principal | 428 *» KRB5_principal» » OCTET STRING» -- optional Kerberos principal |
409 *» Key_Arg [ 0 ] IMPLICIT» OCTET_STRING,» -- the optional Key argument | 429 *» Key_Arg [ 0 ] IMPLICIT» OCTET STRING,» -- the optional Key argument |
410 * Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time | 430 * Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time |
411 * Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds | 431 * Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds |
412 * Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate | 432 * Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate |
413 *» Session_ID_context [ 4 ] EXPLICIT OCTET_STRING, -- the Session ID cont
ext | 433 *» Session_ID_context [ 4 ] EXPLICIT OCTET STRING, -- the Session ID cont
ext |
414 *» Verify_result [ 5 ] EXPLICIT INTEGER -- X509_V_... code for `Peer' | 434 *» Verify_result [ 5 ] EXPLICIT INTEGER, -- X509_V_... code for `Peer' |
415 *» Compression [6] IMPLICIT ASN1_OBJECT» -- compression OID XXXXX | 435 *» HostName [ 6 ] EXPLICIT OCTET STRING, -- optional HostName from server
name TLS extension |
| 436 *» ECPointFormatList [ 7 ] OCTET STRING, -- optional EC point format li
st from TLS extension |
| 437 *» PSK_identity_hint [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity
hint |
| 438 *» PSK_identity [ 9 ] EXPLICIT OCTET STRING -- optional PSK identity |
416 * } | 439 * } |
417 * Look in ssl/ssl_asn1.c for more details | 440 * Look in ssl/ssl_asn1.c for more details |
418 * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-). | 441 * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-). |
419 */ | 442 */ |
420 typedef struct ssl_session_st | 443 typedef struct ssl_session_st |
421 { | 444 { |
422 int ssl_version; /* what ssl version session info is | 445 int ssl_version; /* what ssl version session info is |
423 * being kept in here? */ | 446 * being kept in here? */ |
424 | 447 |
425 /* only really used in SSLv2 */ | 448 /* only really used in SSLv2 */ |
426 unsigned int key_arg_length; | 449 unsigned int key_arg_length; |
427 unsigned char key_arg[SSL_MAX_KEY_ARG_LENGTH]; | 450 unsigned char key_arg[SSL_MAX_KEY_ARG_LENGTH]; |
428 int master_key_length; | 451 int master_key_length; |
429 unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH]; | 452 unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH]; |
430 /* session_id - valid? */ | 453 /* session_id - valid? */ |
431 unsigned int session_id_length; | 454 unsigned int session_id_length; |
432 unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH]; | 455 unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH]; |
433 /* this is used to determine whether the session is being reused in | 456 /* this is used to determine whether the session is being reused in |
434 * the appropriate context. It is up to the application to set this, | 457 * the appropriate context. It is up to the application to set this, |
435 * via SSL_new */ | 458 * via SSL_new */ |
436 unsigned int sid_ctx_length; | 459 unsigned int sid_ctx_length; |
437 unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH]; | 460 unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH]; |
438 | 461 |
439 #ifndef OPENSSL_NO_KRB5 | 462 #ifndef OPENSSL_NO_KRB5 |
440 unsigned int krb5_client_princ_len; | 463 unsigned int krb5_client_princ_len; |
441 unsigned char krb5_client_princ[SSL_MAX_KRB5_PRINCIPAL_LENGTH]; | 464 unsigned char krb5_client_princ[SSL_MAX_KRB5_PRINCIPAL_LENGTH]; |
442 #endif /* OPENSSL_NO_KRB5 */ | 465 #endif /* OPENSSL_NO_KRB5 */ |
443 | 466 #ifndef OPENSSL_NO_PSK |
| 467 » char *psk_identity_hint; |
| 468 » char *psk_identity; |
| 469 #endif |
444 int not_resumable; | 470 int not_resumable; |
445 | 471 |
446 /* The cert is the certificate used to establish this connection */ | 472 /* The cert is the certificate used to establish this connection */ |
447 struct sess_cert_st /* SESS_CERT */ *sess_cert; | 473 struct sess_cert_st /* SESS_CERT */ *sess_cert; |
448 | 474 |
449 /* This is the cert for the other end. | 475 /* This is the cert for the other end. |
450 * On clients, it will be the same as sess_cert->peer_key->x509 | 476 * On clients, it will be the same as sess_cert->peer_key->x509 |
451 * (the latter is not enough as sess_cert is not retained | 477 * (the latter is not enough as sess_cert is not retained |
452 * in the external representation of sessions, see ssl_asn1.c). */ | 478 * in the external representation of sessions, see ssl_asn1.c). */ |
453 X509 *peer; | 479 X509 *peer; |
454 /* when app_verify_callback accepts a session where the peer's certifica
te | 480 /* when app_verify_callback accepts a session where the peer's certifica
te |
455 * is not ok, we must remember the error for session reuse: */ | 481 * is not ok, we must remember the error for session reuse: */ |
456 long verify_result; /* only for servers */ | 482 long verify_result; /* only for servers */ |
457 | 483 |
458 int references; | 484 int references; |
459 long timeout; | 485 long timeout; |
460 long time; | 486 long time; |
461 | 487 |
462 » int compress_meth;» » /* Need to lookup the method */ | 488 » unsigned int compress_meth;» /* Need to lookup the method */ |
463 | 489 |
464 » SSL_CIPHER *cipher; | 490 » const SSL_CIPHER *cipher; |
465 unsigned long cipher_id; /* when ASN.1 loaded, this | 491 unsigned long cipher_id; /* when ASN.1 loaded, this |
466 * needs to be used to load | 492 * needs to be used to load |
467 * the 'cipher' structure */ | 493 * the 'cipher' structure */ |
468 | 494 |
469 STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */ | 495 STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */ |
470 | 496 |
471 CRYPTO_EX_DATA ex_data; /* application specific data */ | 497 CRYPTO_EX_DATA ex_data; /* application specific data */ |
472 | 498 |
473 /* These are used to make removal of session-ids more | 499 /* These are used to make removal of session-ids more |
474 * efficient and to implement a maximum cache size. */ | 500 * efficient and to implement a maximum cache size. */ |
475 struct ssl_session_st *prev,*next; | 501 struct ssl_session_st *prev,*next; |
476 #ifndef OPENSSL_NO_TLSEXT | 502 #ifndef OPENSSL_NO_TLSEXT |
477 char *tlsext_hostname; | 503 char *tlsext_hostname; |
| 504 #ifndef OPENSSL_NO_EC |
| 505 size_t tlsext_ecpointformatlist_length; |
| 506 unsigned char *tlsext_ecpointformatlist; /* peer's list */ |
| 507 size_t tlsext_ellipticcurvelist_length; |
| 508 unsigned char *tlsext_ellipticcurvelist; /* peer's list */ |
| 509 #endif /* OPENSSL_NO_EC */ |
478 /* RFC4507 info */ | 510 /* RFC4507 info */ |
479 unsigned char *tlsext_tick; /* Session ticket */ | 511 unsigned char *tlsext_tick; /* Session ticket */ |
480 size_t tlsext_ticklen; /* Session ticket length */ | 512 size_t tlsext_ticklen; /* Session ticket length */ |
481 long tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */ | 513 long tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */ |
482 #endif | 514 #endif |
483 } SSL_SESSION; | 515 } SSL_SESSION; |
484 | 516 |
485 | 517 |
486 #define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L | 518 #define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L |
487 #define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L | 519 #define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L |
488 /* Allow initial connection to servers that don't support RI */ | 520 /* Allow initial connection to servers that don't support RI */ |
489 #define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L | 521 #define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L |
490 #define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L | 522 #define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L |
491 #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L | 523 #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L |
492 #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L | 524 #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L |
493 #define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L /* no effect
since 0.9.7h and 0.9.8b */ | 525 #define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L /* no effect
since 0.9.7h and 0.9.8b */ |
494 #define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L | 526 #define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L |
495 #define SSL_OP_TLS_D5_BUG 0x00000100L | 527 #define SSL_OP_TLS_D5_BUG 0x00000100L |
496 #define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L | 528 #define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L |
497 | 529 |
498 /* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added | 530 /* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added |
499 * in OpenSSL 0.9.6d. Usually (depending on the application protocol) | 531 * in OpenSSL 0.9.6d. Usually (depending on the application protocol) |
500 * the workaround is not needed. Unfortunately some broken SSL/TLS | 532 * the workaround is not needed. Unfortunately some broken SSL/TLS |
501 * implementations cannot handle it at all, which is why we include | 533 * implementations cannot handle it at all, which is why we include |
502 * it in SSL_OP_ALL. */ | 534 * it in SSL_OP_ALL. */ |
503 #define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0x00000800L /* added in
0.9.6e */ | 535 #define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0x00000800L /* added in
0.9.6e */ |
504 | 536 |
505 /* SSL_OP_ALL: various bug workarounds that should be rather harmless. | 537 /* SSL_OP_ALL: various bug workarounds that should be rather harmless. |
506 * This used to be 0x000FFFFFL before 0.9.7. */ | 538 * This used to be 0x000FFFFFL before 0.9.7. */ |
507 #define SSL_OP_ALL» » » » » 0x00000FFFL | 539 #define SSL_OP_ALL» » » » » 0x80000FFFL |
508 | 540 |
509 /* DTLS options */ | 541 /* DTLS options */ |
510 #define SSL_OP_NO_QUERY_MTU 0x00001000L | 542 #define SSL_OP_NO_QUERY_MTU 0x00001000L |
511 /* Turn on Cookie Exchange (on relevant for servers) */ | 543 /* Turn on Cookie Exchange (on relevant for servers) */ |
512 #define SSL_OP_COOKIE_EXCHANGE 0x00002000L | 544 #define SSL_OP_COOKIE_EXCHANGE 0x00002000L |
513 /* Don't use RFC4507 ticket extension */ | 545 /* Don't use RFC4507 ticket extension */ |
514 #define SSL_OP_NO_TICKET 0x00004000L | 546 #define SSL_OP_NO_TICKET 0x00004000L |
515 /* Use Cisco's "speshul" version of DTLS_BAD_VER (as client) */ | 547 /* Use Cisco's "speshul" version of DTLS_BAD_VER (as client) */ |
516 #define SSL_OP_CISCO_ANYCONNECT 0x00008000L | 548 #define SSL_OP_CISCO_ANYCONNECT 0x00008000L |
517 | 549 |
518 /* As server, disallow session resumption on renegotiation */ | 550 /* As server, disallow session resumption on renegotiation */ |
519 #define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L | 551 #define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L |
| 552 /* Don't use compression even if supported */ |
| 553 #define SSL_OP_NO_COMPRESSION 0x00020000L |
520 /* Permit unsafe legacy renegotiation */ | 554 /* Permit unsafe legacy renegotiation */ |
521 #define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L | 555 #define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L |
522 /* If set, always create a new key when using tmp_ecdh parameters */ | 556 /* If set, always create a new key when using tmp_ecdh parameters */ |
523 #define SSL_OP_SINGLE_ECDH_USE 0x00080000L | 557 #define SSL_OP_SINGLE_ECDH_USE 0x00080000L |
524 /* If set, always create a new key when using tmp_dh parameters */ | 558 /* If set, always create a new key when using tmp_dh parameters */ |
525 #define SSL_OP_SINGLE_DH_USE 0x00100000L | 559 #define SSL_OP_SINGLE_DH_USE 0x00100000L |
526 /* Set to always use the tmp_rsa key when doing RSA operations, | 560 /* Set to always use the tmp_rsa key when doing RSA operations, |
527 * even when this violates protocol specs */ | 561 * even when this violates protocol specs */ |
528 #define SSL_OP_EPHEMERAL_RSA 0x00200000L | 562 #define SSL_OP_EPHEMERAL_RSA 0x00200000L |
529 /* Set on servers to choose the cipher according to the server's | 563 /* Set on servers to choose the cipher according to the server's |
530 * preferences */ | 564 * preferences */ |
531 #define SSL_OP_CIPHER_SERVER_PREFERENCE 0x00400000L | 565 #define SSL_OP_CIPHER_SERVER_PREFERENCE 0x00400000L |
532 /* If set, a server will allow a client to issue a SSLv3.0 version number | 566 /* If set, a server will allow a client to issue a SSLv3.0 version number |
533 * as latest version supported in the premaster secret, even when TLSv1.0 | 567 * as latest version supported in the premaster secret, even when TLSv1.0 |
534 * (version 3.1) was announced in the client hello. Normally this is | 568 * (version 3.1) was announced in the client hello. Normally this is |
535 * forbidden to prevent version rollback attacks. */ | 569 * forbidden to prevent version rollback attacks. */ |
536 #define SSL_OP_TLS_ROLLBACK_BUG 0x00800000L | 570 #define SSL_OP_TLS_ROLLBACK_BUG 0x00800000L |
537 | 571 |
538 #define SSL_OP_NO_SSLv2 0x01000000L | 572 #define SSL_OP_NO_SSLv2 0x01000000L |
539 #define SSL_OP_NO_SSLv3 0x02000000L | 573 #define SSL_OP_NO_SSLv3 0x02000000L |
540 #define SSL_OP_NO_TLSv1 0x04000000L | 574 #define SSL_OP_NO_TLSv1 0x04000000L |
541 | 575 |
542 /* The next flag deliberately changes the ciphertest, this is a check | 576 /* The next flag deliberately changes the ciphertest, this is a check |
543 * for the PKCS#1 attack */ | 577 * for the PKCS#1 attack */ |
544 #define SSL_OP_PKCS1_CHECK_1 0x08000000L | 578 #define SSL_OP_PKCS1_CHECK_1 0x08000000L |
545 #define SSL_OP_PKCS1_CHECK_2 0x10000000L | 579 #define SSL_OP_PKCS1_CHECK_2 0x10000000L |
546 #define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L | 580 #define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L |
547 #define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x40000000L | 581 #define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x40000000L |
548 | 582 /* Make server add server-hello extension from early version of |
| 583 * cryptopro draft, when GOST ciphersuite is negotiated. |
| 584 * Required for interoperability with CryptoPro CSP 3.x |
| 585 */ |
| 586 #define SSL_OP_CRYPTOPRO_TLSEXT_BUG» » » 0x80000000L |
549 | 587 |
550 /* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success | 588 /* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success |
551 * when just a single record has been written): */ | 589 * when just a single record has been written): */ |
552 #define SSL_MODE_ENABLE_PARTIAL_WRITE 0x00000001L | 590 #define SSL_MODE_ENABLE_PARTIAL_WRITE 0x00000001L |
553 /* Make it possible to retry SSL_write() with changed buffer location | 591 /* Make it possible to retry SSL_write() with changed buffer location |
554 * (buffer contents must stay the same!); this is not the default to avoid | 592 * (buffer contents must stay the same!); this is not the default to avoid |
555 * the misconception that non-blocking SSL_write() behaves like | 593 * the misconception that non-blocking SSL_write() behaves like |
556 * non-blocking write(): */ | 594 * non-blocking write(): */ |
557 #define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L | 595 #define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L |
558 /* Never bother the application with retries if the transport | 596 /* Never bother the application with retries if the transport |
559 * is blocking: */ | 597 * is blocking: */ |
560 #define SSL_MODE_AUTO_RETRY 0x00000004L | 598 #define SSL_MODE_AUTO_RETRY 0x00000004L |
561 /* Don't attempt to automatically build certificate chain */ | 599 /* Don't attempt to automatically build certificate chain */ |
562 #define SSL_MODE_NO_AUTO_CHAIN 0x00000008L | 600 #define SSL_MODE_NO_AUTO_CHAIN 0x00000008L |
