OLD | NEW |
1 /* ssl/ssl3.h */ | 1 /* ssl/ssl3.h */ |
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 * All rights reserved. | 3 * All rights reserved. |
4 * | 4 * |
5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
8 * | 8 * |
9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
(...skipping 105 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
116 | 116 |
117 #ifndef HEADER_SSL3_H | 117 #ifndef HEADER_SSL3_H |
118 #define HEADER_SSL3_H | 118 #define HEADER_SSL3_H |
119 | 119 |
120 #ifndef OPENSSL_NO_COMP | 120 #ifndef OPENSSL_NO_COMP |
121 #include <openssl/comp.h> | 121 #include <openssl/comp.h> |
122 #endif | 122 #endif |
123 #include <openssl/buffer.h> | 123 #include <openssl/buffer.h> |
124 #include <openssl/evp.h> | 124 #include <openssl/evp.h> |
125 #include <openssl/ssl.h> | 125 #include <openssl/ssl.h> |
126 #include <openssl/pq_compat.h> | |
127 | 126 |
128 #ifdef __cplusplus | 127 #ifdef __cplusplus |
129 extern "C" { | 128 extern "C" { |
130 #endif | 129 #endif |
131 | 130 |
132 /* Signalling cipher suite value: from draft-ietf-tls-renegotiation-03.txt */ | 131 /* Signalling cipher suite value: from draft-ietf-tls-renegotiation-03.txt */ |
133 #define SSL3_CK_SCSV 0x030000FF | 132 #define SSL3_CK_SCSV 0x030000FF |
134 | 133 |
135 #define SSL3_CK_RSA_NULL_MD5 0x03000001 | 134 #define SSL3_CK_RSA_NULL_MD5 0x03000001 |
136 #define SSL3_CK_RSA_NULL_SHA 0x03000002 | 135 #define SSL3_CK_RSA_NULL_SHA 0x03000002 |
(...skipping 19 matching lines...) Expand all Loading... |
156 #define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014 | 155 #define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014 |
157 #define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015 | 156 #define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015 |
158 #define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016 | 157 #define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016 |
159 | 158 |
160 #define SSL3_CK_ADH_RC4_40_MD5 0x03000017 | 159 #define SSL3_CK_ADH_RC4_40_MD5 0x03000017 |
161 #define SSL3_CK_ADH_RC4_128_MD5 0x03000018 | 160 #define SSL3_CK_ADH_RC4_128_MD5 0x03000018 |
162 #define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019 | 161 #define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019 |
163 #define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A | 162 #define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A |
164 #define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B | 163 #define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B |
165 | 164 |
166 #define SSL3_CK_FZA_DMS_NULL_SHA» » 0x0300001C | 165 #if 0 |
167 #define SSL3_CK_FZA_DMS_FZA_SHA»» » 0x0300001D | 166 » #define SSL3_CK_FZA_DMS_NULL_SHA» » 0x0300001C |
168 #if 0 /* Because it clashes with KRB5, is never used any more, and is safe | 167 » #define SSL3_CK_FZA_DMS_FZA_SHA»» » 0x0300001D |
169 » to remove according to David Hopwood <david.hopwood@zetnet.co.uk> | 168 » #if 0 /* Because it clashes with KRB5, is never used any more, and is sa
fe |
170 » of the ietf-tls list */ | 169 » » to remove according to David Hopwood <david.hopwood@zetnet.co.u
k> |
171 #define SSL3_CK_FZA_DMS_RC4_SHA»» » 0x0300001E | 170 » » of the ietf-tls list */ |
| 171 » #define SSL3_CK_FZA_DMS_RC4_SHA»» » 0x0300001E |
| 172 » #endif |
172 #endif | 173 #endif |
173 | 174 |
174 /* VRS Additional Kerberos5 entries | 175 /* VRS Additional Kerberos5 entries |
175 */ | 176 */ |
176 #define SSL3_CK_KRB5_DES_64_CBC_SHA 0x0300001E | 177 #define SSL3_CK_KRB5_DES_64_CBC_SHA 0x0300001E |
177 #define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x0300001F | 178 #define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x0300001F |
178 #define SSL3_CK_KRB5_RC4_128_SHA 0x03000020 | 179 #define SSL3_CK_KRB5_RC4_128_SHA 0x03000020 |
179 #define SSL3_CK_KRB5_IDEA_128_CBC_SHA 0x03000021 | 180 #define SSL3_CK_KRB5_IDEA_128_CBC_SHA 0x03000021 |
180 #define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000022 | 181 #define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000022 |
181 #define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000023 | 182 #define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000023 |
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
213 #define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA" | 214 #define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA" |
214 #define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA" | 215 #define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA" |
215 #define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA" | 216 #define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA" |
216 | 217 |
217 #define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5" | 218 #define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5" |
