char *srp_username;
# endif
uint32_t flags;
+ CRYPTO_RWLOCK *lock;
};
/* Extended master secret support */
void *ct_validation_callback_arg;
# endif
+ /*
+ * If we're using more than one pipeline how should we divide the data
+ * up between the pipes?
+ */
+ unsigned int split_send_fragment;
/*
* Maximum amount of data to send in one fragment. actual record size can
* be more than this due to padding and MAC overheads.
*/
unsigned int max_send_fragment;
+ /* Up to how many pipelines should we use? If 0 then 1 is assumed */
+ unsigned int max_pipelines;
+
+ /* The default read buffer length to use (0 means not set) */
+ size_t default_read_buf_len;
+
# ifndef OPENSSL_NO_ENGINE
/*
* Engine to pass requests for client certs to
size_t tlsext_ellipticcurvelist_length;
unsigned char *tlsext_ellipticcurvelist;
# endif /* OPENSSL_NO_EC */
+ CRYPTO_RWLOCK *lock;
};
int first_packet;
/* what was passed, used for SSLv3/TLS rollback check */
int client_version;
+
+ /*
+ * If we're using more than one pipeline how should we divide the data
+ * up between the pipes?
+ */
+ unsigned int split_send_fragment;
+ /*
+ * Maximum amount of data to send in one fragment. actual record size can
+ * be more than this due to padding and MAC overheads.
+ */
unsigned int max_send_fragment;
+ /* Up to how many pipelines should we use? If 0 then 1 is assumed */
+ unsigned int max_pipelines;
+
/* TLS extension debug callback */
void (*tlsext_debug_cb) (SSL *s, int client_server, int type,
const unsigned char *data, int len, void *arg);
/* Async Job info */
ASYNC_JOB *job;
ASYNC_WAIT_CTX *waitctx;
+
+ CRYPTO_RWLOCK *lock;
};
* that the server selected once the ServerHello has been processed.
*/
unsigned char *alpn_selected;
- unsigned alpn_selected_len;
+ size_t alpn_selected_len;
+ /* used by the server to know what options were proposed */
+ unsigned char *alpn_proposed;
+ size_t alpn_proposed_len;
+ /* used by the client to know if it actually sent alpn */
+ int alpn_sent;
# ifndef OPENSSL_NO_EC
/*
char *psk_identity_hint;
#endif
int references; /* >1 only if SSL_copy_session_id is used */
+ CRYPTO_RWLOCK *lock;
} CERT;
/* Structure containing decoded values of signature algorithms extension */
* of a mess of functions, but hell, think of it as an opaque structure :-)
*/
typedef struct ssl3_enc_method {
- int (*enc) (SSL *, int);
- int (*mac) (SSL *, unsigned char *, int);
+ int (*enc) (SSL *, SSL3_RECORD *, unsigned int, int);
+ int (*mac) (SSL *, SSL3_RECORD *, unsigned char *, int);
int (*setup_key_block) (SSL *);
int (*generate_master_secret) (SSL *, unsigned char *, unsigned char *,
int);