| 601 /* Save RAM by releasing read and write buffers when they're empty. (SSL3 and |
| 602 * TLS only.) "Released" buffers are put onto a free-list in the context |
| 603 * or just freed (depending on the context's setting for freelist_max_len). */ |
| 604 #define SSL_MODE_RELEASE_BUFFERS 0x00000010L |
| 605 /* Use small read and write buffers: (a) lazy allocate read buffers for |
| 606 * large incoming records, and (b) limit the size of outgoing records. */ |
| 607 #define SSL_MODE_SMALL_BUFFERS 0x00000020L |
563 /* When set, clients may send application data before receipt of CCS | 608 /* When set, clients may send application data before receipt of CCS |
564 * and Finished. This mode enables full-handshakes to 'complete' in | 609 * and Finished. This mode enables full-handshakes to 'complete' in |
565 * one RTT. */ | 610 * one RTT. */ |
566 #define SSL_MODE_HANDSHAKE_CUTTHROUGH 0x00000020L | 611 #define SSL_MODE_HANDSHAKE_CUTTHROUGH 0x00000040L |
567 | 612 |
568 /* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, | 613 /* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, |
569 * they cannot be used to clear bits. */ | 614 * they cannot be used to clear bits. */ |
570 | 615 |
571 #define SSL_CTX_set_options(ctx,op) \ | 616 #define SSL_CTX_set_options(ctx,op) \ |
572 SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL) | 617 SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL) |
573 #define SSL_CTX_clear_options(ctx,op) \ | 618 #define SSL_CTX_clear_options(ctx,op) \ |
574 SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_OPTIONS,(op),NULL) | 619 SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_OPTIONS,(op),NULL) |
575 #define SSL_CTX_get_options(ctx) \ | 620 #define SSL_CTX_get_options(ctx) \ |
576 SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL) | 621 SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL) |
(...skipping 58 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
635 int id; | 680 int id; |
636 const char *name; | 681 const char *name; |
637 #ifndef OPENSSL_NO_COMP | 682 #ifndef OPENSSL_NO_COMP |
638 COMP_METHOD *method; | 683 COMP_METHOD *method; |
639 #else | 684 #else |
640 char *method; | 685 char *method; |
641 #endif | 686 #endif |
642 } SSL_COMP; | 687 } SSL_COMP; |
643 | 688 |
644 DECLARE_STACK_OF(SSL_COMP) | 689 DECLARE_STACK_OF(SSL_COMP) |
| 690 DECLARE_LHASH_OF(SSL_SESSION); |
645 | 691 |
646 struct ssl_ctx_st | 692 struct ssl_ctx_st |
647 { | 693 { |
648 » SSL_METHOD *method; | 694 » const SSL_METHOD *method; |
649 | 695 |
650 STACK_OF(SSL_CIPHER) *cipher_list; | 696 STACK_OF(SSL_CIPHER) *cipher_list; |
651 /* same as above but sorted for lookup */ | 697 /* same as above but sorted for lookup */ |
652 STACK_OF(SSL_CIPHER) *cipher_list_by_id; | 698 STACK_OF(SSL_CIPHER) *cipher_list_by_id; |
653 | 699 |
654 struct x509_store_st /* X509_STORE */ *cert_store; | 700 struct x509_store_st /* X509_STORE */ *cert_store; |
655 » struct lhash_st /* LHASH */ *sessions;» /* a set of SSL_SESSIONs */ | 701 » LHASH_OF(SSL_SESSION) *sessions; |
656 /* Most session-ids that will be cached, default is | 702 /* Most session-ids that will be cached, default is |
657 * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. */ | 703 * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. */ |
658 unsigned long session_cache_size; | 704 unsigned long session_cache_size; |
659 struct ssl_session_st *session_cache_head; | 705 struct ssl_session_st *session_cache_head; |
660 struct ssl_session_st *session_cache_tail; | 706 struct ssl_session_st *session_cache_tail; |
661 | 707 |
662 /* This can have one of 2 values, ored together, | 708 /* This can have one of 2 values, ored together, |
663 * SSL_SESS_CACHE_CLIENT, | 709 * SSL_SESS_CACHE_CLIENT, |
664 * SSL_SESS_CACHE_SERVER, | 710 * SSL_SESS_CACHE_SERVER, |
665 * Default is SSL_SESSION_CACHE_SERVER, which means only | 711 * Default is SSL_SESSION_CACHE_SERVER, which means only |
(...skipping 97 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
763 int verify_mode; | 809 int verify_mode; |
764 unsigned int sid_ctx_length; | 810 unsigned int sid_ctx_length; |
765 unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH]; | 811 unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH]; |
766 int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx); /* called 'v
erify_callback' in the SSL */ | 812 int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx); /* called 'v
erify_callback' in the SSL */ |
767 | 813 |
768 /* Default generate session ID callback. */ | 814 /* Default generate session ID callback. */ |
769 GEN_SESSION_CB generate_session_id; | 815 GEN_SESSION_CB generate_session_id; |
770 | 816 |
771 X509_VERIFY_PARAM *param; | 817 X509_VERIFY_PARAM *param; |
772 | 818 |
773 /* The configured Snap Start orbit value, if set. */ | |
774 char snap_start_orbit_valid; | |
775 unsigned char snap_start_orbit[8]; | |
776 | |
777 | |
778 #if 0 | 819 #if 0 |
779 int purpose; /* Purpose setting */ | 820 int purpose; /* Purpose setting */ |
780 int trust; /* Trust setting */ | 821 int trust; /* Trust setting */ |
781 #endif | 822 #endif |
782 | 823 |
783 int quiet_shutdown; | 824 int quiet_shutdown; |
784 | 825 |
| 826 /* Maximum amount of data to send in one fragment. |
| 827 * actual record size can be more than this due to |
| 828 * padding and MAC overheads. |
| 829 */ |
| 830 unsigned int max_send_fragment; |
| 831 |
785 #ifndef OPENSSL_ENGINE | 832 #ifndef OPENSSL_ENGINE |
786 /* Engine to pass requests for client certs to | 833 /* Engine to pass requests for client certs to |
787 */ | 834 */ |
788 ENGINE *client_cert_engine; | 835 ENGINE *client_cert_engine; |
789 #endif | 836 #endif |
790 | 837 |
791 #ifndef OPENSSL_NO_TLSEXT | 838 #ifndef OPENSSL_NO_TLSEXT |
792 /* TLS extensions servername callback */ | 839 /* TLS extensions servername callback */ |
793 int (*tlsext_servername_callback)(SSL*, int *, void *); | 840 int (*tlsext_servername_callback)(SSL*, int *, void *); |
794 void *tlsext_servername_arg; | 841 void *tlsext_servername_arg; |
795 /* RFC 4507 session ticket keys */ | 842 /* RFC 4507 session ticket keys */ |
796 unsigned char tlsext_tick_key_name[16]; | 843 unsigned char tlsext_tick_key_name[16]; |
797 unsigned char tlsext_tick_hmac_key[16]; | 844 unsigned char tlsext_tick_hmac_key[16]; |
798 unsigned char tlsext_tick_aes_key[16]; | 845 unsigned char tlsext_tick_aes_key[16]; |
799 /* Callback to support customisation of ticket key setting */ | 846 /* Callback to support customisation of ticket key setting */ |
800 int (*tlsext_ticket_key_cb)(SSL *ssl, | 847 int (*tlsext_ticket_key_cb)(SSL *ssl, |
801 unsigned char *name, unsigned char *iv, | 848 unsigned char *name, unsigned char *iv, |
802 EVP_CIPHER_CTX *ectx, | 849 EVP_CIPHER_CTX *ectx, |
803 » » » » » HMAC_CTX *hctx, int enc); | 850 » » » » » HMAC_CTX *hctx, int enc); |
804 | 851 |
805 /* certificate status request info */ | 852 /* certificate status request info */ |
806 /* Callback for status request */ | 853 /* Callback for status request */ |
807 int (*tlsext_status_cb)(SSL *ssl, void *arg); | 854 int (*tlsext_status_cb)(SSL *ssl, void *arg); |
808 void *tlsext_status_arg; | 855 void *tlsext_status_arg; |
809 | 856 |
| 857 /* draft-rescorla-tls-opaque-prf-input-00.txt information */ |
| 858 int (*tlsext_opaque_prf_input_callback)(SSL *, void *peerinput, size_t l
en, void *arg); |
| 859 void *tlsext_opaque_prf_input_callback_arg; |
| 860 |
| 861 # ifndef OPENSSL_NO_NEXTPROTONEG |
810 /* Next protocol negotiation information */ | 862 /* Next protocol negotiation information */ |
811 /* (for experimental NPN extension). */ | 863 /* (for experimental NPN extension). */ |
812 | 864 |
813 /* For a server, this contains a callback function by which the set of | 865 /* For a server, this contains a callback function by which the set of |
814 * advertised protocols can be provided. */ | 866 * advertised protocols can be provided. */ |
815 int (*next_protos_advertised_cb)(SSL *s, const unsigned char **buf, | 867 int (*next_protos_advertised_cb)(SSL *s, const unsigned char **buf, |
816 unsigned int *len, void *arg); | 868 unsigned int *len, void *arg); |
817 void *next_protos_advertised_cb_arg; | 869 void *next_protos_advertised_cb_arg; |
818 /* For a client, this contains a callback function that selects the | 870 /* For a client, this contains a callback function that selects the |
819 * next protocol from the list provided by the server. */ | 871 * next protocol from the list provided by the server. */ |
820 int (*next_proto_select_cb)(SSL *s, unsigned char **out, | 872 int (*next_proto_select_cb)(SSL *s, unsigned char **out, |
821 unsigned char *outlen, | 873 unsigned char *outlen, |
822 const unsigned char *in, | 874 const unsigned char *in, |
823 unsigned int inlen, | 875 unsigned int inlen, |
824 void *arg); | 876 void *arg); |
825 void *next_proto_select_cb_arg; | 877 void *next_proto_select_cb_arg; |
| 878 # endif |
826 #endif | 879 #endif |
827 | 880 |
| 881 #ifndef OPENSSL_NO_PSK |
| 882 char *psk_identity_hint; |
| 883 unsigned int (*psk_client_callback)(SSL *ssl, const char *hint, char *id
entity, |
| 884 unsigned int max_identity_len, unsigned char *psk, |
| 885 unsigned int max_psk_len); |
| 886 unsigned int (*psk_server_callback)(SSL *ssl, const char *identity, |
| 887 unsigned char *psk, unsigned int max_psk_len); |
| 888 #endif |
| 889 |
| 890 #ifndef OPENSSL_NO_BUF_FREELISTS |
| 891 #define SSL_MAX_BUF_FREELIST_LEN_DEFAULT 32 |
| 892 unsigned int freelist_max_len; |
| 893 struct ssl3_buf_freelist_st *wbuf_freelist; |
| 894 struct ssl3_buf_freelist_st *rbuf_freelist; |
| 895 #endif |
828 }; | 896 }; |
829 | 897 |
830 #define SSL_SESS_CACHE_OFF 0x0000 | 898 #define SSL_SESS_CACHE_OFF 0x0000 |
831 #define SSL_SESS_CACHE_CLIENT 0x0001 | 899 #define SSL_SESS_CACHE_CLIENT 0x0001 |
832 #define SSL_SESS_CACHE_SERVER 0x0002 | 900 #define SSL_SESS_CACHE_SERVER 0x0002 |
833 #define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER) | 901 #define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER) |
834 #define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080 | 902 #define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080 |
835 /* enough comments already ... see SSL_CTX_set_session_cache_mode(3) */ | 903 /* enough comments already ... see SSL_CTX_set_session_cache_mode(3) */ |
836 #define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100 | 904 #define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100 |
837 #define SSL_SESS_CACHE_NO_INTERNAL_STORE 0x0200 | 905 #define SSL_SESS_CACHE_NO_INTERNAL_STORE 0x0200 |
838 #define SSL_SESS_CACHE_NO_INTERNAL \ | 906 #define SSL_SESS_CACHE_NO_INTERNAL \ |
839 (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE) | 907 (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE) |
840 | 908 |
841 struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx); | 909 LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx); |
842 #define SSL_CTX_sess_number(ctx) \ | 910 #define SSL_CTX_sess_number(ctx) \ |
843 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL) | 911 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL) |
844 #define SSL_CTX_sess_connect(ctx) \ | 912 #define SSL_CTX_sess_connect(ctx) \ |
845 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL) | 913 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL) |
846 #define SSL_CTX_sess_connect_good(ctx) \ | 914 #define SSL_CTX_sess_connect_good(ctx) \ |
847 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL) | 915 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL) |
848 #define SSL_CTX_sess_connect_renegotiate(ctx) \ | 916 #define SSL_CTX_sess_connect_renegotiate(ctx) \ |
849 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL) | 917 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL) |
850 #define SSL_CTX_sess_accept(ctx) \ | 918 #define SSL_CTX_sess_accept(ctx) \ |
851 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL) | 919 SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL) |
(...skipping 20 matching lines...) Expand all Loading... |
872 SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(struct ssl_st *ssl, unsign
ed char *Data, int len, int *copy); | 940 SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(struct ssl_st *ssl, unsign
ed char *Data, int len, int *copy); |
873 void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*cb)(const SSL *ssl,int type,
int val)); | 941 void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*cb)(const SSL *ssl,int type,
int val)); |
874 void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl,int type,int val)
; | 942 void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl,int type,int val)
; |
875 void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*client_cert_cb)(SSL *ssl, X5
09 **x509, EVP_PKEY **pkey)); | 943 void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*client_cert_cb)(SSL *ssl, X5
09 **x509, EVP_PKEY **pkey)); |
876 int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY
**pkey); | 944 int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY
**pkey); |
877 #ifndef OPENSSL_NO_ENGINE | 945 #ifndef OPENSSL_NO_ENGINE |
878 int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e); | 946 int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e); |
879 #endif | 947 #endif |
880 void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, int (*app_gen_cookie_cb)(SSL *
ssl, unsigned char *cookie, unsigned int *cookie_len)); | 948 void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, int (*app_gen_cookie_cb)(SSL *
ssl, unsigned char *cookie, unsigned int *cookie_len)); |
881 void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, int (*app_verify_cookie_cb)(SSL
*ssl, unsigned char *cookie, unsigned int cookie_len)); | 949 void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, int (*app_verify_cookie_cb)(SSL
*ssl, unsigned char *cookie, unsigned int cookie_len)); |
882 void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s, int (*cb) (SSL *ssl, cons
t unsigned char **out, unsigned int *outlen, void *arg), void *arg); | 950 #ifndef OPENSSL_NO_NEXTPROTONEG |
883 void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s, int (*cb) (SSL *ssl, unsigned
char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen,
void *arg), void *arg); | 951 void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s, |
884 void SSL_CTX_set_snap_start_orbit(SSL_CTX *s, const unsigned char orbit[8]); | 952 » » » » » int (*cb) (SSL *ssl, |
| 953 » » » » » » const unsigned char **out, |
| 954 » » » » » » unsigned int *outlen, |
| 955 » » » » » » void *arg), void *arg); |
| 956 void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s, |
| 957 » » » » int (*cb) (SSL *ssl, unsigned char **out, |
| 958 » » » » » » unsigned char *outlen, |
| 959 » » » » » » const unsigned char *in, |
| 960 » » » » » » unsigned int inlen, void *arg), |
| 961 » » » » void *arg); |
885 | 962 |
886 int SSL_select_next_proto(unsigned char **out, unsigned char *outlen, const unsi
gned char *in, unsigned int inlen, const unsigned char *client, unsigned int cli
ent_len); | 963 int SSL_select_next_proto(unsigned char **out, unsigned char *outlen, |
887 void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, un
signed *len); | 964 » » » const unsigned char *in, unsigned int inlen, |
888 | 965 » » » const unsigned char *client, unsigned int client_len); |
889 void SSL_get0_suggested_server_random(const SSL *s, const unsigned char **data,
unsigned *len); | 966 void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, |
890 void SSL_set_suggested_server_random_validity(SSL *s, char is_valid); | 967 » » » » unsigned *len); |
891 | 968 |
892 #define OPENSSL_NPN_UNSUPPORTED 0 | 969 #define OPENSSL_NPN_UNSUPPORTED 0 |