218 #define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5" | 219 #define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5" |
219 #define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA" | 220 #define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA" |
220 #define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA" | 221 #define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA" |
221 #define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA" | 222 #define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA" |
222 | 223 |
223 #define SSL3_TXT_FZA_DMS_NULL_SHA» » "FZA-NULL-SHA" | 224 #if 0 |
224 #define SSL3_TXT_FZA_DMS_FZA_SHA» » "FZA-FZA-CBC-SHA" | 225 » #define SSL3_TXT_FZA_DMS_NULL_SHA» » "FZA-NULL-SHA" |
225 #define SSL3_TXT_FZA_DMS_RC4_SHA» » "FZA-RC4-SHA" | 226 » #define SSL3_TXT_FZA_DMS_FZA_SHA» » "FZA-FZA-CBC-SHA" |
| 227 » #define SSL3_TXT_FZA_DMS_RC4_SHA» » "FZA-RC4-SHA" |
| 228 #endif |
226 | 229 |
227 #define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA" | 230 #define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA" |
228 #define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA" | 231 #define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA" |
229 #define SSL3_TXT_KRB5_RC4_128_SHA "KRB5-RC4-SHA" | 232 #define SSL3_TXT_KRB5_RC4_128_SHA "KRB5-RC4-SHA" |
230 #define SSL3_TXT_KRB5_IDEA_128_CBC_SHA "KRB5-IDEA-CBC-SHA" | 233 #define SSL3_TXT_KRB5_IDEA_128_CBC_SHA "KRB5-IDEA-CBC-SHA" |
231 #define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5" | 234 #define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5" |
232 #define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5" | 235 #define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5" |
233 #define SSL3_TXT_KRB5_RC4_128_MD5 "KRB5-RC4-MD5" | 236 #define SSL3_TXT_KRB5_RC4_128_MD5 "KRB5-RC4-MD5" |
234 #define SSL3_TXT_KRB5_IDEA_128_CBC_MD5 "KRB5-IDEA-CBC-MD5" | 237 #define SSL3_TXT_KRB5_IDEA_128_CBC_MD5 "KRB5-IDEA-CBC-MD5" |
235 | 238 |
236 #define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA" | 239 #define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA" |
237 #define SSL3_TXT_KRB5_RC2_40_CBC_SHA "EXP-KRB5-RC2-CBC-SHA" | 240 #define SSL3_TXT_KRB5_RC2_40_CBC_SHA "EXP-KRB5-RC2-CBC-SHA" |
238 #define SSL3_TXT_KRB5_RC4_40_SHA "EXP-KRB5-RC4-SHA" | 241 #define SSL3_TXT_KRB5_RC4_40_SHA "EXP-KRB5-RC4-SHA" |
239 #define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5" | 242 #define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5" |
240 #define SSL3_TXT_KRB5_RC2_40_CBC_MD5 "EXP-KRB5-RC2-CBC-MD5" | 243 #define SSL3_TXT_KRB5_RC2_40_CBC_MD5 "EXP-KRB5-RC2-CBC-MD5" |
241 #define SSL3_TXT_KRB5_RC4_40_MD5 "EXP-KRB5-RC4-MD5" | 244 #define SSL3_TXT_KRB5_RC4_40_MD5 "EXP-KRB5-RC4-MD5" |
242 | 245 |
243 #define SSL3_SSL_SESSION_ID_LENGTH 32 | 246 #define SSL3_SSL_SESSION_ID_LENGTH 32 |
244 #define SSL3_MAX_SSL_SESSION_ID_LENGTH 32 | 247 #define SSL3_MAX_SSL_SESSION_ID_LENGTH 32 |
245 | 248 |
246 #define SSL3_MASTER_SECRET_SIZE 48 | 249 #define SSL3_MASTER_SECRET_SIZE 48 |
247 #define SSL3_RANDOM_SIZE 32 | 250 #define SSL3_RANDOM_SIZE 32 |
248 #define SSL3_SESSION_ID_SIZE 32 | 251 #define SSL3_SESSION_ID_SIZE 32 |
249 #define SSL3_RT_HEADER_LENGTH 5 | 252 #define SSL3_RT_HEADER_LENGTH 5 |
250 | 253 |
251 /* Due to MS stuffing up, this can change.... */ | 254 #ifndef SSL3_ALIGN_PAYLOAD |
252 #if defined(OPENSSL_SYS_WIN16) || \ | 255 /* Some will argue that this increases memory footprint, but it's |
253 » (defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32)) | 256 * not actually true. Point is that malloc has to return at least |
254 #define SSL3_RT_MAX_EXTRA» » » (14000) | 257 * 64-bit aligned pointers, meaning that allocating 5 bytes wastes |
| 258 * 3 bytes in either case. Suggested pre-gaping simply moves these |
| 259 * wasted bytes from the end of allocated region to its front, |
| 260 * but makes data payload aligned, which improves performance:-) */ |
| 261 # define SSL3_ALIGN_PAYLOAD» » » 8 |
255 #else | 262 #else |
256 #define SSL3_RT_MAX_EXTRA» » » (16384) | 263 # if (SSL3_ALIGN_PAYLOAD&(SSL3_ALIGN_PAYLOAD-1))!=0 |
| 264 # error "insane SSL3_ALIGN_PAYLOAD" |
| 265 # undef SSL3_ALIGN_PAYLOAD |
| 266 # endif |
257 #endif | 267 #endif |
258 | 268 |
| 269 /* This is the maximum MAC (digest) size used by the SSL library. |
| 270 * Currently maximum of 20 is used by SHA1, but we reserve for |
| 271 * future extension for 512-bit hashes. |
| 272 */ |
| 273 |
| 274 #define SSL3_RT_MAX_MD_SIZE 64 |
| 275 |
| 276 /* Maximum block size used in all ciphersuites. Currently 16 for AES. |
| 277 */ |
| 278 |
| 279 #define SSL_RT_MAX_CIPHER_BLOCK_SIZE 16 |
| 280 |
| 281 #define SSL3_RT_MAX_EXTRA (16384) |
