Index: net/third_party/nss/ssl/ssl3prot.h |
diff --git a/net/third_party/nss/ssl/ssl3prot.h b/net/third_party/nss/ssl/ssl3prot.h |
index 848bdee7a205e3c87d31ad6126a6af8b95284e12..928d059651e60d798380cf4e292ab9f5dd1a2083 100644 |
--- a/net/third_party/nss/ssl/ssl3prot.h |
+++ b/net/third_party/nss/ssl/ssl3prot.h |
@@ -17,57 +17,57 @@ typedef PRUint16 SSL3ProtocolVersion; |
/* The TLS 1.3 draft version. Used to avoid negotiating |
* between incompatible pre-standard TLS 1.3 drafts. |
* TODO(ekr@rtfm.com): Remove when TLS 1.3 is published. */ |
-#define TLS_1_3_DRAFT_VERSION 3 |
+#define TLS_1_3_DRAFT_VERSION 11 |
typedef PRUint16 ssl3CipherSuite; |
/* The cipher suites are defined in sslproto.h */ |
-#define MAX_CERT_TYPES 10 |
-#define MAX_COMPRESSION_METHODS 10 |
-#define MAX_MAC_LENGTH 64 |
-#define MAX_PADDING_LENGTH 64 |
-#define MAX_KEY_LENGTH 64 |
-#define EXPORT_KEY_LENGTH 5 |
-#define SSL3_RANDOM_LENGTH 32 |
+#define MAX_CERT_TYPES 10 |
+#define MAX_COMPRESSION_METHODS 10 |
+#define MAX_MAC_LENGTH 64 |
+#define MAX_PADDING_LENGTH 64 |
+#define MAX_KEY_LENGTH 64 |
+#define EXPORT_KEY_LENGTH 5 |
+#define SSL3_RANDOM_LENGTH 32 |
-#define SSL3_RECORD_HEADER_LENGTH 5 |
+#define SSL3_RECORD_HEADER_LENGTH 5 |
/* SSL3_RECORD_HEADER_LENGTH + epoch/sequence_number */ |
-#define DTLS_RECORD_HEADER_LENGTH 13 |
+#define DTLS_RECORD_HEADER_LENGTH 13 |
-#define MAX_FRAGMENT_LENGTH 16384 |
+#define MAX_FRAGMENT_LENGTH 16384 |
typedef enum { |
content_change_cipher_spec = 20, |
- content_alert = 21, |
- content_handshake = 22, |
- content_application_data = 23 |
+ content_alert = 21, |
+ content_handshake = 22, |
+ content_application_data = 23 |
} SSL3ContentType; |
typedef struct { |
- SSL3ContentType type; |
+ SSL3ContentType type; |
SSL3ProtocolVersion version; |
- PRUint16 length; |
- SECItem fragment; |
+ PRUint16 length; |
+ SECItem fragment; |
} SSL3Plaintext; |
typedef struct { |
- SSL3ContentType type; |
+ SSL3ContentType type; |
SSL3ProtocolVersion version; |
- PRUint16 length; |
- SECItem fragment; |
+ PRUint16 length; |
+ SECItem fragment; |
} SSL3Compressed; |
typedef struct { |
- SECItem content; |
+ SECItem content; |
SSL3Opaque MAC[MAX_MAC_LENGTH]; |
} SSL3GenericStreamCipher; |
typedef struct { |
- SECItem content; |
+ SECItem content; |
SSL3Opaque MAC[MAX_MAC_LENGTH]; |
- PRUint8 padding[MAX_PADDING_LENGTH]; |
- PRUint8 padding_length; |
+ PRUint8 padding[MAX_PADDING_LENGTH]; |
+ PRUint8 padding_length; |
} SSL3GenericBlockCipher; |
typedef enum { change_cipher_spec_choice = 1 } SSL3ChangeCipherSpecChoice; |
@@ -76,68 +76,72 @@ typedef struct { |
SSL3ChangeCipherSpecChoice choice; |
} SSL3ChangeCipherSpec; |
-typedef enum { alert_warning = 1, alert_fatal = 2 } SSL3AlertLevel; |
+typedef enum { alert_warning = 1, |
+ alert_fatal = 2 } SSL3AlertLevel; |
typedef enum { |
- close_notify = 0, |
- unexpected_message = 10, |
- bad_record_mac = 20, |
- decryption_failed_RESERVED = 21, /* do not send; see RFC 5246 */ |
- record_overflow = 22, /* TLS only */ |
- decompression_failure = 30, |
- handshake_failure = 40, |