893 #define OPENSSL_NPN_NEGOTIATED 1 | 970 #define OPENSSL_NPN_NEGOTIATED 1 |
894 #define OPENSSL_NPN_NO_OVERLAP 2 | 971 #define OPENSSL_NPN_NO_OVERLAP 2 |
895 | 972 |
| 973 #endif |
| 974 |
| 975 #ifndef OPENSSL_NO_PSK |
| 976 /* the maximum length of the buffer given to callbacks containing the |
| 977 * resulting identity/psk */ |
| 978 #define PSK_MAX_IDENTITY_LEN 128 |
| 979 #define PSK_MAX_PSK_LEN 256 |
| 980 void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, |
| 981 unsigned int (*psk_client_callback)(SSL *ssl, const char *hint, |
| 982 char *identity, unsigned int max_identity_len, unsigned char *ps
k, |
| 983 unsigned int max_psk_len)); |
| 984 void SSL_set_psk_client_callback(SSL *ssl, |
| 985 unsigned int (*psk_client_callback)(SSL *ssl, const char *hint, |
| 986 char *identity, unsigned int max_identity_len, unsigned char *ps
k, |
| 987 unsigned int max_psk_len)); |
| 988 void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, |
| 989 unsigned int (*psk_server_callback)(SSL *ssl, const char *identity, |
| 990 unsigned char *psk, unsigned int max_psk_len)); |
| 991 void SSL_set_psk_server_callback(SSL *ssl, |
| 992 unsigned int (*psk_server_callback)(SSL *ssl, const char *identity, |
| 993 unsigned char *psk, unsigned int max_psk_len)); |
| 994 int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint); |
| 995 int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint); |
| 996 const char *SSL_get_psk_identity_hint(const SSL *s); |
| 997 const char *SSL_get_psk_identity(const SSL *s); |
| 998 #endif |
| 999 |
896 #define SSL_NOTHING 1 | 1000 #define SSL_NOTHING 1 |
897 #define SSL_WRITING 2 | 1001 #define SSL_WRITING 2 |
898 #define SSL_READING 3 | 1002 #define SSL_READING 3 |
899 #define SSL_X509_LOOKUP 4 | 1003 #define SSL_X509_LOOKUP 4 |
900 #define SSL_SERVER_RANDOM_VALIDATE 6 | |
901 | 1004 |
902 /* These will only be used when doing non-blocking IO */ | 1005 /* These will only be used when doing non-blocking IO */ |
903 #define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING) | 1006 #define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING) |
904 #define SSL_want_read(s) (SSL_want(s) == SSL_READING) | 1007 #define SSL_want_read(s) (SSL_want(s) == SSL_READING) |
905 #define SSL_want_write(s) (SSL_want(s) == SSL_WRITING) | 1008 #define SSL_want_write(s) (SSL_want(s) == SSL_WRITING) |
906 #define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP) | 1009 #define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP) |
907 #define SSL_want_server_random_validation(s)» (SSL_want(s) == SSL_SERVER_RANDO
M_VALIDATE) | 1010 |
| 1011 #define SSL_MAC_FLAG_READ_MAC_STREAM 1 |
| 1012 #define SSL_MAC_FLAG_WRITE_MAC_STREAM 2 |
908 | 1013 |
909 struct ssl_st | 1014 struct ssl_st |
910 { | 1015 { |
911 /* protocol version | 1016 /* protocol version |
912 * (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION, DTLS1_VERSION) | 1017 * (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION, DTLS1_VERSION) |
913 */ | 1018 */ |
914 int version; | 1019 int version; |
915 int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */ | 1020 int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */ |
916 | 1021 |
917 » SSL_METHOD *method; /* SSLv3 */ | 1022 » const SSL_METHOD *method; /* SSLv3 */ |
918 | 1023 |
919 /* There are 2 BIO's even though they are normally both the | 1024 /* There are 2 BIO's even though they are normally both the |
920 * same. This is so data can be read and written to different | 1025 * same. This is so data can be read and written to different |
921 * handlers */ | 1026 * handlers */ |
922 | 1027 |
923 #ifndef OPENSSL_NO_BIO | 1028 #ifndef OPENSSL_NO_BIO |
924 BIO *rbio; /* used by SSL_read */ | 1029 BIO *rbio; /* used by SSL_read */ |
925 BIO *wbio; /* used by SSL_write */ | 1030 BIO *wbio; /* used by SSL_write */ |
926 BIO *bbio; /* used during session-id reuse to concatenate | 1031 BIO *bbio; /* used during session-id reuse to concatenate |
927 * messages */ | 1032 * messages */ |
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
990 int purpose; /* Purpose setting */ | 1095 int purpose; /* Purpose setting */ |
991 int trust; /* Trust setting */ | 1096 int trust; /* Trust setting */ |
992 #endif | 1097 #endif |
993 | 1098 |
994 /* crypto */ | 1099 /* crypto */ |
995 STACK_OF(SSL_CIPHER) *cipher_list; | 1100 STACK_OF(SSL_CIPHER) *cipher_list; |
996 STACK_OF(SSL_CIPHER) *cipher_list_by_id; | 1101 STACK_OF(SSL_CIPHER) *cipher_list_by_id; |
997 | 1102 |
998 /* These are the ones being used, the ones in SSL_SESSION are | 1103 /* These are the ones being used, the ones in SSL_SESSION are |
999 * the ones to be 'copied' into these ones */ | 1104 * the ones to be 'copied' into these ones */ |
1000 | 1105 » int mac_flags; |
1001 EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */ | 1106 EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */ |
1002 » const EVP_MD *read_hash;» » /* used for mac generation */ | 1107 » EVP_MD_CTX *read_hash;» » /* used for mac generation */ |
1003 #ifndef OPENSSL_NO_COMP | 1108 #ifndef OPENSSL_NO_COMP |
1004 COMP_CTX *expand; /* uncompress */ | 1109 COMP_CTX *expand; /* uncompress */ |
1005 #else | 1110 #else |
1006 char *expand; | 1111 char *expand; |
1007 #endif | 1112 #endif |
1008 | 1113 |
1009 EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */ | 1114 EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */ |
1010 » const EVP_MD *write_hash;» » /* used for mac generation */ | 1115 » EVP_MD_CTX *write_hash;»» /* used for mac generation */ |
1011 #ifndef OPENSSL_NO_COMP | 1116 #ifndef OPENSSL_NO_COMP |
1012 COMP_CTX *compress; /* compression */ | 1117 COMP_CTX *compress; /* compression */ |
1013 #else | 1118 #else |
1014 char *compress; | 1119 char *compress; |
1015 #endif | 1120 #endif |
1016 | 1121 |
1017 /* session info */ | 1122 /* session info */ |
1018 | 1123 |
1019 /* client cert? */ | 1124 /* client cert? */ |
1020 /* This is used to hold the server certificate used */ | 1125 /* This is used to hold the server certificate used */ |
1021 struct cert_st /* CERT */ *cert; | 1126 struct cert_st /* CERT */ *cert; |
1022 | 1127 |
1023 /* the session_id_context is used to ensure sessions are only reused | 1128 /* the session_id_context is used to ensure sessions are only reused |
1024 * in the appropriate context */ | 1129 * in the appropriate context */ |
1025 unsigned int sid_ctx_length; | 1130 unsigned int sid_ctx_length; |
1026 unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH]; | 1131 unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH]; |
1027 | 1132 |
1028 /* This can also be in the session once a session is established */ | 1133 /* This can also be in the session once a session is established */ |
1029 SSL_SESSION *session; | 1134 SSL_SESSION *session; |
1030 | 1135 |
| 1136 /* This can be disabled to prevent the use of uncached sessions */ |
| 1137 int session_creation_enabled; |
| 1138 |
1031 /* Default generate session ID callback. */ | 1139 /* Default generate session ID callback. */ |
1032 GEN_SESSION_CB generate_session_id; | 1140 GEN_SESSION_CB generate_session_id; |
1033 | 1141 |
1034 /* Used in SSL2 and SSL3 */ | 1142 /* Used in SSL2 and SSL3 */ |
1035 int verify_mode; /* 0 don't care about verify failure. | 1143 int verify_mode; /* 0 don't care about verify failure. |
1036 * 1 fail if verify fails */ | 1144 * 1 fail if verify fails */ |
1037 int (*verify_callback)(int ok,X509_STORE_CTX *ctx); /* fail if callback
returns 0 */ | 1145 int (*verify_callback)(int ok,X509_STORE_CTX *ctx); /* fail if callback
returns 0 */ |
1038 | 1146 |
1039 void (*info_callback)(const SSL *ssl,int type,int val); /* optional info
rmational callback */ | 1147 void (*info_callback)(const SSL *ssl,int type,int val); /* optional info
rmational callback */ |
1040 | 1148 |
1041 int error; /* error bytes to be written */ | 1149 int error; /* error bytes to be written */ |
1042 int error_code; /* actual code */ | 1150 int error_code; /* actual code */ |
1043 | 1151 |
1044 #ifndef OPENSSL_NO_KRB5 | 1152 #ifndef OPENSSL_NO_KRB5 |
1045 KSSL_CTX *kssl_ctx; /* Kerberos 5 context */ | 1153 KSSL_CTX *kssl_ctx; /* Kerberos 5 context */ |
1046 #endif /* OPENSSL_NO_KRB5 */ | 1154 #endif /* OPENSSL_NO_KRB5 */ |
1047 | 1155 |
| 1156 #ifndef OPENSSL_NO_PSK |
| 1157 unsigned int (*psk_client_callback)(SSL *ssl, const char *hint, char *id
entity, |
| 1158 unsigned int max_identity_len, unsigned char *psk, |
| 1159 unsigned int max_psk_len); |
| 1160 unsigned int (*psk_server_callback)(SSL *ssl, const char *identity, |
| 1161 unsigned char *psk, unsigned int max_psk_len); |
| 1162 #endif |
| 1163 |
1048 SSL_CTX *ctx; | 1164 SSL_CTX *ctx; |
1049 /* set this flag to 1 and a sleep(1) is put into all SSL_read() | 1165 /* set this flag to 1 and a sleep(1) is put into all SSL_read() |
1050 * and SSL_write() calls, good for nbio debuging :-) */ | 1166 * and SSL_write() calls, good for nbio debuging :-) */ |
1051 int debug; | 1167 int debug; |
1052 | 1168 |
1053 /* extra application data */ | 1169 /* extra application data */ |
1054 long verify_result; | 1170 long verify_result; |
1055 CRYPTO_EX_DATA ex_data; | 1171 CRYPTO_EX_DATA ex_data; |
1056 | 1172 |
1057 /* for server side, keep the list of CA_dn we can use */ | 1173 /* for server side, keep the list of CA_dn we can use */ |
1058 STACK_OF(X509_NAME) *client_CA; | 1174 STACK_OF(X509_NAME) *client_CA; |
1059 | 1175 |
1060 int references; | 1176 int references; |
1061 unsigned long options; /* protocol behaviour */ | 1177 unsigned long options; /* protocol behaviour */ |
1062 unsigned long mode; /* API behaviour */ | 1178 unsigned long mode; /* API behaviour */ |
1063 long max_cert_list; | 1179 long max_cert_list; |
1064 int first_packet; | 1180 int first_packet; |
1065 int client_version; /* what was passed, used for | 1181 int client_version; /* what was passed, used for |
1066 * SSLv3/TLS rollback check */ | 1182 * SSLv3/TLS rollback check */ |
| 1183 unsigned int max_send_fragment; |
1067 #ifndef OPENSSL_NO_TLSEXT | 1184 #ifndef OPENSSL_NO_TLSEXT |
1068 /* TLS extension debug callback */ | 1185 /* TLS extension debug callback */ |
1069 void (*tlsext_debug_cb)(SSL *s, int client_server, int type, | 1186 void (*tlsext_debug_cb)(SSL *s, int client_server, int type, |
1070 unsigned char *data, int len, | 1187 unsigned char *data, int len, |
1071 void *arg); | 1188 void *arg); |
1072 void *tlsext_debug_arg; | 1189 void *tlsext_debug_arg; |
1073 char *tlsext_hostname; | 1190 char *tlsext_hostname; |
1074 int servername_done; /* no further mod of servername | 1191 int servername_done; /* no further mod of servername |
1075 0 : call the servername extension callback. | 1192 0 : call the servername extension callback. |
1076 1 : prepare 2, allow last ack just after in se
rver callback. | 1193 1 : prepare 2, allow last ack just after in se
rver callback. |
1077 2 : don't call servername callback, no ack in
server hello | 1194 2 : don't call servername callback, no ack in
server hello |
1078 */ | 1195 */ |
1079 /* certificate status request info */ | 1196 /* certificate status request info */ |
1080 /* Status type or -1 if no status type */ | 1197 /* Status type or -1 if no status type */ |
1081 int tlsext_status_type; | 1198 int tlsext_status_type; |
1082 /* Expect OCSP CertificateStatus message */ | 1199 /* Expect OCSP CertificateStatus message */ |
1083 int tlsext_status_expected; | 1200 int tlsext_status_expected; |
1084 /* OCSP status request only */ | 1201 /* OCSP status request only */ |
1085 STACK_OF(OCSP_RESPID) *tlsext_ocsp_ids; | 1202 STACK_OF(OCSP_RESPID) *tlsext_ocsp_ids; |
1086 X509_EXTENSIONS *tlsext_ocsp_exts; | 1203 X509_EXTENSIONS *tlsext_ocsp_exts; |
1087 /* OCSP response received or to be sent */ | 1204 /* OCSP response received or to be sent */ |
1088 unsigned char *tlsext_ocsp_resp; | 1205 unsigned char *tlsext_ocsp_resp; |
1089 int tlsext_ocsp_resplen; | 1206 int tlsext_ocsp_resplen; |
1090 | 1207 |
1091 /* RFC4507 session ticket expected to be received or sent */ | 1208 /* RFC4507 session ticket expected to be received or sent */ |
1092 int tlsext_ticket_expected; | 1209 int tlsext_ticket_expected; |
| 1210 #ifndef OPENSSL_NO_EC |
| 1211 size_t tlsext_ecpointformatlist_length; |
| 1212 unsigned char *tlsext_ecpointformatlist; /* our list */ |
| 1213 size_t tlsext_ellipticcurvelist_length; |
| 1214 unsigned char *tlsext_ellipticcurvelist; /* our list */ |
| 1215 #endif /* OPENSSL_NO_EC */ |
| 1216 |
| 1217 /* draft-rescorla-tls-opaque-prf-input-00.txt information to be used for
handshakes */ |
| 1218 void *tlsext_opaque_prf_input; |
| 1219 size_t tlsext_opaque_prf_input_len; |
| 1220 |
| 1221 /* TLS Session Ticket extension override */ |
| 1222 TLS_SESSION_TICKET_EXT *tlsext_session_ticket; |
| 1223 |
| 1224 /* TLS Session Ticket extension callback */ |
| 1225 tls_session_ticket_ext_cb_fn tls_session_ticket_ext_cb; |
| 1226 void *tls_session_ticket_ext_cb_arg; |
| 1227 |
| 1228 /* TLS pre-shared secret session resumption */ |
| 1229 tls_session_secret_cb_fn tls_session_secret_cb; |
| 1230 void *tls_session_secret_cb_arg; |
| 1231 |
1093 SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */ | 1232 SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */ |
1094 | 1233 |
| 1234 #ifndef OPENSSL_NO_NEXTPROTONEG |
1095 /* Next protocol negotiation. For the client, this is the protocol that | 1235 /* Next protocol negotiation. For the client, this is the protocol that |
1096 * we sent in NextProtocol and is set when handling ServerHello | 1236 * we sent in NextProtocol and is set when handling ServerHello |
1097 * extensions. | 1237 * extensions. |
1098 * | 1238 * |
1099 * For a server, this is the client's selected_protocol from | 1239 * For a server, this is the client's selected_protocol from |
1100 * NextProtocol and is set when handling the NextProtocol message, | 1240 * NextProtocol and is set when handling the NextProtocol message, |
1101 * before the Finished message. */ | 1241 * before the Finished message. */ |
1102 unsigned char *next_proto_negotiated; | 1242 unsigned char *next_proto_negotiated; |
1103 unsigned char next_proto_negotiated_len; | 1243 unsigned char next_proto_negotiated_len; |
| 1244 #endif |
| 1245 |
1104 #define session_ctx initial_ctx | 1246 #define session_ctx initial_ctx |
1105 #else | 1247 #else |
1106 #define session_ctx ctx | 1248 #define session_ctx ctx |
1107 #endif | 1249 #endif /* OPENSSL_NO_TLSEXT */ |
1108 }; | 1250 }; |
1109 | 1251 |
1110 #ifdef __cplusplus | 1252 #ifdef __cplusplus |
1111 } | 1253 } |
1112 #endif | 1254 #endif |
1113 | 1255 |
1114 #include <openssl/ssl2.h> | 1256 #include <openssl/ssl2.h> |
1115 #include <openssl/ssl3.h> | 1257 #include <openssl/ssl3.h> |
1116 #include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */ | 1258 #include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */ |
1117 #include <openssl/dtls1.h> /* Datagram TLS */ | 1259 #include <openssl/dtls1.h> /* Datagram TLS */ |
(...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1206 SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np) | 1348 SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np) |
1207 #define SSL_get_cipher_version(s) \ | 1349 #define SSL_get_cipher_version(s) \ |
1208 SSL_CIPHER_get_version(SSL_get_current_cipher(s)) | 1350 SSL_CIPHER_get_version(SSL_get_current_cipher(s)) |
1209 #define SSL_get_cipher_name(s) \ | 1351 #define SSL_get_cipher_name(s) \ |
1210 SSL_CIPHER_get_name(SSL_get_current_cipher(s)) | 1352 SSL_CIPHER_get_name(SSL_get_current_cipher(s)) |
1211 #define SSL_get_time(a) SSL_SESSION_get_time(a) | 1353 #define SSL_get_time(a) SSL_SESSION_get_time(a) |
1212 #define SSL_set_time(a,b) SSL_SESSION_set_time((a),(b)) | 1354 #define SSL_set_time(a,b) SSL_SESSION_set_time((a),(b)) |