| 282 |
| 283 /* Default buffer length used for writen records. Thus a generated record |
| 284 * will contain plaintext no larger than this value. */ |
| 285 #define SSL3_RT_DEFAULT_PLAIN_LENGTH 2048 |
| 286 /* Maximum plaintext length: defined by SSL/TLS standards */ |
259 #define SSL3_RT_MAX_PLAIN_LENGTH 16384 | 287 #define SSL3_RT_MAX_PLAIN_LENGTH 16384 |
| 288 /* Maximum compression overhead: defined by SSL/TLS standards */ |
| 289 #define SSL3_RT_MAX_COMPRESSED_OVERHEAD 1024 |
| 290 |
| 291 /* The standards give a maximum encryption overhead of 1024 bytes. |
| 292 * In practice the value is lower than this. The overhead is the maximum |
| 293 * number of padding bytes (256) plus the mac size. |
| 294 */ |
| 295 #define SSL3_RT_MAX_ENCRYPTED_OVERHEAD (256 + SSL3_RT_MAX_MD_SIZE) |
| 296 |
| 297 /* OpenSSL currently only uses a padding length of at most one block so |
| 298 * the send overhead is smaller. |
| 299 */ |
| 300 |
| 301 #define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \ |
| 302 (SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE) |
| 303 |
| 304 /* If compression isn't used don't include the compression overhead */ |
| 305 |
260 #ifdef OPENSSL_NO_COMP | 306 #ifdef OPENSSL_NO_COMP |
261 #define SSL3_RT_MAX_COMPRESSED_LENGTH» SSL3_RT_MAX_PLAIN_LENGTH | 307 #define SSL3_RT_MAX_COMPRESSED_LENGTH» » SSL3_RT_MAX_PLAIN_LENGTH |
262 #else | 308 #else |
263 #define SSL3_RT_MAX_COMPRESSED_LENGTH» (1024+SSL3_RT_MAX_PLAIN_LENGTH) | 309 #define SSL3_RT_MAX_COMPRESSED_LENGTH» \ |
| 310 » » (SSL3_RT_MAX_PLAIN_LENGTH+SSL3_RT_MAX_COMPRESSED_OVERHEAD) |
264 #endif | 311 #endif |
265 #define SSL3_RT_MAX_ENCRYPTED_LENGTH» (1024+SSL3_RT_MAX_COMPRESSED_LENGTH) | 312 #define SSL3_RT_MAX_ENCRYPTED_LENGTH» \ |
266 #define SSL3_RT_MAX_PACKET_SIZE»» (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HE
ADER_LENGTH) | 313 » » (SSL3_RT_MAX_ENCRYPTED_OVERHEAD+SSL3_RT_MAX_COMPRESSED_LENGTH) |
267 #define SSL3_RT_MAX_DATA_SIZE» » » (1024*1024) | 314 #define SSL3_RT_MAX_PACKET_SIZE»» \ |
| 315 » » (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH) |
| 316 |
| 317 /* Extra space for empty fragment, headers, MAC, and padding. */ |
| 318 #define SSL3_RT_DEFAULT_WRITE_OVERHEAD 256 |
| 319 #define SSL3_RT_DEFAULT_PACKET_SIZE 4096 - SSL3_RT_DEFAULT_WRITE_OVERHEAD |
| 320 #if SSL3_RT_DEFAULT_PLAIN_LENGTH + SSL3_RT_DEFAULT_WRITE_OVERHEAD > SSL3_RT_DEFA
ULT_PACKET_SIZE |
| 321 #error "Insufficient space allocated for write buffers." |
| 322 #endif |
268 | 323 |
269 #define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54" | 324 #define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54" |
270 #define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52" | 325 #define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52" |
271 | 326 |
272 #define SSL3_VERSION 0x0300 | 327 #define SSL3_VERSION 0x0300 |
273 #define SSL3_VERSION_MAJOR 0x03 | 328 #define SSL3_VERSION_MAJOR 0x03 |
274 #define SSL3_VERSION_MINOR 0x00 | 329 #define SSL3_VERSION_MINOR 0x00 |
275 | 330 |
276 #define SSL3_RT_CHANGE_CIPHER_SPEC 20 | 331 #define SSL3_RT_CHANGE_CIPHER_SPEC 20 |
277 #define SSL3_RT_ALERT 21 | 332 #define SSL3_RT_ALERT 21 |
(...skipping 18 matching lines...) Expand all Loading... |
296 | 351 |
297 typedef struct ssl3_record_st | 352 typedef struct ssl3_record_st |
298 { | 353 { |
299 /*r */ int type; /* type of record */ | 354 /*r */ int type; /* type of record */ |
300 /*rw*/ unsigned int length; /* How many bytes available */ | 355 /*rw*/ unsigned int length; /* How many bytes available */ |
301 /*r */ unsigned int off; /* read/write offset into 'buf' */ | 356 /*r */ unsigned int off; /* read/write offset into 'buf' */ |
302 /*rw*/ unsigned char *data; /* pointer to the record data */ | 357 /*rw*/ unsigned char *data; /* pointer to the record data */ |
303 /*rw*/ unsigned char *input; /* where the decode bytes are */ | 358 /*rw*/ unsigned char *input; /* where the decode bytes are */ |
304 /*r */ unsigned char *comp; /* only used with decompression - malloc()ed */ | 359 /*r */ unsigned char *comp; /* only used with decompression - malloc()ed */ |
305 /*r */ unsigned long epoch; /* epoch number, needed by DTLS1 */ | 360 /*r */ unsigned long epoch; /* epoch number, needed by DTLS1 */ |
306 /*r */ PQ_64BIT seq_num; /* sequence number, needed by DTLS1 */ | 361 /*r */ unsigned char seq_num[8]; /* sequence number, needed by DTLS1 */ |
307 } SSL3_RECORD; | 362 } SSL3_RECORD; |
308 | 363 |
309 typedef struct ssl3_buffer_st | 364 typedef struct ssl3_buffer_st |
310 { | 365 { |
311 unsigned char *buf; /* at least SSL3_RT_MAX_PACKET_SIZE bytes, | 366 unsigned char *buf; /* at least SSL3_RT_MAX_PACKET_SIZE bytes, |
312 * see ssl3_setup_buffers() */ | 367 * see ssl3_setup_buffers() */ |