- no_certificate = 41, /* SSL3 only, NOT TLS */ |
- bad_certificate = 42, |
+ close_notify = 0, |
+ unexpected_message = 10, |
+ bad_record_mac = 20, |
+ decryption_failed_RESERVED = 21, /* do not send; see RFC 5246 */ |
+ record_overflow = 22, /* TLS only */ |
+ decompression_failure = 30, |
+ handshake_failure = 40, |
+ no_certificate = 41, /* SSL3 only, NOT TLS */ |
+ bad_certificate = 42, |
unsupported_certificate = 43, |
- certificate_revoked = 44, |
- certificate_expired = 45, |
- certificate_unknown = 46, |
- illegal_parameter = 47, |
- |
-/* All alerts below are TLS only. */ |
- unknown_ca = 48, |
- access_denied = 49, |
- decode_error = 50, |
- decrypt_error = 51, |
- export_restriction = 60, |
- protocol_version = 70, |
- insufficient_security = 71, |
- internal_error = 80, |
- inappropriate_fallback = 86, /* could also be sent for SSLv3 */ |
- user_canceled = 90, |
- no_renegotiation = 100, |
- |
-/* Alerts for client hello extensions */ |
- unsupported_extension = 110, |
- certificate_unobtainable = 111, |
- unrecognized_name = 112, |
+ certificate_revoked = 44, |
+ certificate_expired = 45, |
+ certificate_unknown = 46, |
+ illegal_parameter = 47, |
+ |
+ /* All alerts below are TLS only. */ |
+ unknown_ca = 48, |
+ access_denied = 49, |
+ decode_error = 50, |
+ decrypt_error = 51, |
+ export_restriction = 60, |
+ protocol_version = 70, |
+ insufficient_security = 71, |
+ internal_error = 80, |
+ inappropriate_fallback = 86, /* could also be sent for SSLv3 */ |
+ user_canceled = 90, |
+ no_renegotiation = 100, |
+ |
+ /* Alerts for client hello extensions */ |
+ missing_extension = 109, |
+ unsupported_extension = 110, |
+ certificate_unobtainable = 111, |
+ unrecognized_name = 112, |
bad_certificate_status_response = 113, |
- bad_certificate_hash_value = 114, |
- no_application_protocol = 120 |
+ bad_certificate_hash_value = 114, |
+ no_application_protocol = 120 |
} SSL3AlertDescription; |
typedef struct { |
- SSL3AlertLevel level; |
+ SSL3AlertLevel level; |
SSL3AlertDescription description; |
} SSL3Alert; |
typedef enum { |
- hello_request = 0, |
- client_hello = 1, |
- server_hello = 2, |
+ hello_request = 0, |
+ client_hello = 1, |
+ server_hello = 2, |
hello_verify_request = 3, |
- new_session_ticket = 4, |
- certificate = 11, |
+ new_session_ticket = 4, |
+ hello_retry_request = 6, |
+ encrypted_extensions = 8, |
+ certificate = 11, |
server_key_exchange = 12, |
certificate_request = 13, |
- server_hello_done = 14, |
- certificate_verify = 15, |
+ server_hello_done = 14, |
+ certificate_verify = 15, |
client_key_exchange = 16, |
- finished = 20, |
- certificate_status = 22, |
- next_proto = 67, |
- encrypted_extensions = 203, |
+ finished = 20, |
+ certificate_status = 22, |
+ next_proto = 67, |
+ channelid_encrypted_extensions = 203 |
} SSL3HandshakeType; |
typedef struct { |
@@ -154,20 +158,20 @@ typedef struct { |
} SSL3SessionID; |
typedef struct { |
- SSL3ProtocolVersion client_version; |
- SSL3Random random; |
- SSL3SessionID session_id; |
- SECItem cipher_suites; |