1213 #define SSL_get_timeout(a) SSL_SESSION_get_timeout(a) | 1355 #define SSL_get_timeout(a) SSL_SESSION_get_timeout(a) |
1214 #define SSL_set_timeout(a,b) SSL_SESSION_set_timeout((a),(b)) | 1356 #define SSL_set_timeout(a,b) SSL_SESSION_set_timeout((a),(b)) |
1215 | 1357 |
1216 #if 1 /*SSLEAY_MACROS*/ | |
1217 #define d2i_SSL_SESSION_bio(bp,s_id) ASN1_d2i_bio_of(SSL_SESSION,SSL_SESSION_new
,d2i_SSL_SESSION,bp,s_id) | 1358 #define d2i_SSL_SESSION_bio(bp,s_id) ASN1_d2i_bio_of(SSL_SESSION,SSL_SESSION_new
,d2i_SSL_SESSION,bp,s_id) |
1218 #define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio_of(SSL_SESSION,i2d_SSL_SESSION
,bp,s_id) | 1359 #define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio_of(SSL_SESSION,i2d_SSL_SESSION
,bp,s_id) |
1219 #define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \ | |
1220 (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u) | |
1221 #define PEM_read_bio_SSL_SESSION(bp,x,cb,u) PEM_ASN1_read_bio_of(SSL_SESSION,d2i
_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,x,cb,u) | |
1222 #define PEM_write_SSL_SESSION(fp,x) \ | |
1223 PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \ | |
1224 PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL) | |
1225 #define PEM_write_bio_SSL_SESSION(bp,x) \ | |
1226 PEM_ASN1_write_bio_of(SSL_SESSION,i2d_SSL_SESSION,PEM_STRING_SSL_SESSION
,bp,x,NULL,NULL,0,NULL,NULL) | |
1227 #endif | |
1228 | 1360 |
1229 #define SSL_AD_REASON_OFFSET» » 1000 | 1361 DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) |
| 1362 |
| 1363 #define SSL_AD_REASON_OFFSET» » 1000 /* offset to get SSL_R_... value fr
om SSL_AD_... */ |
| 1364 |
1230 /* These alert types are for SSLv3 and TLSv1 */ | 1365 /* These alert types are for SSLv3 and TLSv1 */ |
1231 #define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY | 1366 #define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY |
1232 #define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE /* fatal */ | 1367 #define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE /* fatal */ |
1233 #define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC /* fatal */ | 1368 #define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC /* fatal */ |
1234 #define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED | 1369 #define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED |
1235 #define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW | 1370 #define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW |
1236 #define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE/* fatal */ | 1371 #define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE/* fatal */ |
1237 #define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE/* fatal */ | 1372 #define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE/* fatal */ |
1238 #define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE /* Not for TLS */ | 1373 #define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE /* Not for TLS */ |
1239 #define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE | 1374 #define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE |
1240 #define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE | 1375 #define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE |
1241 #define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED | 1376 #define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED |
1242 #define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED | 1377 #define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED |
1243 #define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN | 1378 #define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN |
1244 #define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER /* fatal */ | 1379 #define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER /* fatal */ |
1245 #define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA /* fatal */ | 1380 #define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA /* fatal */ |
1246 #define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED /* fatal */ | 1381 #define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED /* fatal */ |
1247 #define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR /* fatal */ | 1382 #define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR /* fatal */ |
1248 #define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR | 1383 #define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR |
1249 #define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION/* fatal */ | 1384 #define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION/* fatal */ |
1250 #define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION /* fatal */ | 1385 #define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION /* fatal */ |
1251 #define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY/* fatal */ | 1386 #define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY/* fatal */ |
1252 #define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR /* fatal */ | 1387 #define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR /* fatal */ |
1253 #define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED | 1388 #define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED |
1254 #define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION | 1389 #define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION |
1255 #define SSL_AD_UNSUPPORTED_EXTENSION TLS1_AD_UNSUPPORTED_EXTENSION | 1390 #define SSL_AD_UNSUPPORTED_EXTENSION TLS1_AD_UNSUPPORTED_EXTENSION |
1256 #define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE | 1391 #define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE |
1257 #define SSL_AD_UNRECOGNIZED_NAME TLS1_AD_UNRECOGNIZED_NAME | 1392 #define SSL_AD_UNRECOGNIZED_NAME TLS1_AD_UNRECOGNIZED_NAME |
1258 #define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RE
SPONSE | 1393 #define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RE
SPONSE |
| 1394 #define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE |
| 1395 #define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY /* fatal */ |
1259 | 1396 |
1260 #define SSL_ERROR_NONE 0 | 1397 #define SSL_ERROR_NONE 0 |
1261 #define SSL_ERROR_SSL 1 | 1398 #define SSL_ERROR_SSL 1 |
1262 #define SSL_ERROR_WANT_READ 2 | 1399 #define SSL_ERROR_WANT_READ 2 |
1263 #define SSL_ERROR_WANT_WRITE 3 | 1400 #define SSL_ERROR_WANT_WRITE 3 |
1264 #define SSL_ERROR_WANT_X509_LOOKUP 4 | 1401 #define SSL_ERROR_WANT_X509_LOOKUP 4 |
1265 #define SSL_ERROR_SYSCALL 5 /* look at error stack/return value/er
rno */ | 1402 #define SSL_ERROR_SYSCALL 5 /* look at error stack/return value/er
rno */ |
1266 #define SSL_ERROR_ZERO_RETURN 6 | 1403 #define SSL_ERROR_ZERO_RETURN 6 |
1267 #define SSL_ERROR_WANT_CONNECT 7 | 1404 #define SSL_ERROR_WANT_CONNECT 7 |
1268 #define SSL_ERROR_WANT_ACCEPT 8 | 1405 #define SSL_ERROR_WANT_ACCEPT 8 |
1269 #define SSL_ERROR_SERVER_RANDOM_VALIDATION_PENDING 10 | |
1270 | 1406 |
1271 #define SSL_CTRL_NEED_TMP_RSA 1 | 1407 #define SSL_CTRL_NEED_TMP_RSA 1 |
1272 #define SSL_CTRL_SET_TMP_RSA 2 | 1408 #define SSL_CTRL_SET_TMP_RSA 2 |
1273 #define SSL_CTRL_SET_TMP_DH 3 | 1409 #define SSL_CTRL_SET_TMP_DH 3 |
1274 #define SSL_CTRL_SET_TMP_ECDH 4 | 1410 #define SSL_CTRL_SET_TMP_ECDH 4 |
1275 #define SSL_CTRL_SET_TMP_RSA_CB 5 | 1411 #define SSL_CTRL_SET_TMP_RSA_CB 5 |
1276 #define SSL_CTRL_SET_TMP_DH_CB 6 | 1412 #define SSL_CTRL_SET_TMP_DH_CB 6 |
1277 #define SSL_CTRL_SET_TMP_ECDH_CB 7 | 1413 #define SSL_CTRL_SET_TMP_ECDH_CB 7 |
1278 | 1414 |
1279 #define SSL_CTRL_GET_SESSION_REUSED 8 | 1415 #define SSL_CTRL_GET_SESSION_REUSED 8 |
(...skipping 28 matching lines...) Expand all Loading... |
1308 #define SSL_CTRL_GET_READ_AHEAD 40 | 1444 #define SSL_CTRL_GET_READ_AHEAD 40 |
1309 #define SSL_CTRL_SET_READ_AHEAD 41 | 1445 #define SSL_CTRL_SET_READ_AHEAD 41 |
1310 #define SSL_CTRL_SET_SESS_CACHE_SIZE 42 | 1446 #define SSL_CTRL_SET_SESS_CACHE_SIZE 42 |
1311 #define SSL_CTRL_GET_SESS_CACHE_SIZE 43 | 1447 #define SSL_CTRL_GET_SESS_CACHE_SIZE 43 |
1312 #define SSL_CTRL_SET_SESS_CACHE_MODE 44 | 1448 #define SSL_CTRL_SET_SESS_CACHE_MODE 44 |
1313 #define SSL_CTRL_GET_SESS_CACHE_MODE 45 | 1449 #define SSL_CTRL_GET_SESS_CACHE_MODE 45 |
1314 | 1450 |
1315 #define SSL_CTRL_GET_MAX_CERT_LIST 50 | 1451 #define SSL_CTRL_GET_MAX_CERT_LIST 50 |
1316 #define SSL_CTRL_SET_MAX_CERT_LIST 51 | 1452 #define SSL_CTRL_SET_MAX_CERT_LIST 51 |
1317 | 1453 |
| 1454 #define SSL_CTRL_SET_MAX_SEND_FRAGMENT 52 |
| 1455 |
1318 /* see tls1.h for macros based on these */ | 1456 /* see tls1.h for macros based on these */ |
1319 #ifndef OPENSSL_NO_TLSEXT | 1457 #ifndef OPENSSL_NO_TLSEXT |
1320 #define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53 | 1458 #define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53 |
1321 #define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG 54 | 1459 #define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG 54 |
1322 #define SSL_CTRL_SET_TLSEXT_HOSTNAME 55 | 1460 #define SSL_CTRL_SET_TLSEXT_HOSTNAME 55 |
1323 #define SSL_CTRL_SET_TLSEXT_DEBUG_CB 56 | 1461 #define SSL_CTRL_SET_TLSEXT_DEBUG_CB 56 |
1324 #define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57 | 1462 #define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57 |
1325 #define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58 | 1463 #define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58 |
1326 #define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59 | 1464 #define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59 |
1327 | 1465 #define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT» 60 |
| 1466 #define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB»61 |
| 1467 #define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG 62 |
1328 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB 63 | 1468 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB 63 |
1329 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG 64 | 1469 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG 64 |
1330 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65 | 1470 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65 |
1331 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS 66 | 1471 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS 66 |
1332 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS 67 | 1472 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS 67 |
1333 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS 68 | 1473 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS 68 |
1334 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS 69 | 1474 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS 69 |
1335 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP 70 | 1475 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP 70 |
1336 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71 | 1476 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71 |
1337 | 1477 |
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1387 BIO_METHOD *BIO_f_ssl(void); | 1527 BIO_METHOD *BIO_f_ssl(void); |
1388 BIO *BIO_new_ssl(SSL_CTX *ctx,int client); | 1528 BIO *BIO_new_ssl(SSL_CTX *ctx,int client); |
1389 BIO *BIO_new_ssl_connect(SSL_CTX *ctx); | 1529 BIO *BIO_new_ssl_connect(SSL_CTX *ctx); |
1390 BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx); | 1530 BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx); |
1391 int BIO_ssl_copy_session_id(BIO *to,BIO *from); | 1531 int BIO_ssl_copy_session_id(BIO *to,BIO *from); |
1392 void BIO_ssl_shutdown(BIO *ssl_bio); | 1532 void BIO_ssl_shutdown(BIO *ssl_bio); |
1393 | 1533 |
1394 #endif | 1534 #endif |
1395 | 1535 |
1396 int SSL_CTX_set_cipher_list(SSL_CTX *,const char *str); | 1536 int SSL_CTX_set_cipher_list(SSL_CTX *,const char *str); |
1397 SSL_CTX *SSL_CTX_new(SSL_METHOD *meth); | 1537 SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth); |
1398 void SSL_CTX_free(SSL_CTX *); | 1538 void SSL_CTX_free(SSL_CTX *); |
1399 long SSL_CTX_set_timeout(SSL_CTX *ctx,long t); | 1539 long SSL_CTX_set_timeout(SSL_CTX *ctx,long t); |
1400 long SSL_CTX_get_timeout(const SSL_CTX *ctx); | 1540 long SSL_CTX_get_timeout(const SSL_CTX *ctx); |
1401 X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *); | 1541 X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *); |
1402 void SSL_CTX_set_cert_store(SSL_CTX *,X509_STORE *); | 1542 void SSL_CTX_set_cert_store(SSL_CTX *,X509_STORE *); |
1403 int SSL_want(const SSL *s); | 1543 int SSL_want(const SSL *s); |
1404 int SSL_clear(SSL *s); | 1544 int SSL_clear(SSL *s); |
1405 | 1545 |
1406 void SSL_CTX_flush_sessions(SSL_CTX *ctx,long tm); | 1546 void SSL_CTX_flush_sessions(SSL_CTX *ctx,long tm); |
1407 | 1547 |
1408 SSL_CIPHER *SSL_get_current_cipher(const SSL *s); | 1548 const SSL_CIPHER *SSL_get_current_cipher(const SSL *s); |
1409 int SSL_CIPHER_get_bits(const SSL_CIPHER *c,int *alg_bits); | 1549 int SSL_CIPHER_get_bits(const SSL_CIPHER *c,int *alg_bits); |
1410 char * SSL_CIPHER_get_version(const SSL_CIPHER *c); | 1550 char * SSL_CIPHER_get_version(const SSL_CIPHER *c); |
1411 const char * SSL_CIPHER_get_name(const SSL_CIPHER *c); | 1551 const char * SSL_CIPHER_get_name(const SSL_CIPHER *c); |
| 1552 const char * SSL_CIPHER_authentication_method(const SSL_CIPHER *c); |
1412 | 1553 |
1413 int SSL_get_fd(const SSL *s); | 1554 int SSL_get_fd(const SSL *s); |
1414 int SSL_get_rfd(const SSL *s); | 1555 int SSL_get_rfd(const SSL *s); |
1415 int SSL_get_wfd(const SSL *s); | 1556 int SSL_get_wfd(const SSL *s); |
1416 const char * SSL_get_cipher_list(const SSL *s,int n); | 1557 const char * SSL_get_cipher_list(const SSL *s,int n); |
1417 char * SSL_get_shared_ciphers(const SSL *s, char *buf, int len); | 1558 char * SSL_get_shared_ciphers(const SSL *s, char *buf, int len); |
1418 int SSL_get_read_ahead(const SSL * s); | 1559 int SSL_get_read_ahead(const SSL * s); |
1419 int SSL_pending(const SSL *s); | 1560 int SSL_pending(const SSL *s); |
| 1561 const char * SSL_authentication_method(const SSL *c); |
1420 #ifndef OPENSSL_NO_SOCK | 1562 #ifndef OPENSSL_NO_SOCK |
1421 int SSL_set_fd(SSL *s, int fd); | 1563 int SSL_set_fd(SSL *s, int fd); |
1422 int SSL_set_rfd(SSL *s, int fd); | 1564 int SSL_set_rfd(SSL *s, int fd); |
1423 int SSL_set_wfd(SSL *s, int fd); | 1565 int SSL_set_wfd(SSL *s, int fd); |
1424 #endif | 1566 #endif |
1425 #ifndef OPENSSL_NO_BIO | 1567 #ifndef OPENSSL_NO_BIO |
1426 void SSL_set_bio(SSL *s, BIO *rbio,BIO *wbio); | 1568 void SSL_set_bio(SSL *s, BIO *rbio,BIO *wbio); |
1427 BIO * SSL_get_rbio(const SSL *s); | 1569 BIO * SSL_get_rbio(const SSL *s); |
1428 BIO * SSL_get_wbio(const SSL *s); | 1570 BIO * SSL_get_wbio(const SSL *s); |
1429 #endif | 1571 #endif |
1430 int SSL_set_cipher_list(SSL *s, const char *str); | 1572 int SSL_set_cipher_list(SSL *s, const char *str); |
| 1573 int SSL_set_cipher_lists(SSL *s, STACK_OF(SSL_CIPHER) *sk); |
1431 void SSL_set_read_ahead(SSL *s, int yes); | 1574 void SSL_set_read_ahead(SSL *s, int yes); |
1432 int SSL_get_verify_mode(const SSL *s); | 1575 int SSL_get_verify_mode(const SSL *s); |
1433 int SSL_get_verify_depth(const SSL *s); | 1576 int SSL_get_verify_depth(const SSL *s); |
1434 int (*SSL_get_verify_callback(const SSL *s))(int,X509_STORE_CTX *); | 1577 int (*SSL_get_verify_callback(const SSL *s))(int,X509_STORE_CTX *); |
1435 void SSL_set_verify(SSL *s, int mode, | 1578 void SSL_set_verify(SSL *s, int mode, |
1436 int (*callback)(int ok,X509_STORE_CTX *ctx)); | 1579 int (*callback)(int ok,X509_STORE_CTX *ctx)); |
1437 void SSL_set_verify_depth(SSL *s, int depth); | 1580 void SSL_set_verify_depth(SSL *s, int depth); |
1438 #ifndef OPENSSL_NO_RSA | 1581 #ifndef OPENSSL_NO_RSA |
1439 int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa); | 1582 int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa); |