313 size_t len; /* buffer size */ | 368 size_t len; /* buffer size */ |
314 int offset; /* where to 'copy from' */ | 369 int offset; /* where to 'copy from' */ |
315 int left; /* how many bytes left */ | 370 int left; /* how many bytes left */ |
316 } SSL3_BUFFER; | 371 } SSL3_BUFFER; |
317 | 372 |
318 #define SSL3_CT_RSA_SIGN 1 | 373 #define SSL3_CT_RSA_SIGN 1 |
319 #define SSL3_CT_DSS_SIGN 2 | 374 #define SSL3_CT_DSS_SIGN 2 |
320 #define SSL3_CT_RSA_FIXED_DH 3 | 375 #define SSL3_CT_RSA_FIXED_DH 3 |
321 #define SSL3_CT_DSS_FIXED_DH 4 | 376 #define SSL3_CT_DSS_FIXED_DH 4 |
322 #define SSL3_CT_RSA_EPHEMERAL_DH 5 | 377 #define SSL3_CT_RSA_EPHEMERAL_DH 5 |
323 #define SSL3_CT_DSS_EPHEMERAL_DH 6 | 378 #define SSL3_CT_DSS_EPHEMERAL_DH 6 |
324 #define SSL3_CT_FORTEZZA_DMS 20 | 379 #define SSL3_CT_FORTEZZA_DMS 20 |
325 /* SSL3_CT_NUMBER is used to size arrays and it must be large | 380 /* SSL3_CT_NUMBER is used to size arrays and it must be large |
326 * enough to contain all of the cert types defined either for | 381 * enough to contain all of the cert types defined either for |
327 * SSLv3 and TLSv1. | 382 * SSLv3 and TLSv1. |
328 */ | 383 */ |
329 #define SSL3_CT_NUMBER» » » 7 | 384 #define SSL3_CT_NUMBER» » » 9 |
330 | 385 |
331 | 386 |
332 #define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001 | 387 #define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001 |
333 #define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002 | 388 #define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002 |
334 #define SSL3_FLAGS_POP_BUFFER 0x0004 | 389 #define SSL3_FLAGS_POP_BUFFER 0x0004 |
335 #define TLS1_FLAGS_TLS_PADDING_BUG 0x0008 | 390 #define TLS1_FLAGS_TLS_PADDING_BUG 0x0008 |
| 391 #define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010 |
| 392 |
| 393 /* SSL3_FLAGS_SGC_RESTART_DONE is set when we |
| 394 * restart a handshake because of MS SGC and so prevents us |
| 395 * from restarting the handshake in a loop. It's reset on a |
| 396 * renegotiation, so effectively limits the client to one restart |
| 397 * per negotiation. This limits the possibility of a DDoS |
| 398 * attack where the client handshakes in a loop using SGC to |
| 399 * restart. Servers which permit renegotiation can still be |
| 400 * effected, but we can't prevent that. |
| 401 */ |
| 402 #define SSL3_FLAGS_SGC_RESTART_DONE 0x0040 |
336 | 403 |
337 typedef struct ssl3_state_st | 404 typedef struct ssl3_state_st |
338 { | 405 { |
339 long flags; | 406 long flags; |
340 int delay_buf_pop_ret; | 407 int delay_buf_pop_ret; |
341 | 408 |
342 unsigned char read_sequence[8]; | 409 unsigned char read_sequence[8]; |
| 410 int read_mac_secret_size; |
343 unsigned char read_mac_secret[EVP_MAX_MD_SIZE]; | 411 unsigned char read_mac_secret[EVP_MAX_MD_SIZE]; |
344 unsigned char write_sequence[8]; | 412 unsigned char write_sequence[8]; |
| 413 int write_mac_secret_size; |
345 unsigned char write_mac_secret[EVP_MAX_MD_SIZE]; | 414 unsigned char write_mac_secret[EVP_MAX_MD_SIZE]; |
346 | 415 |
347 unsigned char server_random[SSL3_RANDOM_SIZE]; | 416 unsigned char server_random[SSL3_RANDOM_SIZE]; |
348 unsigned char client_random[SSL3_RANDOM_SIZE]; | 417 unsigned char client_random[SSL3_RANDOM_SIZE]; |
349 | 418 |
350 /* flags for countermeasure against known-IV weakness */ | 419 /* flags for countermeasure against known-IV weakness */ |
351 int need_empty_fragments; | 420 int need_empty_fragments; |
352 int empty_fragment_done; | 421 int empty_fragment_done; |
353 | 422 |
| 423 /* The value of 'extra' when the buffers were initialized */ |
| 424 int init_extra; |
| 425 |
354 SSL3_BUFFER rbuf; /* read IO goes into here */ | 426 SSL3_BUFFER rbuf; /* read IO goes into here */ |
355 SSL3_BUFFER wbuf; /* write IO goes into here */ | 427 SSL3_BUFFER wbuf; /* write IO goes into here */ |
356 | 428 |
357 SSL3_RECORD rrec; /* each decoded record goes in here */ | 429 SSL3_RECORD rrec; /* each decoded record goes in here */ |
358 SSL3_RECORD wrec; /* goes out from here */ | 430 SSL3_RECORD wrec; /* goes out from here */ |
359 | 431 |
360 /* storage for Alert/Handshake protocol data received but not | 432 /* storage for Alert/Handshake protocol data received but not |
361 * yet processed by ssl3_read_bytes: */ | 433 * yet processed by ssl3_read_bytes: */ |
362 unsigned char alert_fragment[2]; | 434 unsigned char alert_fragment[2]; |
363 unsigned int alert_fragment_len; | 435 unsigned int alert_fragment_len; |
364 unsigned char handshake_fragment[4]; | 436 unsigned char handshake_fragment[4]; |
365 unsigned int handshake_fragment_len; | 437 unsigned int handshake_fragment_len; |
366 | 438 |
367 /* partial write - check the numbers match */ | 439 /* partial write - check the numbers match */ |