- PRUint8 cm_count; |
- SSLCompressionMethod compression_methods[MAX_COMPRESSION_METHODS]; |
+ SSL3ProtocolVersion client_version; |
+ SSL3Random random; |
+ SSL3SessionID session_id; |
+ SECItem cipher_suites; |
+ PRUint8 cm_count; |
+ SSLCompressionMethod compression_methods[MAX_COMPRESSION_METHODS]; |
} SSL3ClientHello; |
-typedef struct { |
- SSL3ProtocolVersion server_version; |
- SSL3Random random; |
- SSL3SessionID session_id; |
- ssl3CipherSuite cipher_suite; |
- SSLCompressionMethod compression_method; |
+typedef struct { |
+ SSL3ProtocolVersion server_version; |
+ SSL3Random random; |
+ SSL3SessionID session_id; |
+ ssl3CipherSuite cipher_suite; |
+ SSLCompressionMethod compression_method; |
} SSL3ServerHello; |
typedef struct { |
@@ -245,50 +249,25 @@ typedef struct { |
} SSL3ServerKeyExchange; |
typedef enum { |
- ct_RSA_sign = 1, |
- ct_DSS_sign = 2, |
- ct_RSA_fixed_DH = 3, |
- ct_DSS_fixed_DH = 4, |
- ct_RSA_ephemeral_DH = 5, |
- ct_DSS_ephemeral_DH = 6, |
- ct_ECDSA_sign = 64, |
- ct_RSA_fixed_ECDH = 65, |
- ct_ECDSA_fixed_ECDH = 66 |
+ ct_RSA_sign = 1, |
+ ct_DSS_sign = 2, |
+ ct_RSA_fixed_DH = 3, |
+ ct_DSS_fixed_DH = 4, |
+ ct_RSA_ephemeral_DH = 5, |
+ ct_DSS_ephemeral_DH = 6, |
+ ct_ECDSA_sign = 64, |
+ ct_RSA_fixed_ECDH = 65, |
+ ct_ECDSA_fixed_ECDH = 66 |
} SSL3ClientCertificateType; |
-typedef SECItem *SSL3DistinquishedName; |
- |
typedef struct { |
SSL3Opaque client_version[2]; |
SSL3Opaque random[46]; |
} SSL3RSAPreMasterSecret; |
-typedef SECItem SSL3EncryptedPreMasterSecret; |
- |
- |
typedef SSL3Opaque SSL3MasterSecret[48]; |
-typedef enum { implicit, explicit } SSL3PublicValueEncoding; |
- |
-typedef struct { |
- union { |
- SSL3Opaque implicit; |
- SECItem explicit; |
- } dh_public; |
-} SSL3ClientDiffieHellmanPublic; |
- |
-typedef struct { |
- union { |
- SSL3EncryptedPreMasterSecret rsa; |
- SSL3ClientDiffieHellmanPublic diffie_helman; |
- } exchange_keys; |
-} SSL3ClientKeyExchange; |
- |
-typedef SSL3Hashes SSL3PreSignedCertificateVerify; |
- |
-typedef SECItem SSL3CertificateVerify; |
- |
typedef enum { |
sender_client = 0x434c4e54, |
sender_server = 0x53525652 |
@@ -310,11 +289,11 @@ typedef struct { |
typedef struct { |
PRUint32 received_timestamp; |
PRUint32 ticket_lifetime_hint; |
- SECItem ticket; |
+ SECItem ticket; |
} NewSessionTicket; |
typedef enum { |
- CLIENT_AUTH_ANONYMOUS = 0, |
+ CLIENT_AUTH_ANONYMOUS = 0, |
CLIENT_AUTH_CERTIFICATE = 1 |
} ClientAuthenticationType; |
@@ -325,10 +304,10 @@ typedef struct { |
} identity; |
} ClientIdentity; |
-#define SESS_TICKET_KEY_NAME_LEN 16 |
-#define SESS_TICKET_KEY_NAME_PREFIX "NSS!" |
+#define SESS_TICKET_KEY_NAME_LEN 16 |
+#define SESS_TICKET_KEY_NAME_PREFIX "NSS!" |
#define SESS_TICKET_KEY_NAME_PREFIX_LEN 4 |
-#define SESS_TICKET_KEY_VAR_NAME_LEN 12 |
+#define SESS_TICKET_KEY_VAR_NAME_LEN 12 |
typedef struct { |
unsigned char *key_name; |
@@ -339,6 +318,6 @@ typedef struct { |
#define TLS_EX_SESS_TICKET_MAC_LENGTH 32 |
-#define TLS_STE_NO_SERVER_NAME -1 |
+#define TLS_STE_NO_SERVER_NAME -1 |
#endif /* __ssl3proto_h_ */ |