1440 #endif | 1583 #endif |
1441 int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len); | 1584 int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len); |
1442 int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey); | 1585 int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey); |
1443 int SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, const unsigned char *d, long le
n); | 1586 int SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, const unsigned char *d, long le
n); |
1444 int SSL_use_certificate(SSL *ssl, X509 *x); | 1587 int SSL_use_certificate(SSL *ssl, X509 *x); |
1445 int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len); | 1588 int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len); |
| 1589 int SSL_use_certificate_chain(SSL *ssl, STACK_OF(X509) *cert_chain); |
| 1590 STACK_OF(X509) * SSL_get_certificate_chain(SSL *ssl, X509 *x); |
1446 | 1591 |
1447 #ifndef OPENSSL_NO_STDIO | 1592 #ifndef OPENSSL_NO_STDIO |
1448 int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type); | 1593 int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type); |
1449 int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type); | 1594 int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type); |
1450 int SSL_use_certificate_file(SSL *ssl, const char *file, int type); | 1595 int SSL_use_certificate_file(SSL *ssl, const char *file, int type); |
1451 int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
; | 1596 int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
; |
1452 int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type); | 1597 int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type); |
1453 int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type); | 1598 int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type); |
1454 int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); /* P
EM type */ | 1599 int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); /* P
EM type */ |
1455 STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); | 1600 STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); |
(...skipping 13 matching lines...) Expand all Loading... |
1469 const char *SSL_rstate_string(const SSL *s); | 1614 const char *SSL_rstate_string(const SSL *s); |
1470 const char *SSL_state_string_long(const SSL *s); | 1615 const char *SSL_state_string_long(const SSL *s); |
1471 const char *SSL_rstate_string_long(const SSL *s); | 1616 const char *SSL_rstate_string_long(const SSL *s); |
1472 long SSL_SESSION_get_time(const SSL_SESSION *s); | 1617 long SSL_SESSION_get_time(const SSL_SESSION *s); |
1473 long SSL_SESSION_set_time(SSL_SESSION *s, long t); | 1618 long SSL_SESSION_set_time(SSL_SESSION *s, long t); |
1474 long SSL_SESSION_get_timeout(const SSL_SESSION *s); | 1619 long SSL_SESSION_get_timeout(const SSL_SESSION *s); |
1475 long SSL_SESSION_set_timeout(SSL_SESSION *s, long t); | 1620 long SSL_SESSION_set_timeout(SSL_SESSION *s, long t); |
1476 void SSL_copy_session_id(SSL *to,const SSL *from); | 1621 void SSL_copy_session_id(SSL *to,const SSL *from); |
1477 | 1622 |
1478 SSL_SESSION *SSL_SESSION_new(void); | 1623 SSL_SESSION *SSL_SESSION_new(void); |
1479 unsigned long SSL_SESSION_hash(const SSL_SESSION *a); | 1624 const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, |
1480 int» SSL_SESSION_cmp(const SSL_SESSION *a,const SSL_SESSION *b); | 1625 » » » » » unsigned int *len); |
1481 const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len)
; | 1626 const char *» SSL_SESSION_get_version(const SSL_SESSION *s); |
1482 #ifndef OPENSSL_NO_FP_API | 1627 #ifndef OPENSSL_NO_FP_API |
1483 int SSL_SESSION_print_fp(FILE *fp,const SSL_SESSION *ses); | 1628 int SSL_SESSION_print_fp(FILE *fp,const SSL_SESSION *ses); |
1484 #endif | 1629 #endif |
1485 #ifndef OPENSSL_NO_BIO | 1630 #ifndef OPENSSL_NO_BIO |
1486 int SSL_SESSION_print(BIO *fp,const SSL_SESSION *ses); | 1631 int SSL_SESSION_print(BIO *fp,const SSL_SESSION *ses); |
1487 #endif | 1632 #endif |
1488 void SSL_SESSION_free(SSL_SESSION *ses); | 1633 void SSL_SESSION_free(SSL_SESSION *ses); |
1489 int i2d_SSL_SESSION(SSL_SESSION *in,unsigned char **pp); | 1634 int i2d_SSL_SESSION(SSL_SESSION *in,unsigned char **pp); |
1490 int SSL_set_session(SSL *to, SSL_SESSION *session); | 1635 int SSL_set_session(SSL *to, SSL_SESSION *session); |
| 1636 void SSL_set_session_creation_enabled(SSL *, int); |
1491 int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c); | 1637 int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c); |
1492 int SSL_CTX_remove_session(SSL_CTX *,SSL_SESSION *c); | 1638 int SSL_CTX_remove_session(SSL_CTX *,SSL_SESSION *c); |
1493 int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB); | 1639 int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB); |
1494 int SSL_set_generate_session_id(SSL *, GEN_SESSION_CB); | 1640 int SSL_set_generate_session_id(SSL *, GEN_SESSION_CB); |
1495 int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id, | 1641 int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id, |
1496 unsigned int id_len); | 1642 unsigned int id_len); |
1497 SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a,const unsigned char **pp, | 1643 SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a,const unsigned char **pp, |
1498 long length); | 1644 long length); |
1499 | 1645 |
1500 #ifdef HEADER_X509_H | 1646 #ifdef HEADER_X509_H |
(...skipping 30 matching lines...) Expand all Loading... |
1531 | 1677 |
1532 SSL * SSL_new(SSL_CTX *ctx); | 1678 SSL * SSL_new(SSL_CTX *ctx); |
1533 int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx, | 1679 int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx, |
1534 unsigned int sid_ctx_len); | 1680 unsigned int sid_ctx_len); |
1535 | 1681 |
1536 int SSL_CTX_set_purpose(SSL_CTX *s, int purpose); | 1682 int SSL_CTX_set_purpose(SSL_CTX *s, int purpose); |
1537 int SSL_set_purpose(SSL *s, int purpose); | 1683 int SSL_set_purpose(SSL *s, int purpose); |
1538 int SSL_CTX_set_trust(SSL_CTX *s, int trust); | 1684 int SSL_CTX_set_trust(SSL_CTX *s, int trust); |
1539 int SSL_set_trust(SSL *s, int trust); | 1685 int SSL_set_trust(SSL *s, int trust); |
1540 | 1686 |
| 1687 int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm); |
| 1688 int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm); |
| 1689 |
1541 void SSL_free(SSL *ssl); | 1690 void SSL_free(SSL *ssl); |
1542 int SSL_accept(SSL *ssl); | 1691 int SSL_accept(SSL *ssl); |
1543 int SSL_connect(SSL *ssl); | 1692 int SSL_connect(SSL *ssl); |
1544 int SSL_read(SSL *ssl,void *buf,int num); | 1693 int SSL_read(SSL *ssl,void *buf,int num); |
1545 int SSL_peek(SSL *ssl,void *buf,int num); | 1694 int SSL_peek(SSL *ssl,void *buf,int num); |
1546 int SSL_write(SSL *ssl,const void *buf,int num); | 1695 int SSL_write(SSL *ssl,const void *buf,int num); |
1547 long SSL_ctrl(SSL *ssl,int cmd, long larg, void *parg); | 1696 long SSL_ctrl(SSL *ssl,int cmd, long larg, void *parg); |
1548 long SSL_callback_ctrl(SSL *, int, void (*)(void)); | 1697 long SSL_callback_ctrl(SSL *, int, void (*)(void)); |
1549 long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd, long larg, void *parg); | 1698 long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd, long larg, void *parg); |
1550 long SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)(void)); | 1699 long SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)(void)); |
1551 | 1700 |
1552 int SSL_get_error(const SSL *s,int ret_code); | 1701 int SSL_get_error(const SSL *s,int ret_code); |
1553 const char *SSL_get_version(const SSL *s); | 1702 const char *SSL_get_version(const SSL *s); |
1554 | 1703 |
1555 /* This sets the 'default' SSL version that SSL_new() will create */ | 1704 /* This sets the 'default' SSL version that SSL_new() will create */ |
1556 int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth); | 1705 int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth); |
1557 | 1706 |
1558 SSL_METHOD *SSLv2_method(void);»» /* SSLv2 */ | 1707 #ifndef OPENSSL_NO_SSL2 |
1559 SSL_METHOD *SSLv2_server_method(void);» /* SSLv2 */ | 1708 const SSL_METHOD *SSLv2_method(void);» » /* SSLv2 */ |
1560 SSL_METHOD *SSLv2_client_method(void);» /* SSLv2 */ | 1709 const SSL_METHOD *SSLv2_server_method(void);» /* SSLv2 */ |
| 1710 const SSL_METHOD *SSLv2_client_method(void);» /* SSLv2 */ |
| 1711 #endif |
1561 | 1712 |
1562 SSL_METHOD *SSLv3_method(void);»» /* SSLv3 */ | 1713 const SSL_METHOD *SSLv3_method(void);» » /* SSLv3 */ |
1563 SSL_METHOD *SSLv3_server_method(void);» /* SSLv3 */ | 1714 const SSL_METHOD *SSLv3_server_method(void);» /* SSLv3 */ |
1564 SSL_METHOD *SSLv3_client_method(void);» /* SSLv3 */ | 1715 const SSL_METHOD *SSLv3_client_method(void);» /* SSLv3 */ |
1565 | 1716 |
1566 SSL_METHOD *SSLv23_method(void);» /* SSLv3 but can rollback to v2 */ | 1717 const SSL_METHOD *SSLv23_method(void);» /* SSLv3 but can rollback to v2 */ |
1567 SSL_METHOD *SSLv23_server_method(void);»/* SSLv3 but can rollback to v2 */ | 1718 const SSL_METHOD *SSLv23_server_method(void);» /* SSLv3 but can rollback to v2
*/ |
1568 SSL_METHOD *SSLv23_client_method(void);»/* SSLv3 but can rollback to v2 */ | 1719 const SSL_METHOD *SSLv23_client_method(void);» /* SSLv3 but can rollback to v2
*/ |
1569 | 1720 |
1570 SSL_METHOD *TLSv1_method(void);»» /* TLSv1.0 */ | 1721 const SSL_METHOD *TLSv1_method(void);» » /* TLSv1.0 */ |
1571 SSL_METHOD *TLSv1_server_method(void);» /* TLSv1.0 */ | 1722 const SSL_METHOD *TLSv1_server_method(void);» /* TLSv1.0 */ |
1572 SSL_METHOD *TLSv1_client_method(void);» /* TLSv1.0 */ | 1723 const SSL_METHOD *TLSv1_client_method(void);» /* TLSv1.0 */ |
1573 | 1724 |
1574 SSL_METHOD *DTLSv1_method(void);» » /* DTLSv1.0 */ | 1725 const SSL_METHOD *DTLSv1_method(void);» » /* DTLSv1.0 */ |
1575 SSL_METHOD *DTLSv1_server_method(void);»/* DTLSv1.0 */ | 1726 const SSL_METHOD *DTLSv1_server_method(void);» /* DTLSv1.0 */ |
1576 SSL_METHOD *DTLSv1_client_method(void);»/* DTLSv1.0 */ | 1727 const SSL_METHOD *DTLSv1_client_method(void);» /* DTLSv1.0 */ |
1577 | 1728 |
1578 STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s); | 1729 STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s); |
1579 | 1730 |
1580 int SSL_do_handshake(SSL *s); | 1731 int SSL_do_handshake(SSL *s); |
1581 int SSL_renegotiate(SSL *s); | 1732 int SSL_renegotiate(SSL *s); |
1582 int SSL_renegotiate_pending(SSL *s); | 1733 int SSL_renegotiate_pending(SSL *s); |
1583 int SSL_shutdown(SSL *s); | 1734 int SSL_shutdown(SSL *s); |
1584 | 1735 |
1585 SSL_METHOD *SSL_get_ssl_method(SSL *s); | 1736 const SSL_METHOD *SSL_get_ssl_method(SSL *s); |
1586 int SSL_set_ssl_method(SSL *s,SSL_METHOD *method); | 1737 int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method); |
1587 const char *SSL_alert_type_string_long(int value); | 1738 const char *SSL_alert_type_string_long(int value); |
1588 const char *SSL_alert_type_string(int value); | 1739 const char *SSL_alert_type_string(int value); |
1589 const char *SSL_alert_desc_string_long(int value); | 1740 const char *SSL_alert_desc_string_long(int value); |
1590 const char *SSL_alert_desc_string(int value); | 1741 const char *SSL_alert_desc_string(int value); |
1591 | 1742 |
1592 void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list); | 1743 void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list); |
1593 void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list); | 1744 void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list); |
1594 STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s); | 1745 STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s); |
1595 STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *s); | 1746 STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *s); |
1596 int SSL_add_client_CA(SSL *ssl,X509 *x); | 1747 int SSL_add_client_CA(SSL *ssl,X509 *x); |
(...skipping 71 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1668 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL) | 1819 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL) |
1669 #define SSL_CTX_get_max_cert_list(ctx) \ | 1820 #define SSL_CTX_get_max_cert_list(ctx) \ |
1670 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL) | 1821 SSL_CTX_ctrl(ctx,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL) |
1671 #define SSL_CTX_set_max_cert_list(ctx,m) \ | 1822 #define SSL_CTX_set_max_cert_list(ctx,m) \ |
1672 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL) | 1823 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL) |
1673 #define SSL_get_max_cert_list(ssl) \ | 1824 #define SSL_get_max_cert_list(ssl) \ |
1674 SSL_ctrl(ssl,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL) | 1825 SSL_ctrl(ssl,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL) |
1675 #define SSL_set_max_cert_list(ssl,m) \ | 1826 #define SSL_set_max_cert_list(ssl,m) \ |
1676 SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL) | 1827 SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL) |
1677 | 1828 |
| 1829 #define SSL_CTX_set_max_send_fragment(ctx,m) \ |
| 1830 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL) |
| 1831 #define SSL_set_max_send_fragment(ssl,m) \ |
| 1832 SSL_ctrl(ssl,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL) |
| 1833 |
1678 /* NB: the keylength is only applicable when is_export is true */ | 1834 /* NB: the keylength is only applicable when is_export is true */ |
1679 #ifndef OPENSSL_NO_RSA | 1835 #ifndef OPENSSL_NO_RSA |
1680 void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, | 1836 void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, |
1681 RSA *(*cb)(SSL *ssl,int is_export, | 1837 RSA *(*cb)(SSL *ssl,int is_export, |
1682 int keylength)); | 1838 int keylength)); |
1683 | 1839 |
1684 void SSL_set_tmp_rsa_callback(SSL *ssl, | 1840 void SSL_set_tmp_rsa_callback(SSL *ssl, |
1685 RSA *(*cb)(SSL *ssl,int is_export, | 1841 RSA *(*cb)(SSL *ssl,int is_export, |
1686 int keylength)); | 1842 int keylength)); |
1687 #endif | 1843 #endif |
(...skipping 21 matching lines...) Expand all Loading... |
1709 STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void); | 1865 STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void); |
1710 int SSL_COMP_add_compression_method(int id,COMP_METHOD *cm); | 1866 int SSL_COMP_add_compression_method(int id,COMP_METHOD *cm); |
1711 #else | 1867 #else |
1712 const void *SSL_get_current_compression(SSL *s); | 1868 const void *SSL_get_current_compression(SSL *s); |
1713 const void *SSL_get_current_expansion(SSL *s); | 1869 const void *SSL_get_current_expansion(SSL *s); |
1714 const char *SSL_COMP_get_name(const void *comp); | 1870 const char *SSL_COMP_get_name(const void *comp); |
1715 void *SSL_COMP_get_compression_methods(void); | 1871 void *SSL_COMP_get_compression_methods(void); |
1716 int SSL_COMP_add_compression_method(int id,void *cm); | 1872 int SSL_COMP_add_compression_method(int id,void *cm); |
1717 #endif | 1873 #endif |
1718 | 1874 |
| 1875 /* TLS extensions functions */ |
| 1876 int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len); |
| 1877 |
| 1878 int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb, |
| 1879 void *arg); |
| 1880 |
| 1881 /* Pre-shared secret session resumption functions */ |
| 1882 int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secre
t_cb, void *arg); |
| 1883 |
1719 /* BEGIN ERROR CODES */ | 1884 /* BEGIN ERROR CODES */ |
1720 /* The following lines are auto generated by the script mkerr.pl. Any changes | 1885 /* The following lines are auto generated by the script mkerr.pl. Any changes |
1721 * made after this point may be overwritten when the script is next run. | 1886 * made after this point may be overwritten when the script is next run. |
1722 */ | 1887 */ |