368 unsigned int wnum; /* number of bytes sent so far */ | 440 unsigned int wnum; /* number of bytes sent so far */ |
369 int wpend_tot; /* number bytes written */ | 441 int wpend_tot; /* number bytes written */ |
370 int wpend_type; | 442 int wpend_type; |
371 int wpend_ret; /* number of bytes submitted */ | 443 int wpend_ret; /* number of bytes submitted */ |
372 const unsigned char *wpend_buf; | 444 const unsigned char *wpend_buf; |
373 | 445 |
374 /* used during startup, digest all incoming/outgoing packets */ | 446 /* used during startup, digest all incoming/outgoing packets */ |
375 » EVP_MD_CTX finish_dgst1; | 447 » BIO *handshake_buffer; |
376 » EVP_MD_CTX finish_dgst2; | 448 » /* When set of handshake digests is determined, buffer is hashed |
377 | 449 » * and freed and MD_CTX-es for all required digests are stored in |
| 450 » * this array */ |
| 451 » EVP_MD_CTX **handshake_dgst; |
378 /* this is set whenerver we see a change_cipher_spec message | 452 /* this is set whenerver we see a change_cipher_spec message |
379 * come in when we are not looking for one */ | 453 * come in when we are not looking for one */ |
380 int change_cipher_spec; | 454 int change_cipher_spec; |
381 | 455 |
382 int warn_alert; | 456 int warn_alert; |
383 int fatal_alert; | 457 int fatal_alert; |
384 /* we allow one fatal and one warning alert to be outstanding, | 458 /* we allow one fatal and one warning alert to be outstanding, |
385 * send close alert via the warning alert */ | 459 * send close alert via the warning alert */ |
386 int alert_dispatch; | 460 int alert_dispatch; |
387 unsigned char send_alert[2]; | 461 unsigned char send_alert[2]; |
388 | 462 |
389 /* This flag is set when we should renegotiate ASAP, basically when | 463 /* This flag is set when we should renegotiate ASAP, basically when |
390 * there is no more data in the read or write buffers */ | 464 * there is no more data in the read or write buffers */ |
391 int renegotiate; | 465 int renegotiate; |
392 int total_renegotiations; | 466 int total_renegotiations; |
393 int num_renegotiations; | 467 int num_renegotiations; |
394 | 468 |
395 int in_read_app_data; | 469 int in_read_app_data; |
396 | 470 |
397 » /* Set if we saw the Next Protocol Negotiation extension from our peer.
*/ | 471 » /* Opaque PRF input as used for the current handshake. |
| 472 » * These fields are used only if TLSEXT_TYPE_opaque_prf_input is defined |
| 473 » * (otherwise, they are merely present to improve binary compatibility)
*/ |
| 474 » void *client_opaque_prf_input; |
| 475 » size_t client_opaque_prf_input_len; |
| 476 » void *server_opaque_prf_input; |
| 477 » size_t server_opaque_prf_input_len; |
| 478 |
| 479 #ifndef OPENSSL_NO_NEXTPROTONEG |
| 480 » /* Set if we saw the Next Protocol Negotiation extension from |
| 481 » our peer. */ |
398 int next_proto_neg_seen; | 482 int next_proto_neg_seen; |
| 483 #endif |
399 | 484 |
400 struct { | 485 struct { |
401 /* actually only needs to be 16+20 */ | 486 /* actually only needs to be 16+20 */ |
402 unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2]; | 487 unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2]; |
403 | 488 |
404 /* actually only need to be 16+20 for SSLv3 and 12 for TLS */ | 489 /* actually only need to be 16+20 for SSLv3 and 12 for TLS */ |
405 unsigned char finish_md[EVP_MAX_MD_SIZE*2]; | 490 unsigned char finish_md[EVP_MAX_MD_SIZE*2]; |
406 int finish_md_len; | 491 int finish_md_len; |
407 unsigned char peer_finish_md[EVP_MAX_MD_SIZE*2]; | 492 unsigned char peer_finish_md[EVP_MAX_MD_SIZE*2]; |
408 int peer_finish_md_len; | 493 int peer_finish_md_len; |
409 | 494 |
410 unsigned long message_size; | 495 unsigned long message_size; |
411 int message_type; | 496 int message_type; |
412 | 497 |
413 /* used to hold the new cipher we are going to use */ | 498 /* used to hold the new cipher we are going to use */ |
414 » » SSL_CIPHER *new_cipher; | 499 » » const SSL_CIPHER *new_cipher; |
415 #ifndef OPENSSL_NO_DH | 500 #ifndef OPENSSL_NO_DH |
416 DH *dh; | 501 DH *dh; |
417 #endif | 502 #endif |
418 | 503 |
419 #ifndef OPENSSL_NO_ECDH | 504 #ifndef OPENSSL_NO_ECDH |
420 EC_KEY *ecdh; /* holds short lived ECDH key */ | 505 EC_KEY *ecdh; /* holds short lived ECDH key */ |
421 #endif | 506 #endif |
422 | 507 |
423 /* used when SSL_ST_FLUSH_DATA is entered */ | 508 /* used when SSL_ST_FLUSH_DATA is entered */ |
424 int next_state; | 509 int next_state; |
425 | 510 |
426 int reuse_message; | 511 int reuse_message; |
427 | 512 |
428 /* used for certificate requests */ | 513 /* used for certificate requests */ |
429 int cert_req; | 514 int cert_req; |
430 int ctype_num; | 515 int ctype_num; |
431 char ctype[SSL3_CT_NUMBER]; | 516 char ctype[SSL3_CT_NUMBER]; |
432 STACK_OF(X509_NAME) *ca_names; | 517 STACK_OF(X509_NAME) *ca_names; |
433 | 518 |
