Index: net/third_party/nss/ssl/ssl3prot.h |
diff --git a/net/third_party/nss/ssl/ssl3prot.h b/net/third_party/nss/ssl/ssl3prot.h |
index d32be38deeae2ce7d99e91409b5043615c7c1156..78fbcaa02db214298d9e37ceb54b8788d270948b 100644 |
--- a/net/third_party/nss/ssl/ssl3prot.h |
+++ b/net/third_party/nss/ssl/ssl3prot.h |
@@ -14,28 +14,33 @@ typedef PRUint8 SSL3Opaque; |
typedef PRUint16 SSL3ProtocolVersion; |
/* version numbers are defined in sslproto.h */ |
+/* The TLS 1.3 draft version. Used to avoid negotiating |
+ * between incompatible pre-standard TLS 1.3 drafts. |
+ * TODO(ekr@rtfm.com): Remove when TLS 1.3 is published. */ |
+#define TLS_1_3_DRAFT_VERSION 3 |
+ |
typedef PRUint16 ssl3CipherSuite; |
/* The cipher suites are defined in sslproto.h */ |
-#define MAX_CERT_TYPES 10 |
-#define MAX_COMPRESSION_METHODS 10 |
-#define MAX_MAC_LENGTH 64 |
-#define MAX_PADDING_LENGTH 64 |
-#define MAX_KEY_LENGTH 64 |
-#define EXPORT_KEY_LENGTH 5 |
-#define SSL3_RANDOM_LENGTH 32 |
+#define MAX_CERT_TYPES 10 |
+#define MAX_COMPRESSION_METHODS 10 |
+#define MAX_MAC_LENGTH 64 |
+#define MAX_PADDING_LENGTH 64 |
+#define MAX_KEY_LENGTH 64 |
+#define EXPORT_KEY_LENGTH 5 |
+#define SSL3_RANDOM_LENGTH 32 |
-#define SSL3_RECORD_HEADER_LENGTH 5 |
+#define SSL3_RECORD_HEADER_LENGTH 5 |
/* SSL3_RECORD_HEADER_LENGTH + epoch/sequence_number */ |
#define DTLS_RECORD_HEADER_LENGTH 13 |
-#define MAX_FRAGMENT_LENGTH 16384 |
- |
+#define MAX_FRAGMENT_LENGTH 16384 |
+ |
typedef enum { |
- content_change_cipher_spec = 20, |
+ content_change_cipher_spec = 20, |
content_alert = 21, |
- content_handshake = 22, |
+ content_handshake = 22, |
content_application_data = 23 |
} SSL3ContentType; |
@@ -77,11 +82,11 @@ typedef enum { |
close_notify = 0, |
unexpected_message = 10, |
bad_record_mac = 20, |
- decryption_failed_RESERVED = 21, /* do not send; see RFC 5246 */ |
- record_overflow = 22, /* TLS only */ |
+ decryption_failed_RESERVED = 21, /* do not send; see RFC 5246 */ |
+ record_overflow = 22, /* TLS only */ |
decompression_failure = 30, |
handshake_failure = 40, |
- no_certificate = 41, /* SSL3 only, NOT TLS */ |
+ no_certificate = 41, /* SSL3 only, NOT TLS */ |
bad_certificate = 42, |
unsupported_certificate = 43, |
certificate_revoked = 44, |
@@ -118,45 +123,45 @@ typedef struct { |
} SSL3Alert; |
typedef enum { |
- hello_request = 0, |
- client_hello = 1, |
- server_hello = 2, |
+ hello_request = 0, |
+ client_hello = 1, |
+ server_hello = 2, |
hello_verify_request = 3, |
- new_session_ticket = 4, |
- certificate = 11, |
+ new_session_ticket = 4, |
+ certificate = 11, |
server_key_exchange = 12, |
- certificate_request = 13, |
- server_hello_done = 14, |
- certificate_verify = 15, |
- client_key_exchange = 16, |
- finished = 20, |
+ certificate_request = 13, |
+ server_hello_done = 14, |
+ certificate_verify = 15, |
+ client_key_exchange = 16, |
+ finished = 20, |
certificate_status = 22, |
- next_proto = 67, |
- encrypted_extensions= 203 |
+ next_proto = 67, |
+ encrypted_extensions = 203, |
} SSL3HandshakeType; |
typedef struct { |
PRUint8 empty; |
} SSL3HelloRequest; |
- |
+ |
typedef struct { |
SSL3Opaque rand[SSL3_RANDOM_LENGTH]; |
} SSL3Random; |
- |
+ |
typedef struct { |
SSL3Opaque id[32]; |
PRUint8 length; |
} SSL3SessionID; |
- |
+ |
typedef struct { |
SSL3ProtocolVersion client_version; |
SSL3Random random; |
SSL3SessionID session_id; |
SECItem cipher_suites; |
- PRUint8 cm_count; |
+ PRUint8 cm_count; |
SSLCompressionMethod compression_methods[MAX_COMPRESSION_METHODS]; |
} SSL3ClientHello; |
- |
+ |
typedef struct { |
SSL3ProtocolVersion server_version; |
SSL3Random random; |