1723 void ERR_load_SSL_strings(void); | 1888 void ERR_load_SSL_strings(void); |
1724 | 1889 |
1725 /* Error codes for the SSL functions. */ | 1890 /* Error codes for the SSL functions. */ |
1726 | 1891 |
1727 /* Function codes. */ | 1892 /* Function codes. */ |
1728 #define SSL_F_CLIENT_CERTIFICATE 100 | 1893 #define SSL_F_CLIENT_CERTIFICATE 100 |
1729 #define SSL_F_CLIENT_FINISHED 167 | 1894 #define SSL_F_CLIENT_FINISHED 167 |
1730 #define SSL_F_CLIENT_HELLO 101 | 1895 #define SSL_F_CLIENT_HELLO 101 |
1731 #define SSL_F_CLIENT_MASTER_KEY 102 | 1896 #define SSL_F_CLIENT_MASTER_KEY 102 |
1732 #define SSL_F_D2I_SSL_SESSION 103 | 1897 #define SSL_F_D2I_SSL_SESSION 103 |
1733 #define SSL_F_DO_DTLS1_WRITE 245 | 1898 #define SSL_F_DO_DTLS1_WRITE 245 |
1734 #define SSL_F_DO_SSL3_WRITE 104 | 1899 #define SSL_F_DO_SSL3_WRITE 104 |
1735 #define SSL_F_DTLS1_ACCEPT 246 | 1900 #define SSL_F_DTLS1_ACCEPT 246 |
1736 #define SSL_F_DTLS1_ADD_CERT_TO_BUF» » » 280 | 1901 #define SSL_F_DTLS1_ADD_CERT_TO_BUF» » » 295 |
1737 #define SSL_F_DTLS1_BUFFER_RECORD 247 | 1902 #define SSL_F_DTLS1_BUFFER_RECORD 247 |
1738 #define SSL_F_DTLS1_CLIENT_HELLO 248 | 1903 #define SSL_F_DTLS1_CLIENT_HELLO 248 |
1739 #define SSL_F_DTLS1_CONNECT 249 | 1904 #define SSL_F_DTLS1_CONNECT 249 |
1740 #define SSL_F_DTLS1_ENC 250 | 1905 #define SSL_F_DTLS1_ENC 250 |
1741 #define SSL_F_DTLS1_GET_HELLO_VERIFY 251 | 1906 #define SSL_F_DTLS1_GET_HELLO_VERIFY 251 |
1742 #define SSL_F_DTLS1_GET_MESSAGE 252 | 1907 #define SSL_F_DTLS1_GET_MESSAGE 252 |
1743 #define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT 253 | 1908 #define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT 253 |
1744 #define SSL_F_DTLS1_GET_RECORD 254 | 1909 #define SSL_F_DTLS1_GET_RECORD 254 |
1745 #define SSL_F_DTLS1_HANDLE_TIMEOUT» » » 282 | 1910 #define SSL_F_DTLS1_HANDLE_TIMEOUT» » » 297 |
1746 #define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 255 | 1911 #define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 255 |
1747 #define SSL_F_DTLS1_PREPROCESS_FRAGMENT»» » 277 | 1912 #define SSL_F_DTLS1_PREPROCESS_FRAGMENT»» » 288 |
1748 #define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256 | 1913 #define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256 |
1749 #define SSL_F_DTLS1_PROCESS_RECORD 257 | 1914 #define SSL_F_DTLS1_PROCESS_RECORD 257 |
1750 #define SSL_F_DTLS1_READ_BYTES 258 | 1915 #define SSL_F_DTLS1_READ_BYTES 258 |
1751 #define SSL_F_DTLS1_READ_FAILED 259 | 1916 #define SSL_F_DTLS1_READ_FAILED 259 |
1752 #define SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST 260 | 1917 #define SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST 260 |
1753 #define SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE 261 | 1918 #define SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE 261 |
1754 #define SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE 262 | 1919 #define SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE 262 |
1755 #define SSL_F_DTLS1_SEND_CLIENT_VERIFY 263 | 1920 #define SSL_F_DTLS1_SEND_CLIENT_VERIFY 263 |
1756 #define SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST 264 | 1921 #define SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST 264 |
1757 #define SSL_F_DTLS1_SEND_SERVER_CERTIFICATE 265 | 1922 #define SSL_F_DTLS1_SEND_SERVER_CERTIFICATE 265 |
1758 #define SSL_F_DTLS1_SEND_SERVER_HELLO 266 | 1923 #define SSL_F_DTLS1_SEND_SERVER_HELLO 266 |
1759 #define SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE 267 | 1924 #define SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE 267 |
1760 #define SSL_F_DTLS1_WRITE_APP_DATA_BYTES 268 | 1925 #define SSL_F_DTLS1_WRITE_APP_DATA_BYTES 268 |
1761 #define SSL_F_GET_CLIENT_FINISHED 105 | 1926 #define SSL_F_GET_CLIENT_FINISHED 105 |
1762 #define SSL_F_GET_CLIENT_HELLO 106 | 1927 #define SSL_F_GET_CLIENT_HELLO 106 |
1763 #define SSL_F_GET_CLIENT_MASTER_KEY 107 | 1928 #define SSL_F_GET_CLIENT_MASTER_KEY 107 |
1764 #define SSL_F_GET_SERVER_FINISHED 108 | 1929 #define SSL_F_GET_SERVER_FINISHED 108 |
1765 #define SSL_F_GET_SERVER_HELLO 109 | 1930 #define SSL_F_GET_SERVER_HELLO 109 |
1766 #define SSL_F_GET_SERVER_VERIFY 110 | 1931 #define SSL_F_GET_SERVER_VERIFY 110 |
1767 #define SSL_F_I2D_SSL_SESSION 111 | 1932 #define SSL_F_I2D_SSL_SESSION 111 |
1768 #define SSL_F_READ_N 112 | 1933 #define SSL_F_READ_N 112 |
1769 #define SSL_F_SSL3_READ_SNAP_START_N 300 | |
1770 #define SSL_F_REQUEST_CERTIFICATE 113 | 1934 #define SSL_F_REQUEST_CERTIFICATE 113 |
1771 #define SSL_F_SERVER_FINISH 239 | 1935 #define SSL_F_SERVER_FINISH 239 |
1772 #define SSL_F_SERVER_HELLO 114 | 1936 #define SSL_F_SERVER_HELLO 114 |
1773 #define SSL_F_SERVER_VERIFY 240 | 1937 #define SSL_F_SERVER_VERIFY 240 |
1774 #define SSL_F_SSL23_ACCEPT 115 | 1938 #define SSL_F_SSL23_ACCEPT 115 |
1775 #define SSL_F_SSL23_CLIENT_HELLO 116 | 1939 #define SSL_F_SSL23_CLIENT_HELLO 116 |
1776 #define SSL_F_SSL23_CONNECT 117 | 1940 #define SSL_F_SSL23_CONNECT 117 |
1777 #define SSL_F_SSL23_GET_CLIENT_HELLO 118 | 1941 #define SSL_F_SSL23_GET_CLIENT_HELLO 118 |
1778 #define SSL_F_SSL23_GET_SERVER_HELLO 119 | 1942 #define SSL_F_SSL23_GET_SERVER_HELLO 119 |
1779 #define SSL_F_SSL23_PEEK 237 | 1943 #define SSL_F_SSL23_PEEK 237 |
1780 #define SSL_F_SSL23_READ 120 | 1944 #define SSL_F_SSL23_READ 120 |
1781 #define SSL_F_SSL23_WRITE 121 | 1945 #define SSL_F_SSL23_WRITE 121 |
1782 #define SSL_F_SSL2_ACCEPT 122 | 1946 #define SSL_F_SSL2_ACCEPT 122 |
1783 #define SSL_F_SSL2_CONNECT 123 | 1947 #define SSL_F_SSL2_CONNECT 123 |
1784 #define SSL_F_SSL2_ENC_INIT 124 | 1948 #define SSL_F_SSL2_ENC_INIT 124 |
1785 #define SSL_F_SSL2_GENERATE_KEY_MATERIAL 241 | 1949 #define SSL_F_SSL2_GENERATE_KEY_MATERIAL 241 |
1786 #define SSL_F_SSL2_PEEK 234 | 1950 #define SSL_F_SSL2_PEEK 234 |
1787 #define SSL_F_SSL2_READ 125 | 1951 #define SSL_F_SSL2_READ 125 |
1788 #define SSL_F_SSL2_READ_INTERNAL 236 | 1952 #define SSL_F_SSL2_READ_INTERNAL 236 |
1789 #define SSL_F_SSL2_SET_CERTIFICATE 126 | 1953 #define SSL_F_SSL2_SET_CERTIFICATE 126 |
1790 #define SSL_F_SSL2_WRITE 127 | 1954 #define SSL_F_SSL2_WRITE 127 |
1791 #define SSL_F_SSL3_ACCEPT 128 | 1955 #define SSL_F_SSL3_ACCEPT 128 |
1792 #define SSL_F_SSL3_ADD_CERT_TO_BUF» » » 281 | 1956 #define SSL_F_SSL3_ADD_CERT_TO_BUF» » » 296 |
1793 #define SSL_F_SSL3_CALLBACK_CTRL 233 | 1957 #define SSL_F_SSL3_CALLBACK_CTRL 233 |
1794 #define SSL_F_SSL3_CHANGE_CIPHER_STATE 129 | 1958 #define SSL_F_SSL3_CHANGE_CIPHER_STATE 129 |
1795 #define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130 | 1959 #define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130 |
| 1960 #define SSL_F_SSL3_CHECK_CLIENT_HELLO 304 |
1796 #define SSL_F_SSL3_CLIENT_HELLO 131 | 1961 #define SSL_F_SSL3_CLIENT_HELLO 131 |
1797 #define SSL_F_SSL3_CONNECT 132 | 1962 #define SSL_F_SSL3_CONNECT 132 |
1798 #define SSL_F_SSL3_CTRL 213 | 1963 #define SSL_F_SSL3_CTRL 213 |
1799 #define SSL_F_SSL3_CTX_CTRL 133 | 1964 #define SSL_F_SSL3_CTX_CTRL 133 |
1800 #define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC» » 279 | 1965 #define SSL_F_SSL3_DIGEST_CACHED_RECORDS» » 293 |
| 1966 #define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC» » 292 |
1801 #define SSL_F_SSL3_ENC 134 | 1967 #define SSL_F_SSL3_ENC 134 |
1802 #define SSL_F_SSL3_GENERATE_KEY_BLOCK 238 | 1968 #define SSL_F_SSL3_GENERATE_KEY_BLOCK 238 |
1803 #define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135 | 1969 #define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135 |
1804 #define SSL_F_SSL3_GET_CERT_STATUS» » » 288 | 1970 #define SSL_F_SSL3_GET_CERT_STATUS» » » 289 |
1805 #define SSL_F_SSL3_GET_CERT_VERIFY 136 | 1971 #define SSL_F_SSL3_GET_CERT_VERIFY 136 |
1806 #define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137 | 1972 #define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137 |
1807 #define SSL_F_SSL3_GET_CLIENT_HELLO 138 | 1973 #define SSL_F_SSL3_GET_CLIENT_HELLO 138 |
1808 #define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE 139 | 1974 #define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE 139 |
1809 #define SSL_F_SSL3_GET_FINISHED 140 | 1975 #define SSL_F_SSL3_GET_FINISHED 140 |
1810 #define SSL_F_SSL3_GET_KEY_EXCHANGE 141 | 1976 #define SSL_F_SSL3_GET_KEY_EXCHANGE 141 |
1811 #define SSL_F_SSL3_GET_MESSAGE 142 | 1977 #define SSL_F_SSL3_GET_MESSAGE 142 |
1812 #define SSL_F_SSL3_GET_NEW_SESSION_TICKET 283 | 1978 #define SSL_F_SSL3_GET_NEW_SESSION_TICKET 283 |
1813 #define SSL_F_SSL3_GET_NEXT_PROTO» » » 297 | 1979 #define SSL_F_SSL3_GET_NEXT_PROTO» » » 304 |
1814 #define SSL_F_SSL3_GET_RECORD 143 | 1980 #define SSL_F_SSL3_GET_RECORD 143 |
1815 #define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144 | 1981 #define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144 |
1816 #define SSL_F_SSL3_GET_SERVER_DONE 145 | 1982 #define SSL_F_SSL3_GET_SERVER_DONE 145 |
1817 #define SSL_F_SSL3_GET_SERVER_HELLO 146 | 1983 #define SSL_F_SSL3_GET_SERVER_HELLO 146 |
1818 #define SSL_F_SSL3_NEW_SESSION_TICKET» » » 284 | 1984 #define SSL_F_SSL3_HANDSHAKE_MAC» » » 285 |
| 1985 #define SSL_F_SSL3_NEW_SESSION_TICKET» » » 287 |
1819 #define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147 | 1986 #define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147 |
1820 #define SSL_F_SSL3_PEEK 235 | 1987 #define SSL_F_SSL3_PEEK 235 |
1821 #define SSL_F_SSL3_READ_BYTES 148 | 1988 #define SSL_F_SSL3_READ_BYTES 148 |
1822 #define SSL_F_SSL3_READ_N 149 | 1989 #define SSL_F_SSL3_READ_N 149 |
1823 #define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150 | 1990 #define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150 |
1824 #define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE 151 | 1991 #define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE 151 |
1825 #define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE 152 | 1992 #define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE 152 |
1826 #define SSL_F_SSL3_SEND_CLIENT_VERIFY 153 | 1993 #define SSL_F_SSL3_SEND_CLIENT_VERIFY 153 |
1827 #define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154 | 1994 #define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154 |
1828 #define SSL_F_SSL3_SEND_SERVER_HELLO 242 | 1995 #define SSL_F_SSL3_SEND_SERVER_HELLO 242 |
1829 #define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155 | 1996 #define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155 |
1830 #define SSL_F_SSL3_SETUP_BUFFERS 156 | |
1831 #define SSL_F_SSL3_SETUP_KEY_BLOCK 157 | 1997 #define SSL_F_SSL3_SETUP_KEY_BLOCK 157 |
| 1998 #define SSL_F_SSL3_SETUP_READ_BUFFER 156 |
| 1999 #define SSL_F_SSL3_SETUP_WRITE_BUFFER 291 |
1832 #define SSL_F_SSL3_WRITE_BYTES 158 | 2000 #define SSL_F_SSL3_WRITE_BYTES 158 |
1833 #define SSL_F_SSL3_WRITE_PENDING 159 | 2001 #define SSL_F_SSL3_WRITE_PENDING 159 |
1834 #define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT» 285 | 2002 #define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT» 298 |
1835 #define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT» » 272 | 2003 #define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT» » 277 |
1836 #define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215 | 2004 #define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215 |
1837 #define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216 | 2005 #define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216 |
1838 #define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT» 286 | 2006 #define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT» 299 |
1839 #define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT» » 273 | 2007 #define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT» » 278 |
1840 #define SSL_F_SSL_BAD_METHOD 160 | 2008 #define SSL_F_SSL_BAD_METHOD 160 |
1841 #define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161 | 2009 #define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161 |
1842 #define SSL_F_SSL_CERT_DUP 221 | 2010 #define SSL_F_SSL_CERT_DUP 221 |
1843 #define SSL_F_SSL_CERT_INST 222 | 2011 #define SSL_F_SSL_CERT_INST 222 |
1844 #define SSL_F_SSL_CERT_INSTANTIATE 214 | 2012 #define SSL_F_SSL_CERT_INSTANTIATE 214 |
1845 #define SSL_F_SSL_CERT_NEW 162 | 2013 #define SSL_F_SSL_CERT_NEW 162 |
1846 #define SSL_F_SSL_CHECK_PRIVATE_KEY 163 | 2014 #define SSL_F_SSL_CHECK_PRIVATE_KEY 163 |
1847 #define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT» » 274 | 2015 #define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT» » 280 |
| 2016 #define SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG» » 279 |
1848 #define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230 | 2017 #define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230 |
1849 #define SSL_F_SSL_CIPHER_STRENGTH_SORT 231 | 2018 #define SSL_F_SSL_CIPHER_STRENGTH_SORT 231 |
1850 #define SSL_F_SSL_CLEAR 164 | 2019 #define SSL_F_SSL_CLEAR 164 |
1851 #define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD 165 | 2020 #define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD 165 |
1852 #define SSL_F_SSL_CREATE_CIPHER_LIST 166 | 2021 #define SSL_F_SSL_CREATE_CIPHER_LIST 166 |
1853 #define SSL_F_SSL_CTRL 232 | 2022 #define SSL_F_SSL_CTRL 232 |
1854 #define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168 | 2023 #define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168 |
1855 #define SSL_F_SSL_CTX_NEW 169 | 2024 #define SSL_F_SSL_CTX_NEW 169 |
1856 #define SSL_F_SSL_CTX_SET_CIPHER_LIST 269 | 2025 #define SSL_F_SSL_CTX_SET_CIPHER_LIST 269 |
1857 #define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE» » 278 | 2026 #define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE» » 290 |
1858 #define SSL_F_SSL_CTX_SET_PURPOSE 226 | 2027 #define SSL_F_SSL_CTX_SET_PURPOSE 226 |
1859 #define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219 | 2028 #define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219 |
1860 #define SSL_F_SSL_CTX_SET_SSL_VERSION 170 | 2029 #define SSL_F_SSL_CTX_SET_SSL_VERSION 170 |
1861 #define SSL_F_SSL_CTX_SET_TRUST 229 | 2030 #define SSL_F_SSL_CTX_SET_TRUST 229 |
1862 #define SSL_F_SSL_CTX_USE_CERTIFICATE 171 | 2031 #define SSL_F_SSL_CTX_USE_CERTIFICATE 171 |
1863 #define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 172 | 2032 #define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 172 |
1864 #define SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE 220 | 2033 #define SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE 220 |
1865 #define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 173 | 2034 #define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 173 |
1866 #define SSL_F_SSL_CTX_USE_PRIVATEKEY 174 | 2035 #define SSL_F_SSL_CTX_USE_PRIVATEKEY 174 |
1867 #define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 175 | 2036 #define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 175 |
1868 #define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 176 | 2037 #define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 176 |
| 2038 #define SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT 272 |
1869 #define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 177 | 2039 #define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 177 |
1870 #define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 178 | 2040 #define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 178 |
1871 #define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 179 | 2041 #define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 179 |
1872 #define SSL_F_SSL_DO_HANDSHAKE 180 | 2042 #define SSL_F_SSL_DO_HANDSHAKE 180 |
1873 #define SSL_F_SSL_GET_NEW_SESSION 181 | 2043 #define SSL_F_SSL_GET_NEW_SESSION 181 |
1874 #define SSL_F_SSL_GET_PREV_SESSION 217 | 2044 #define SSL_F_SSL_GET_PREV_SESSION 217 |