434 int use_rsa_tmp; | 519 int use_rsa_tmp; |
435 | 520 |
436 int key_block_length; | 521 int key_block_length; |
437 unsigned char *key_block; | 522 unsigned char *key_block; |
438 | 523 |
439 const EVP_CIPHER *new_sym_enc; | 524 const EVP_CIPHER *new_sym_enc; |
440 const EVP_MD *new_hash; | 525 const EVP_MD *new_hash; |
| 526 int new_mac_pkey_type; |
| 527 int new_mac_secret_size; |
441 #ifndef OPENSSL_NO_COMP | 528 #ifndef OPENSSL_NO_COMP |
442 const SSL_COMP *new_compression; | 529 const SSL_COMP *new_compression; |
443 #else | 530 #else |
444 char *new_compression; | 531 char *new_compression; |
445 #endif | 532 #endif |
446 int cert_request; | 533 int cert_request; |
447 } tmp; | 534 } tmp; |
448 | 535 |
449 /* Connection binding to prevent renegotiation attacks */ | 536 /* Connection binding to prevent renegotiation attacks */ |
450 unsigned char previous_client_finished[EVP_MAX_MD_SIZE]; | 537 unsigned char previous_client_finished[EVP_MAX_MD_SIZE]; |
451 unsigned char previous_client_finished_len; | 538 unsigned char previous_client_finished_len; |
452 unsigned char previous_server_finished[EVP_MAX_MD_SIZE]; | 539 unsigned char previous_server_finished[EVP_MAX_MD_SIZE]; |
453 unsigned char previous_server_finished_len; | 540 unsigned char previous_server_finished_len; |
454 int send_connection_binding; /* TODOEKR */ | 541 int send_connection_binding; /* TODOEKR */ |
455 | |
456 /* Snap Start support (server-side only): | |
457 * | |
458 * Snap Start allows the client to 'suggest' the value of our random | |
459 * nonce. Assuming that we accept this suggestion, then the client can | |
460 * predict our exact reply and calculate a complete handshake based on | |
461 * that. These opportunistic handshake messages are embedded in the | |
462 * Snap Start extension, possibly including application data. | |
463 * | |
464 * (Note that if the handshake doesn't resume a session, the client | |
465 * couldn't hope to predict the exact server reply unless it uses the | |
466 * session ticket extension to suppress session ID generation.) | |
467 * | |
468 * All this allows for a TLS handshake that doesn't incur additional | |
469 * latency if the client side sends application data first. */ | |
470 | |
471 /* Set if the client presented a Snap Start extension (empty or | |
472 * otherwise and the SSL_CTX has a cell configured. Server side only. */ | |
473 int snap_start_ext_seen; | |
474 /* Set if the client-suggested a server random value (which is stored | |
475 * in |server_random|) */ | |
476 char snap_start_requested; | |
477 /* Set if the appplication has indicated that the client's | |
478 * server_random suggestion is acceptable (see | |
479 * SSL_set_suggested_server_random_validity). If so, a Snap Start | |
480 * handshake will be attempted. */ | |
481 char server_random_suggestion_valid; | |
482 /* Client's predicted response_hash from client snap start extension. | |
483 * Valid if |snap_start_requested| is set. */ | |
484 unsigned char predicted_response_hash[8]; | |
485 /* Actual server handshake message hash. A Snap Start handshake is | |
486 * possible only if predicated_response_hash matches this. */ | |
487 unsigned char response_hash[8]; | |
488 /* If we need to enter snap start recovery then we need to reset the | |
489 * Finished hash with a different value for the ClientHello. Thus, we | |
490 * need a copy of the whole ClientHello: */ | |
491 SSL3_BUFFER snap_start_client_hello; | |
492 /* A snap start ClientHello can contain records embedded in an | |
493 * extension. If we wish to read them then this points to the records | |
494 * within |snap_start_client_hello|. */ | |
495 SSL3_BUFFER snap_start_records; | |
496 | |
497 } SSL3_STATE; | 542 } SSL3_STATE; |
498 | 543 |
499 | 544 |
500 /* SSLv3 */ | 545 /* SSLv3 */ |
501 /*client */ | 546 /*client */ |
502 /* extra state */ | 547 /* extra state */ |
503 #define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT) | 548 #define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT) |
504 #define SSL3_ST_CUTTHROUGH_COMPLETE (0x101|SSL_ST_CONNECT) | 549 #define SSL3_ST_CUTTHROUGH_COMPLETE» (0x101|SSL_ST_CONNECT) |
505 /* write to server */ | 550 /* write to server */ |
506 #define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT) | 551 #define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT) |
507 #define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT) | 552 #define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT) |
508 /* read from server */ | 553 /* read from server */ |
509 #define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT) | 554 #define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT) |
510 #define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT) | 555 #define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT) |