@@ -164,29 +169,29 @@ typedef struct { |
ssl3CipherSuite cipher_suite; |
SSLCompressionMethod compression_method; |
} SSL3ServerHello; |
- |
+ |
typedef struct { |
SECItem list; |
} SSL3Certificate; |
/* SSL3SignType moved to ssl.h */ |
-/* The SSL key exchange method used */ |
+/* The SSL key exchange method used */ |
typedef enum { |
- kea_null, |
- kea_rsa, |
+ kea_null, |
+ kea_rsa, |
kea_rsa_export, |
kea_rsa_export_1024, |
- kea_dh_dss, |
- kea_dh_dss_export, |
- kea_dh_rsa, |
+ kea_dh_dss, |
+ kea_dh_dss_export, |
+ kea_dh_rsa, |
kea_dh_rsa_export, |
- kea_dhe_dss, |
- kea_dhe_dss_export, |
- kea_dhe_rsa, |
+ kea_dhe_dss, |
+ kea_dhe_dss_export, |
+ kea_dhe_rsa, |
kea_dhe_rsa_export, |
- kea_dh_anon, |
- kea_dh_anon_export, |
+ kea_dh_anon, |
+ kea_dh_anon_export, |
kea_rsa_fips, |
kea_ecdh_ecdsa, |
kea_ecdhe_ecdsa, |
@@ -194,7 +199,7 @@ typedef enum { |
kea_ecdhe_rsa, |
kea_ecdh_anon |
} SSL3KeyExchangeAlgorithm; |
- |
+ |
typedef struct { |
SECItem modulus; |
SECItem exponent; |
@@ -208,8 +213,8 @@ typedef struct { |
typedef struct { |
union { |
- SSL3ServerDHParams dh; |
- SSL3ServerRSAParams rsa; |
+ SSL3ServerDHParams dh; |
+ SSL3ServerRSAParams rsa; |
} u; |
} SSL3ServerParams; |
@@ -253,56 +258,56 @@ typedef struct { |
unsigned int len; |
SECOidTag hashAlg; |
union { |
- PRUint8 raw[64]; |
- SSL3HashesIndividually s; |
+ PRUint8 raw[64]; |
+ SSL3HashesIndividually s; |
} u; |
} SSL3Hashes; |
typedef struct { |
union { |
- SSL3Opaque anonymous; |
- SSL3Hashes certified; |
+ SSL3Opaque anonymous; |
+ SSL3Hashes certified; |
} u; |
} SSL3ServerKeyExchange; |
- |
+ |
typedef enum { |
- ct_RSA_sign = 1, |
- ct_DSS_sign = 2, |
- ct_RSA_fixed_DH = 3, |
- ct_DSS_fixed_DH = 4, |
- ct_RSA_ephemeral_DH = 5, |
+ ct_RSA_sign = 1, |
+ ct_DSS_sign = 2, |
+ ct_RSA_fixed_DH = 3, |
+ ct_DSS_fixed_DH = 4, |
+ ct_RSA_ephemeral_DH = 5, |
ct_DSS_ephemeral_DH = 6, |
- ct_ECDSA_sign = 64, |
- ct_RSA_fixed_ECDH = 65, |
- ct_ECDSA_fixed_ECDH = 66 |
+ ct_ECDSA_sign = 64, |
+ ct_RSA_fixed_ECDH = 65, |
+ ct_ECDSA_fixed_ECDH = 66 |
} SSL3ClientCertificateType; |
- |
+ |
typedef SECItem *SSL3DistinquishedName; |
typedef struct { |
SSL3Opaque client_version[2]; |
SSL3Opaque random[46]; |
} SSL3RSAPreMasterSecret; |
- |
+ |
typedef SECItem SSL3EncryptedPreMasterSecret; |
typedef SSL3Opaque SSL3MasterSecret[48]; |
typedef enum { implicit, explicit } SSL3PublicValueEncoding; |
- |
+ |
typedef struct { |
union { |
- SSL3Opaque implicit; |
- SECItem explicit; |
+ SSL3Opaque implicit; |
+ SECItem explicit; |
} dh_public; |
} SSL3ClientDiffieHellmanPublic; |
- |
+ |
typedef struct { |
union { |
- SSL3EncryptedPreMasterSecret rsa; |
- SSL3ClientDiffieHellmanPublic diffie_helman; |
+ SSL3EncryptedPreMasterSecret rsa; |
+ SSL3ClientDiffieHellmanPublic diffie_helman; |
} exchange_keys; |
} SSL3ClientKeyExchange; |
@@ -315,7 +320,7 @@ typedef enum { |
sender_server = 0x53525652 |
} SSL3Sender; |
-typedef SSL3HashesIndividually SSL3Finished; |
+typedef SSL3HashesIndividually SSL3Finished; |
typedef struct { |
SSL3Opaque verify_data[12]; |
@@ -323,7 +328,7 @@ typedef struct { |
/* |
* TLS extension related data structures and constants. |
- */ |
+ */ |
/* SessionTicket extension related data structures. */ |
@@ -342,7 +347,7 @@ typedef enum { |
typedef struct { |
ClientAuthenticationType client_auth_type; |
union { |
- SSL3Opaque *certificate_list; |
+ SSL3Opaque *certificate_list; |
} identity; |
} ClientIdentity; |
@@ -358,7 +363,7 @@ typedef struct { |
unsigned char *mac; |
} EncryptedSessionTicket; |
-#define TLS_EX_SESS_TICKET_MAC_LENGTH 32 |
+#define TLS_EX_SESS_TICKET_MAC_LENGTH 32 |
#define TLS_STE_NO_SERVER_NAME -1 |