1875 #define SSL_F_SSL_GET_SERVER_SEND_CERT 182 | 2045 #define SSL_F_SSL_GET_SERVER_SEND_CERT 182 |
1876 #define SSL_F_SSL_GET_SIGN_PKEY 183 | 2046 #define SSL_F_SSL_GET_SIGN_PKEY 183 |
1877 #define SSL_F_SSL_INIT_WBIO_BUFFER 184 | 2047 #define SSL_F_SSL_INIT_WBIO_BUFFER 184 |
1878 #define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185 | 2048 #define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185 |
1879 #define SSL_F_SSL_NEW 186 | 2049 #define SSL_F_SSL_NEW 186 |
1880 #define SSL_F_SSL_NEXT_PROTOS_PARSE» » » 298 | 2050 #define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT» 300 |
1881 #define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT» 287 | 2051 #define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT» » 302 |
1882 #define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT» » 290 | 2052 #define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT» 301 |
1883 #define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT» 289 | 2053 #define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT» » 303 |
1884 #define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT» » 291 | |
1885 #define SSL_F_SSL_PEEK 270 | 2054 #define SSL_F_SSL_PEEK 270 |
1886 #define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT» » 275 | 2055 #define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT» » 281 |
1887 #define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT» » 276 | 2056 #define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT» » 282 |
1888 #define SSL_F_SSL_READ 223 | 2057 #define SSL_F_SSL_READ 223 |
1889 #define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187 | 2058 #define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187 |
1890 #define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188 | 2059 #define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188 |
1891 #define SSL_F_SSL_SESSION_NEW 189 | 2060 #define SSL_F_SSL_SESSION_NEW 189 |
1892 #define SSL_F_SSL_SESSION_PRINT_FP 190 | 2061 #define SSL_F_SSL_SESSION_PRINT_FP 190 |
1893 #define SSL_F_SSL_SESS_CERT_NEW 225 | 2062 #define SSL_F_SSL_SESS_CERT_NEW 225 |
1894 #define SSL_F_SSL_SET_CERT 191 | 2063 #define SSL_F_SSL_SET_CERT 191 |
1895 #define SSL_F_SSL_SET_CIPHER_LIST 271 | 2064 #define SSL_F_SSL_SET_CIPHER_LIST 271 |
1896 #define SSL_F_SSL_SET_FD 192 | 2065 #define SSL_F_SSL_SET_FD 192 |
1897 #define SSL_F_SSL_SET_PKEY 193 | 2066 #define SSL_F_SSL_SET_PKEY 193 |
1898 #define SSL_F_SSL_SET_PURPOSE 227 | 2067 #define SSL_F_SSL_SET_PURPOSE 227 |
1899 #define SSL_F_SSL_SET_RFD 194 | 2068 #define SSL_F_SSL_SET_RFD 194 |
1900 #define SSL_F_SSL_SET_SESSION 195 | 2069 #define SSL_F_SSL_SET_SESSION 195 |
1901 #define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218 | 2070 #define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218 |
| 2071 #define SSL_F_SSL_SET_SESSION_TICKET_EXT 294 |
1902 #define SSL_F_SSL_SET_TRUST 228 | 2072 #define SSL_F_SSL_SET_TRUST 228 |
1903 #define SSL_F_SSL_SET_WFD 196 | 2073 #define SSL_F_SSL_SET_WFD 196 |
1904 #define SSL_F_SSL_SHUTDOWN 224 | 2074 #define SSL_F_SSL_SHUTDOWN 224 |
1905 #define SSL_F_SSL_UNDEFINED_CONST_FUNCTION 243 | 2075 #define SSL_F_SSL_UNDEFINED_CONST_FUNCTION 243 |
1906 #define SSL_F_SSL_UNDEFINED_FUNCTION 197 | 2076 #define SSL_F_SSL_UNDEFINED_FUNCTION 197 |
1907 #define SSL_F_SSL_UNDEFINED_VOID_FUNCTION 244 | 2077 #define SSL_F_SSL_UNDEFINED_VOID_FUNCTION 244 |
1908 #define SSL_F_SSL_USE_CERTIFICATE 198 | 2078 #define SSL_F_SSL_USE_CERTIFICATE 198 |
1909 #define SSL_F_SSL_USE_CERTIFICATE_ASN1 199 | 2079 #define SSL_F_SSL_USE_CERTIFICATE_ASN1 199 |
| 2080 #define SSL_F_SSL_USE_CERTIFICATE_CHAIN 2000 |
1910 #define SSL_F_SSL_USE_CERTIFICATE_FILE 200 | 2081 #define SSL_F_SSL_USE_CERTIFICATE_FILE 200 |
1911 #define SSL_F_SSL_USE_PRIVATEKEY 201 | 2082 #define SSL_F_SSL_USE_PRIVATEKEY 201 |
1912 #define SSL_F_SSL_USE_PRIVATEKEY_ASN1 202 | 2083 #define SSL_F_SSL_USE_PRIVATEKEY_ASN1 202 |
1913 #define SSL_F_SSL_USE_PRIVATEKEY_FILE 203 | 2084 #define SSL_F_SSL_USE_PRIVATEKEY_FILE 203 |
| 2085 #define SSL_F_SSL_USE_PSK_IDENTITY_HINT 273 |
1914 #define SSL_F_SSL_USE_RSAPRIVATEKEY 204 | 2086 #define SSL_F_SSL_USE_RSAPRIVATEKEY 204 |
1915 #define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 205 | 2087 #define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 205 |
1916 #define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 206 | 2088 #define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 206 |
1917 #define SSL_F_SSL_VERIFY_CERT_CHAIN 207 | 2089 #define SSL_F_SSL_VERIFY_CERT_CHAIN 207 |
1918 #define SSL_F_SSL_WRITE 208 | 2090 #define SSL_F_SSL_WRITE 208 |
| 2091 #define SSL_F_TLS1_CERT_VERIFY_MAC 286 |
1919 #define SSL_F_TLS1_CHANGE_CIPHER_STATE 209 | 2092 #define SSL_F_TLS1_CHANGE_CIPHER_STATE 209 |
| 2093 #define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT 274 |
1920 #define SSL_F_TLS1_ENC 210 | 2094 #define SSL_F_TLS1_ENC 210 |
| 2095 #define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT 275 |
| 2096 #define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT 276 |
| 2097 #define SSL_F_TLS1_PRF 284 |
1921 #define SSL_F_TLS1_SETUP_KEY_BLOCK 211 | 2098 #define SSL_F_TLS1_SETUP_KEY_BLOCK 211 |
1922 #define SSL_F_WRITE_PENDING 212 | 2099 #define SSL_F_WRITE_PENDING 212 |
1923 /* Next entry: 300 */ | |
1924 | 2100 |
1925 /* Reason codes. */ | 2101 /* Reason codes. */ |
1926 #define SSL_R_APP_DATA_IN_HANDSHAKE 100 | 2102 #define SSL_R_APP_DATA_IN_HANDSHAKE 100 |
1927 #define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272 | 2103 #define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272 |
1928 #define SSL_R_BAD_ALERT_RECORD 101 | 2104 #define SSL_R_BAD_ALERT_RECORD 101 |
1929 #define SSL_R_BAD_AUTHENTICATION_TYPE 102 | 2105 #define SSL_R_BAD_AUTHENTICATION_TYPE 102 |
1930 #define SSL_R_BAD_CHANGE_CIPHER_SPEC 103 | 2106 #define SSL_R_BAD_CHANGE_CIPHER_SPEC 103 |
1931 #define SSL_R_BAD_CHECKSUM 104 | 2107 #define SSL_R_BAD_CHECKSUM 104 |
1932 #define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106 | 2108 #define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106 |
1933 #define SSL_R_BAD_DECOMPRESSION 107 | 2109 #define SSL_R_BAD_DECOMPRESSION 107 |
1934 #define SSL_R_BAD_DH_G_LENGTH 108 | 2110 #define SSL_R_BAD_DH_G_LENGTH 108 |
1935 #define SSL_R_BAD_DH_PUB_KEY_LENGTH 109 | 2111 #define SSL_R_BAD_DH_PUB_KEY_LENGTH 109 |
1936 #define SSL_R_BAD_DH_P_LENGTH 110 | 2112 #define SSL_R_BAD_DH_P_LENGTH 110 |
1937 #define SSL_R_BAD_DIGEST_LENGTH 111 | 2113 #define SSL_R_BAD_DIGEST_LENGTH 111 |
1938 #define SSL_R_BAD_DSA_SIGNATURE 112 | 2114 #define SSL_R_BAD_DSA_SIGNATURE 112 |
1939 #define SSL_R_BAD_ECC_CERT 304 | 2115 #define SSL_R_BAD_ECC_CERT 304 |
1940 #define SSL_R_BAD_ECDSA_SIGNATURE 305 | 2116 #define SSL_R_BAD_ECDSA_SIGNATURE 305 |
1941 #define SSL_R_BAD_ECPOINT 306 | 2117 #define SSL_R_BAD_ECPOINT 306 |
| 2118 #define SSL_R_BAD_HANDSHAKE_LENGTH 332 |
1942 #define SSL_R_BAD_HELLO_REQUEST 105 | 2119 #define SSL_R_BAD_HELLO_REQUEST 105 |
1943 #define SSL_R_BAD_LENGTH 271 | 2120 #define SSL_R_BAD_LENGTH 271 |
1944 #define SSL_R_BAD_MAC_DECODE 113 | 2121 #define SSL_R_BAD_MAC_DECODE 113 |
| 2122 #define SSL_R_BAD_MAC_LENGTH 333 |
1945 #define SSL_R_BAD_MESSAGE_TYPE 114 | 2123 #define SSL_R_BAD_MESSAGE_TYPE 114 |
1946 #define SSL_R_BAD_PACKET_LENGTH 115 | 2124 #define SSL_R_BAD_PACKET_LENGTH 115 |
1947 #define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116 | 2125 #define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116 |
| 2126 #define SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH 316 |
1948 #define SSL_R_BAD_RESPONSE_ARGUMENT 117 | 2127 #define SSL_R_BAD_RESPONSE_ARGUMENT 117 |
1949 #define SSL_R_BAD_RSA_DECRYPT 118 | 2128 #define SSL_R_BAD_RSA_DECRYPT 118 |
1950 #define SSL_R_BAD_RSA_ENCRYPT 119 | 2129 #define SSL_R_BAD_RSA_ENCRYPT 119 |
1951 #define SSL_R_BAD_RSA_E_LENGTH 120 | 2130 #define SSL_R_BAD_RSA_E_LENGTH 120 |
1952 #define SSL_R_BAD_RSA_MODULUS_LENGTH 121 | 2131 #define SSL_R_BAD_RSA_MODULUS_LENGTH 121 |
1953 #define SSL_R_BAD_RSA_SIGNATURE 122 | 2132 #define SSL_R_BAD_RSA_SIGNATURE 122 |
1954 #define SSL_R_BAD_SIGNATURE 123 | 2133 #define SSL_R_BAD_SIGNATURE 123 |
1955 #define SSL_R_BAD_SSL_FILETYPE 124 | 2134 #define SSL_R_BAD_SSL_FILETYPE 124 |
1956 #define SSL_R_BAD_SSL_SESSION_ID_LENGTH 125 | 2135 #define SSL_R_BAD_SSL_SESSION_ID_LENGTH 125 |
1957 #define SSL_R_BAD_STATE 126 | 2136 #define SSL_R_BAD_STATE 126 |
1958 #define SSL_R_BAD_WRITE_RETRY 127 | 2137 #define SSL_R_BAD_WRITE_RETRY 127 |
1959 #define SSL_R_BIO_NOT_SET 128 | 2138 #define SSL_R_BIO_NOT_SET 128 |
1960 #define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 129 | 2139 #define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 129 |
1961 #define SSL_R_BN_LIB 130 | 2140 #define SSL_R_BN_LIB 130 |
1962 #define SSL_R_CA_DN_LENGTH_MISMATCH 131 | 2141 #define SSL_R_CA_DN_LENGTH_MISMATCH 131 |
1963 #define SSL_R_CA_DN_TOO_LONG 132 | 2142 #define SSL_R_CA_DN_TOO_LONG 132 |
1964 #define SSL_R_CCS_RECEIVED_EARLY 133 | 2143 #define SSL_R_CCS_RECEIVED_EARLY 133 |
1965 #define SSL_R_CERTIFICATE_VERIFY_FAILED 134 | 2144 #define SSL_R_CERTIFICATE_VERIFY_FAILED 134 |
1966 #define SSL_R_CERT_LENGTH_MISMATCH 135 | 2145 #define SSL_R_CERT_LENGTH_MISMATCH 135 |
1967 #define SSL_R_CHALLENGE_IS_DIFFERENT 136 | 2146 #define SSL_R_CHALLENGE_IS_DIFFERENT 136 |
1968 #define SSL_R_CIPHER_CODE_WRONG_LENGTH 137 | 2147 #define SSL_R_CIPHER_CODE_WRONG_LENGTH 137 |
1969 #define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138 | 2148 #define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138 |
1970 #define SSL_R_CIPHER_TABLE_SRC_ERROR 139 | 2149 #define SSL_R_CIPHER_TABLE_SRC_ERROR 139 |
1971 #define SSL_R_CLIENTHELLO_TLSEXT» » » 157 | 2150 #define SSL_R_CLIENTHELLO_TLSEXT» » » 226 |
1972 #define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140 | 2151 #define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140 |
| 2152 #define SSL_R_COMPRESSION_DISABLED 343 |
1973 #define SSL_R_COMPRESSION_FAILURE 141 | 2153 #define SSL_R_COMPRESSION_FAILURE 141 |
1974 #define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE 307 | 2154 #define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE 307 |
1975 #define SSL_R_COMPRESSION_LIBRARY_ERROR 142 | 2155 #define SSL_R_COMPRESSION_LIBRARY_ERROR 142 |
1976 #define SSL_R_CONNECTION_ID_IS_DIFFERENT 143 | 2156 #define SSL_R_CONNECTION_ID_IS_DIFFERENT 143 |
1977 #define SSL_R_CONNECTION_TYPE_NOT_SET 144 | 2157 #define SSL_R_CONNECTION_TYPE_NOT_SET 144 |
1978 #define SSL_R_COOKIE_MISMATCH 308 | 2158 #define SSL_R_COOKIE_MISMATCH 308 |
1979 #define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145 | 2159 #define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145 |
1980 #define SSL_R_DATA_LENGTH_TOO_LONG 146 | 2160 #define SSL_R_DATA_LENGTH_TOO_LONG 146 |
1981 #define SSL_R_DECRYPTION_FAILED 147 | 2161 #define SSL_R_DECRYPTION_FAILED 147 |
1982 #define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 281 | 2162 #define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 281 |
1983 #define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148 | 2163 #define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148 |
1984 #define SSL_R_DIGEST_CHECK_FAILED 149 | 2164 #define SSL_R_DIGEST_CHECK_FAILED 149 |
1985 #define SSL_R_DTLS_MESSAGE_TOO_BIG» » » 318 | 2165 #define SSL_R_DTLS_MESSAGE_TOO_BIG» » » 334 |
1986 #define SSL_R_DUPLICATE_COMPRESSION_ID 309 | 2166 #define SSL_R_DUPLICATE_COMPRESSION_ID 309 |
| 2167 #define SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT 317 |
| 2168 #define SSL_R_ECC_CERT_NOT_FOR_SIGNING 318 |
| 2169 #define SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE 322 |
| 2170 #define SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE 323 |
1987 #define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER 310 | 2171 #define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER 310 |
1988 #define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150 | 2172 #define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150 |
1989 #define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 282 | 2173 #define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 282 |
1990 #define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151 | 2174 #define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151 |
1991 #define SSL_R_EXCESSIVE_MESSAGE_SIZE 152 | 2175 #define SSL_R_EXCESSIVE_MESSAGE_SIZE 152 |
1992 #define SSL_R_EXTRA_DATA_IN_MESSAGE 153 | 2176 #define SSL_R_EXTRA_DATA_IN_MESSAGE 153 |
1993 #define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154 | 2177 #define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154 |
1994 #define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS» » 334 | 2178 #define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS» » 346 |
1995 #define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION» » 335 | 2179 #define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION» » 347 |
1996 #define SSL_R_HTTPS_PROXY_REQUEST 155 | 2180 #define SSL_R_HTTPS_PROXY_REQUEST 155 |
1997 #define SSL_R_HTTP_REQUEST 156 | 2181 #define SSL_R_HTTP_REQUEST 156 |
1998 #define SSL_R_ILLEGAL_PADDING 283 | 2182 #define SSL_R_ILLEGAL_PADDING 283 |
| 2183 #define SSL_R_INCONSISTENT_COMPRESSION 340 |
1999 #define SSL_R_INVALID_CHALLENGE_LENGTH 158 | 2184 #define SSL_R_INVALID_CHALLENGE_LENGTH 158 |
2000 #define SSL_R_INVALID_COMMAND 280 | 2185 #define SSL_R_INVALID_COMMAND 280 |
| 2186 #define SSL_R_INVALID_COMPRESSION_ALGORITHM 341 |
2001 #define SSL_R_INVALID_PURPOSE 278 | 2187 #define SSL_R_INVALID_PURPOSE 278 |
2002 #define SSL_R_INVALID_STATUS_RESPONSE» » » 316 | 2188 #define SSL_R_INVALID_STATUS_RESPONSE» » » 328 |
2003 #define SSL_R_INVALID_TICKET_KEYS_LENGTH» » 275 | 2189 #define SSL_R_INVALID_TICKET_KEYS_LENGTH» » 325 |
2004 #define SSL_R_INVALID_TRUST 279 | 2190 #define SSL_R_INVALID_TRUST 279 |
2005 #define SSL_R_KEY_ARG_TOO_LONG 284 | 2191 #define SSL_R_KEY_ARG_TOO_LONG 284 |
2006 #define SSL_R_KRB5 285 | 2192 #define SSL_R_KRB5 285 |
2007 #define SSL_R_KRB5_C_CC_PRINC 286 | 2193 #define SSL_R_KRB5_C_CC_PRINC 286 |
2008 #define SSL_R_KRB5_C_GET_CRED 287 | 2194 #define SSL_R_KRB5_C_GET_CRED 287 |
2009 #define SSL_R_KRB5_C_INIT 288 | 2195 #define SSL_R_KRB5_C_INIT 288 |
2010 #define SSL_R_KRB5_C_MK_REQ 289 | 2196 #define SSL_R_KRB5_C_MK_REQ 289 |
2011 #define SSL_R_KRB5_S_BAD_TICKET 290 | 2197 #define SSL_R_KRB5_S_BAD_TICKET 290 |
2012 #define SSL_R_KRB5_S_INIT 291 | 2198 #define SSL_R_KRB5_S_INIT 291 |
2013 #define SSL_R_KRB5_S_RD_REQ 292 | 2199 #define SSL_R_KRB5_S_RD_REQ 292 |
(...skipping 12 matching lines...) Expand all Loading... |
2026 #define SSL_R_MISSING_EXPORT_TMP_DH_KEY 166 | 2212 #define SSL_R_MISSING_EXPORT_TMP_DH_KEY 166 |
2027 #define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 167 | 2213 #define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 167 |
2028 #define SSL_R_MISSING_RSA_CERTIFICATE 168 | 2214 #define SSL_R_MISSING_RSA_CERTIFICATE 168 |
2029 #define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169 | 2215 #define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169 |
2030 #define SSL_R_MISSING_RSA_SIGNING_CERT 170 | 2216 #define SSL_R_MISSING_RSA_SIGNING_CERT 170 |
2031 #define SSL_R_MISSING_TMP_DH_KEY 171 | 2217 #define SSL_R_MISSING_TMP_DH_KEY 171 |
2032 #define SSL_R_MISSING_TMP_ECDH_KEY 311 | 2218 #define SSL_R_MISSING_TMP_ECDH_KEY 311 |
2033 #define SSL_R_MISSING_TMP_RSA_KEY 172 | 2219 #define SSL_R_MISSING_TMP_RSA_KEY 172 |
2034 #define SSL_R_MISSING_TMP_RSA_PKEY 173 | 2220 #define SSL_R_MISSING_TMP_RSA_PKEY 173 |
2035 #define SSL_R_MISSING_VERIFY_MESSAGE 174 | 2221 #define SSL_R_MISSING_VERIFY_MESSAGE 174 |
| 2222 #define SSL_R_MULTIPLE_SGC_RESTARTS 346 |