511 #define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126|SSL_ST_CONNECT) | 556 #define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126|SSL_ST_CONNECT) |
512 #define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127|SSL_ST_CONNECT) | 557 #define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127|SSL_ST_CONNECT) |
513 #define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT) | 558 #define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT) |
514 #define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT) | 559 #define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT) |
515 #define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT) | 560 #define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT) |
516 #define SSL3_ST_CR_KEY_EXCH_B (0x141|SSL_ST_CONNECT) | 561 #define SSL3_ST_CR_KEY_EXCH_B (0x141|SSL_ST_CONNECT) |
517 #define SSL3_ST_CR_CERT_REQ_A (0x150|SSL_ST_CONNECT) | 562 #define SSL3_ST_CR_CERT_REQ_A (0x150|SSL_ST_CONNECT) |
518 #define SSL3_ST_CR_CERT_REQ_B (0x151|SSL_ST_CONNECT) | 563 #define SSL3_ST_CR_CERT_REQ_B (0x151|SSL_ST_CONNECT) |
519 #define SSL3_ST_CR_SRVR_DONE_A (0x160|SSL_ST_CONNECT) | 564 #define SSL3_ST_CR_SRVR_DONE_A (0x160|SSL_ST_CONNECT) |
520 #define SSL3_ST_CR_SRVR_DONE_B (0x161|SSL_ST_CONNECT) | 565 #define SSL3_ST_CR_SRVR_DONE_B (0x161|SSL_ST_CONNECT) |
521 /* write to server */ | 566 /* write to server */ |
522 #define SSL3_ST_CW_CERT_A (0x170|SSL_ST_CONNECT) | 567 #define SSL3_ST_CW_CERT_A (0x170|SSL_ST_CONNECT) |
523 #define SSL3_ST_CW_CERT_B (0x171|SSL_ST_CONNECT) | 568 #define SSL3_ST_CW_CERT_B (0x171|SSL_ST_CONNECT) |
524 #define SSL3_ST_CW_CERT_C (0x172|SSL_ST_CONNECT) | 569 #define SSL3_ST_CW_CERT_C (0x172|SSL_ST_CONNECT) |
525 #define SSL3_ST_CW_CERT_D (0x173|SSL_ST_CONNECT) | 570 #define SSL3_ST_CW_CERT_D (0x173|SSL_ST_CONNECT) |
526 #define SSL3_ST_CW_KEY_EXCH_A (0x180|SSL_ST_CONNECT) | 571 #define SSL3_ST_CW_KEY_EXCH_A (0x180|SSL_ST_CONNECT) |
527 #define SSL3_ST_CW_KEY_EXCH_B (0x181|SSL_ST_CONNECT) | 572 #define SSL3_ST_CW_KEY_EXCH_B (0x181|SSL_ST_CONNECT) |
528 #define SSL3_ST_CW_CERT_VRFY_A (0x190|SSL_ST_CONNECT) | 573 #define SSL3_ST_CW_CERT_VRFY_A (0x190|SSL_ST_CONNECT) |
529 #define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT) | 574 #define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT) |
530 #define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT) | 575 #define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT) |
531 #define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT) | 576 #define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT) |
| 577 #ifndef OPENSSL_NO_NEXTPROTONEG |
532 #define SSL3_ST_CW_NEXT_PROTO_A (0x200|SSL_ST_CONNECT) | 578 #define SSL3_ST_CW_NEXT_PROTO_A (0x200|SSL_ST_CONNECT) |
533 #define SSL3_ST_CW_NEXT_PROTO_B (0x201|SSL_ST_CONNECT) | 579 #define SSL3_ST_CW_NEXT_PROTO_B (0x201|SSL_ST_CONNECT) |
| 580 #endif |
534 #define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT) | 581 #define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT) |
535 #define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT) | 582 #define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT) |
536 /* read from server */ | 583 /* read from server */ |
537 #define SSL3_ST_CR_CHANGE_A (0x1C0|SSL_ST_CONNECT) | 584 #define SSL3_ST_CR_CHANGE_A (0x1C0|SSL_ST_CONNECT) |
538 #define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT) | 585 #define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT) |
539 #define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT) | 586 #define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT) |
540 #define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT) | 587 #define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT) |
541 #define SSL3_ST_CR_SESSION_TICKET_A (0x1E0|SSL_ST_CONNECT) | 588 #define SSL3_ST_CR_SESSION_TICKET_A (0x1E0|SSL_ST_CONNECT) |
542 #define SSL3_ST_CR_SESSION_TICKET_B (0x1E1|SSL_ST_CONNECT) | 589 #define SSL3_ST_CR_SESSION_TICKET_B (0x1E1|SSL_ST_CONNECT) |
543 #define SSL3_ST_CR_CERT_STATUS_A (0x1F0|SSL_ST_CONNECT) | 590 #define SSL3_ST_CR_CERT_STATUS_A (0x1F0|SSL_ST_CONNECT) |
(...skipping 25 matching lines...) Expand all Loading... |
569 #define SSL3_ST_SW_SRVR_DONE_B (0x171|SSL_ST_ACCEPT) | 616 #define SSL3_ST_SW_SRVR_DONE_B (0x171|SSL_ST_ACCEPT) |
570 /* read from client */ | 617 /* read from client */ |
571 #define SSL3_ST_SR_CERT_A (0x180|SSL_ST_ACCEPT) | 618 #define SSL3_ST_SR_CERT_A (0x180|SSL_ST_ACCEPT) |
572 #define SSL3_ST_SR_CERT_B (0x181|SSL_ST_ACCEPT) | 619 #define SSL3_ST_SR_CERT_B (0x181|SSL_ST_ACCEPT) |
573 #define SSL3_ST_SR_KEY_EXCH_A (0x190|SSL_ST_ACCEPT) | 620 #define SSL3_ST_SR_KEY_EXCH_A (0x190|SSL_ST_ACCEPT) |
574 #define SSL3_ST_SR_KEY_EXCH_B (0x191|SSL_ST_ACCEPT) | 621 #define SSL3_ST_SR_KEY_EXCH_B (0x191|SSL_ST_ACCEPT) |
575 #define SSL3_ST_SR_CERT_VRFY_A (0x1A0|SSL_ST_ACCEPT) | 622 #define SSL3_ST_SR_CERT_VRFY_A (0x1A0|SSL_ST_ACCEPT) |
576 #define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT) | 623 #define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT) |
577 #define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT) | 624 #define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT) |
578 #define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT) | 625 #define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT) |
| 626 #ifndef OPENSSL_NO_NEXTPROTONEG |
579 #define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT) | 627 #define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT) |
580 #define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT) | 628 #define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT) |
| 629 #endif |
581 #define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT) | 630 #define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT) |
582 #define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT) | 631 #define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT) |
583 /* write to client */ | 632 /* write to client */ |
584 #define SSL3_ST_SW_CHANGE_A (0x1D0|SSL_ST_ACCEPT) | 633 #define SSL3_ST_SW_CHANGE_A (0x1D0|SSL_ST_ACCEPT) |
585 #define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT) | 634 #define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT) |
586 #define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT) | 635 #define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT) |
587 #define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT) | 636 #define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT) |
588 #define SSL3_ST_SW_SESSION_TICKET_A (0x1F0|SSL_ST_ACCEPT) | 637 #define SSL3_ST_SW_SESSION_TICKET_A (0x1F0|SSL_ST_ACCEPT) |
589 #define SSL3_ST_SW_SESSION_TICKET_B (0x1F1|SSL_ST_ACCEPT) | 638 #define SSL3_ST_SW_SESSION_TICKET_B (0x1F1|SSL_ST_ACCEPT) |
590 #define SSL3_ST_SW_CERT_STATUS_A (0x200|SSL_ST_ACCEPT) | 639 #define SSL3_ST_SW_CERT_STATUS_A (0x200|SSL_ST_ACCEPT) |
591 #define SSL3_ST_SW_CERT_STATUS_B (0x201|SSL_ST_ACCEPT) | 640 #define SSL3_ST_SW_CERT_STATUS_B (0x201|SSL_ST_ACCEPT) |
592 | 641 |
593 #define SSL3_MT_HELLO_REQUEST 0 | 642 #define SSL3_MT_HELLO_REQUEST 0 |
594 #define SSL3_MT_CLIENT_HELLO 1 | 643 #define SSL3_MT_CLIENT_HELLO 1 |
595 #define SSL3_MT_SERVER_HELLO 2 | 644 #define SSL3_MT_SERVER_HELLO 2 |
596 #define SSL3_MT_NEWSESSION_TICKET 4 | 645 #define SSL3_MT_NEWSESSION_TICKET 4 |
597 #define SSL3_MT_CERTIFICATE 11 | 646 #define SSL3_MT_CERTIFICATE 11 |
598 #define SSL3_MT_SERVER_KEY_EXCHANGE 12 | 647 #define SSL3_MT_SERVER_KEY_EXCHANGE 12 |
599 #define SSL3_MT_CERTIFICATE_REQUEST 13 | 648 #define SSL3_MT_CERTIFICATE_REQUEST 13 |
600 #define SSL3_MT_SERVER_DONE 14 | 649 #define SSL3_MT_SERVER_DONE 14 |
601 #define SSL3_MT_CERTIFICATE_VERIFY 15 | 650 #define SSL3_MT_CERTIFICATE_VERIFY 15 |
602 #define SSL3_MT_CLIENT_KEY_EXCHANGE 16 | 651 #define SSL3_MT_CLIENT_KEY_EXCHANGE 16 |
603 #define SSL3_MT_FINISHED 20 | 652 #define SSL3_MT_FINISHED 20 |
604 #define SSL3_MT_CERTIFICATE_STATUS 22 | 653 #define SSL3_MT_CERTIFICATE_STATUS 22 |
| 654 #ifndef OPENSSL_NO_NEXTPROTONEG |
605 #define SSL3_MT_NEXT_PROTO 67 | 655 #define SSL3_MT_NEXT_PROTO 67 |
| 656 #endif |
606 #define DTLS1_MT_HELLO_VERIFY_REQUEST 3 | 657 #define DTLS1_MT_HELLO_VERIFY_REQUEST 3 |
607 | 658 |
608 | 659 |
609 #define SSL3_MT_CCS 1 | 660 #define SSL3_MT_CCS 1 |
610 | 661 |
611 /* These are used when changing over to a new cipher */ | 662 /* These are used when changing over to a new cipher */ |
612 #define SSL3_CC_READ 0x01 | 663 #define SSL3_CC_READ 0x01 |
613 #define SSL3_CC_WRITE 0x02 | 664 #define SSL3_CC_WRITE 0x02 |
614 #define SSL3_CC_CLIENT 0x10 | 665 #define SSL3_CC_CLIENT 0x10 |
615 #define SSL3_CC_SERVER 0x20 | 666 #define SSL3_CC_SERVER 0x20 |
616 #define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE) | 667 #define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE) |
617 #define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER|SSL3_CC_READ) | 668 #define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER|SSL3_CC_READ) |
618 #define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT|SSL3_CC_READ) | 669 #define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT|SSL3_CC_READ) |
619 #define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE) | 670 #define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE) |
620 | 671 |
621 #ifdef __cplusplus | 672 #ifdef __cplusplus |
622 } | 673 } |
623 #endif | 674 #endif |
624 #endif | 675 #endif |
625 | |
OLD | NEW |