2036 #define SSL_R_NON_SSLV2_INITIAL_PACKET 175 | 2223 #define SSL_R_NON_SSLV2_INITIAL_PACKET 175 |
2037 #define SSL_R_NO_CERTIFICATES_RETURNED 176 | 2224 #define SSL_R_NO_CERTIFICATES_RETURNED 176 |
2038 #define SSL_R_NO_CERTIFICATE_ASSIGNED 177 | 2225 #define SSL_R_NO_CERTIFICATE_ASSIGNED 177 |
2039 #define SSL_R_NO_CERTIFICATE_RETURNED 178 | 2226 #define SSL_R_NO_CERTIFICATE_RETURNED 178 |
2040 #define SSL_R_NO_CERTIFICATE_SET 179 | 2227 #define SSL_R_NO_CERTIFICATE_SET 179 |
2041 #define SSL_R_NO_CERTIFICATE_SPECIFIED 180 | 2228 #define SSL_R_NO_CERTIFICATE_SPECIFIED 180 |
2042 #define SSL_R_NO_CIPHERS_AVAILABLE 181 | 2229 #define SSL_R_NO_CIPHERS_AVAILABLE 181 |
2043 #define SSL_R_NO_CIPHERS_PASSED 182 | 2230 #define SSL_R_NO_CIPHERS_PASSED 182 |
2044 #define SSL_R_NO_CIPHERS_SPECIFIED 183 | 2231 #define SSL_R_NO_CIPHERS_SPECIFIED 183 |
2045 #define SSL_R_NO_CIPHER_LIST 184 | 2232 #define SSL_R_NO_CIPHER_LIST 184 |
2046 #define SSL_R_NO_CIPHER_MATCH 185 | 2233 #define SSL_R_NO_CIPHER_MATCH 185 |
2047 #define SSL_R_NO_CLIENT_CERT_METHOD» » » 317 | 2234 #define SSL_R_NO_CLIENT_CERT_METHOD» » » 331 |
2048 #define SSL_R_NO_CLIENT_CERT_RECEIVED 186 | 2235 #define SSL_R_NO_CLIENT_CERT_RECEIVED 186 |
2049 #define SSL_R_NO_COMPRESSION_SPECIFIED 187 | 2236 #define SSL_R_NO_COMPRESSION_SPECIFIED 187 |
| 2237 #define SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER 330 |
2050 #define SSL_R_NO_METHOD_SPECIFIED 188 | 2238 #define SSL_R_NO_METHOD_SPECIFIED 188 |
2051 #define SSL_R_NO_PRIVATEKEY 189 | 2239 #define SSL_R_NO_PRIVATEKEY 189 |
2052 #define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190 | 2240 #define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190 |
2053 #define SSL_R_NO_PROTOCOLS_AVAILABLE 191 | 2241 #define SSL_R_NO_PROTOCOLS_AVAILABLE 191 |
2054 #define SSL_R_NO_PUBLICKEY 192 | 2242 #define SSL_R_NO_PUBLICKEY 192 |
2055 #define SSL_R_NO_RENEGOTIATION» » » » 319 | 2243 #define SSL_R_NO_RENEGOTIATION» » » » 339 |
| 2244 #define SSL_R_NO_REQUIRED_DIGEST» » » 324 |
2056 #define SSL_R_NO_SHARED_CIPHER 193 | 2245 #define SSL_R_NO_SHARED_CIPHER 193 |
2057 #define SSL_R_NO_VERIFY_CALLBACK 194 | 2246 #define SSL_R_NO_VERIFY_CALLBACK 194 |
2058 #define SSL_R_NULL_SSL_CTX 195 | 2247 #define SSL_R_NULL_SSL_CTX 195 |
2059 #define SSL_R_NULL_SSL_METHOD_PASSED 196 | 2248 #define SSL_R_NULL_SSL_METHOD_PASSED 196 |
2060 #define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197 | 2249 #define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197 |
| 2250 #define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344 |
2061 #define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE 297 | 2251 #define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE 297 |
| 2252 #define SSL_R_OPAQUE_PRF_INPUT_TOO_LONG 327 |
2062 #define SSL_R_PACKET_LENGTH_TOO_LONG 198 | 2253 #define SSL_R_PACKET_LENGTH_TOO_LONG 198 |
2063 #define SSL_R_PARSE_TLSEXT» » » » 223 | 2254 #define SSL_R_PARSE_TLSEXT» » » » 227 |
2064 #define SSL_R_PATH_TOO_LONG 270 | 2255 #define SSL_R_PATH_TOO_LONG 270 |
2065 #define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199 | 2256 #define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199 |
2066 #define SSL_R_PEER_ERROR 200 | 2257 #define SSL_R_PEER_ERROR 200 |
2067 #define SSL_R_PEER_ERROR_CERTIFICATE 201 | 2258 #define SSL_R_PEER_ERROR_CERTIFICATE 201 |
2068 #define SSL_R_PEER_ERROR_NO_CERTIFICATE 202 | 2259 #define SSL_R_PEER_ERROR_NO_CERTIFICATE 202 |
2069 #define SSL_R_PEER_ERROR_NO_CIPHER 203 | 2260 #define SSL_R_PEER_ERROR_NO_CIPHER 203 |
2070 #define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 204 | 2261 #define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 204 |
2071 #define SSL_R_PRE_MAC_LENGTH_TOO_LONG 205 | 2262 #define SSL_R_PRE_MAC_LENGTH_TOO_LONG 205 |
2072 #define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 206 | 2263 #define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 206 |
2073 #define SSL_R_PROTOCOL_IS_SHUTDOWN 207 | 2264 #define SSL_R_PROTOCOL_IS_SHUTDOWN 207 |
| 2265 #define SSL_R_PSK_IDENTITY_NOT_FOUND 223 |
| 2266 #define SSL_R_PSK_NO_CLIENT_CB 224 |
| 2267 #define SSL_R_PSK_NO_SERVER_CB 225 |
2074 #define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 208 | 2268 #define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 208 |
2075 #define SSL_R_PUBLIC_KEY_IS_NOT_RSA 209 | 2269 #define SSL_R_PUBLIC_KEY_IS_NOT_RSA 209 |
2076 #define SSL_R_PUBLIC_KEY_NOT_RSA 210 | 2270 #define SSL_R_PUBLIC_KEY_NOT_RSA 210 |
2077 #define SSL_R_READ_BIO_NOT_SET 211 | 2271 #define SSL_R_READ_BIO_NOT_SET 211 |
2078 #define SSL_R_READ_TIMEOUT_EXPIRED 312 | 2272 #define SSL_R_READ_TIMEOUT_EXPIRED 312 |
2079 #define SSL_R_READ_WRONG_PACKET_TYPE 212 | 2273 #define SSL_R_READ_WRONG_PACKET_TYPE 212 |
2080 #define SSL_R_RECORD_LENGTH_MISMATCH 213 | 2274 #define SSL_R_RECORD_LENGTH_MISMATCH 213 |
2081 #define SSL_R_RECORD_TOO_LARGE 214 | 2275 #define SSL_R_RECORD_TOO_LARGE 214 |
2082 #define SSL_R_RECORD_TOO_SMALL 298 | 2276 #define SSL_R_RECORD_TOO_SMALL 298 |
2083 #define SSL_R_RENEGOTIATE_EXT_TOO_LONG» » » 320 | 2277 #define SSL_R_RENEGOTIATE_EXT_TOO_LONG» » » 335 |
2084 #define SSL_R_RENEGOTIATION_ENCODING_ERR» » 321 | 2278 #define SSL_R_RENEGOTIATION_ENCODING_ERR» » 336 |
2085 #define SSL_R_RENEGOTIATION_MISMATCH» » » 322 | 2279 #define SSL_R_RENEGOTIATION_MISMATCH» » » 337 |
2086 #define SSL_R_REQUIRED_CIPHER_MISSING 215 | 2280 #define SSL_R_REQUIRED_CIPHER_MISSING 215 |
| 2281 #define SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING 342 |
2087 #define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216 | 2282 #define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216 |
2088 #define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217 | 2283 #define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217 |
2089 #define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218 | 2284 #define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218 |
2090 #define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING» » 324 | 2285 #define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING» » 345 |
2091 #define SSL_R_SERVERHELLO_TLSEXT» » » 224 | 2286 #define SSL_R_SERVERHELLO_TLSEXT» » » 275 |
2092 #define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277 | 2287 #define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277 |
| 2288 #define SSL_R_SESSION_MAY_NOT_BE_CREATED 2000 |
2093 #define SSL_R_SHORT_READ 219 | 2289 #define SSL_R_SHORT_READ 219 |
2094 #define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220 | 2290 #define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220 |
2095 #define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221 | 2291 #define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221 |
2096 #define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 299 | 2292 #define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 299 |
2097 #define SSL_R_SSL3_EXT_INVALID_SERVERNAME» » 225 | 2293 #define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT» » 321 |
2098 #define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE» » 226 | 2294 #define SSL_R_SSL3_EXT_INVALID_SERVERNAME» » 319 |
| 2295 #define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE» » 320 |
2099 #define SSL_R_SSL3_SESSION_ID_TOO_LONG 300 | 2296 #define SSL_R_SSL3_SESSION_ID_TOO_LONG 300 |
2100 #define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222 | 2297 #define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222 |
2101 #define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042 | 2298 #define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042 |
2102 #define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020 | 2299 #define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020 |
2103 #define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045 | 2300 #define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045 |
2104 #define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044 | 2301 #define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044 |
2105 #define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046 | 2302 #define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046 |
2106 #define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030 | 2303 #define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030 |
2107 #define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040 | 2304 #define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040 |
2108 #define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047 | 2305 #define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047 |
(...skipping 13 matching lines...) Expand all Loading... |
2122 #define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021 | 2319 #define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021 |
2123 #define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051 | 2320 #define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051 |
2124 #define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060 | 2321 #define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060 |
2125 #define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 | 2322 #define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 |
2126 #define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 | 2323 #define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 |
2127 #define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 | 2324 #define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 |
2128 #define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070 | 2325 #define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070 |
2129 #define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022 | 2326 #define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022 |
2130 #define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048 | 2327 #define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048 |
2131 #define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090 | 2328 #define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090 |
| 2329 #define SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE 1114 |
| 2330 #define SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE 1113 |
| 2331 #define SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE 1111 |
| 2332 #define SSL_R_TLSV1_UNRECOGNIZED_NAME 1112 |
| 2333 #define SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110 |
2132 #define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232 | 2334 #define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232 |
2133 #define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST» » 227 | 2335 #define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST» » 157 |
2134 #define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233 | 2336 #define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233 |
2135 #define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234 | 2337 #define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234 |
2136 #define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235 | 2338 #define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235 |
2137 #define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236 | 2339 #define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236 |
2138 #define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS 313 | 2340 #define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS 313 |
2139 #define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 237 | 2341 #define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 237 |
2140 #define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 238 | 2342 #define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 238 |
2141 #define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS 314 | 2343 #define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS 314 |
2142 #define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239 | 2344 #define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239 |
2143 #define SSL_R_UNABLE_TO_FIND_SSL_METHOD 240 | 2345 #define SSL_R_UNABLE_TO_FIND_SSL_METHOD 240 |
2144 #define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES 241 | 2346 #define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES 241 |
2145 #define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 242 | 2347 #define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 242 |
2146 #define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243 | 2348 #define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243 |
2147 #define SSL_R_UNEXPECTED_MESSAGE 244 | 2349 #define SSL_R_UNEXPECTED_MESSAGE 244 |
2148 #define SSL_R_UNEXPECTED_RECORD 245 | 2350 #define SSL_R_UNEXPECTED_RECORD 245 |
2149 #define SSL_R_UNINITIALIZED 276 | 2351 #define SSL_R_UNINITIALIZED 276 |
2150 #define SSL_R_UNKNOWN_ALERT_TYPE 246 | 2352 #define SSL_R_UNKNOWN_ALERT_TYPE 246 |
2151 #define SSL_R_UNKNOWN_CERTIFICATE_TYPE 247 | 2353 #define SSL_R_UNKNOWN_CERTIFICATE_TYPE 247 |
2152 #define SSL_R_UNKNOWN_CIPHER_RETURNED 248 | 2354 #define SSL_R_UNKNOWN_CIPHER_RETURNED 248 |
2153 #define SSL_R_UNKNOWN_CIPHER_TYPE 249 | 2355 #define SSL_R_UNKNOWN_CIPHER_TYPE 249 |
2154 #define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250 | 2356 #define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250 |
2155 #define SSL_R_UNKNOWN_PKEY_TYPE 251 | 2357 #define SSL_R_UNKNOWN_PKEY_TYPE 251 |
2156 #define SSL_R_UNKNOWN_PROTOCOL 252 | 2358 #define SSL_R_UNKNOWN_PROTOCOL 252 |
2157 #define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 253 | 2359 #define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 253 |
2158 #define SSL_R_UNKNOWN_SSL_VERSION 254 | 2360 #define SSL_R_UNKNOWN_SSL_VERSION 254 |
2159 #define SSL_R_UNKNOWN_STATE 255 | 2361 #define SSL_R_UNKNOWN_STATE 255 |
2160 #define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED» 323 | 2362 #define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED» 338 |
2161 #define SSL_R_UNSUPPORTED_CIPHER 256 | 2363 #define SSL_R_UNSUPPORTED_CIPHER 256 |
2162 #define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257 | 2364 #define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257 |
| 2365 #define SSL_R_UNSUPPORTED_DIGEST_TYPE 326 |
2163 #define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE 315 | 2366 #define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE 315 |
2164 #define SSL_R_UNSUPPORTED_PROTOCOL 258 | 2367 #define SSL_R_UNSUPPORTED_PROTOCOL 258 |
2165 #define SSL_R_UNSUPPORTED_SSL_VERSION 259 | 2368 #define SSL_R_UNSUPPORTED_SSL_VERSION 259 |
2166 #define SSL_R_UNSUPPORTED_STATUS_TYPE 329 | 2369 #define SSL_R_UNSUPPORTED_STATUS_TYPE 329 |
2167 #define SSL_R_WRITE_BIO_NOT_SET 260 | 2370 #define SSL_R_WRITE_BIO_NOT_SET 260 |
2168 #define SSL_R_WRONG_CIPHER_RETURNED 261 | 2371 #define SSL_R_WRONG_CIPHER_RETURNED 261 |
2169 #define SSL_R_WRONG_MESSAGE_TYPE 262 | 2372 #define SSL_R_WRONG_MESSAGE_TYPE 262 |
2170 #define SSL_R_WRONG_NUMBER_OF_KEY_BITS 263 | 2373 #define SSL_R_WRONG_NUMBER_OF_KEY_BITS 263 |
2171 #define SSL_R_WRONG_SIGNATURE_LENGTH 264 | 2374 #define SSL_R_WRONG_SIGNATURE_LENGTH 264 |
2172 #define SSL_R_WRONG_SIGNATURE_SIZE 265 | 2375 #define SSL_R_WRONG_SIGNATURE_SIZE 265 |
2173 #define SSL_R_WRONG_SSL_VERSION 266 | 2376 #define SSL_R_WRONG_SSL_VERSION 266 |
2174 #define SSL_R_WRONG_VERSION_NUMBER 267 | 2377 #define SSL_R_WRONG_VERSION_NUMBER 267 |
2175 #define SSL_R_X509_LIB 268 | 2378 #define SSL_R_X509_LIB 268 |
2176 #define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 269 | 2379 #define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 269 |
2177 /* Next entry: 335 or 1115 */ | |
2178 | 2380 |
2179 #ifdef __cplusplus | 2381 #ifdef __cplusplus |
2180 } | 2382 } |
2181 #endif | 2383 #endif |
2182 #endif | 2384 #endif |
OLD | NEW |