Initial revision of ECC extension handling.

[openssl.git] / ssl / ssl.h
diff --git a/ssl/ssl.h b/ssl/ssl.h

index 3e255fcfeed1e347cd44a68569679cb45b806f23..6f5c305f72dfa79e9038437d0027438964e730f1 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -982,6 +982,13 @@ struct ssl_ctx_st
         /* Callback for disabling session caching and ticket support
          * on a session basis, depending on the chosen cipher. */
         int (*not_resumable_session_cb)(SSL *ssl, int is_forward_secure);
         /* Callback for disabling session caching and ticket support
          * on a session basis, depending on the chosen cipher. */
         int (*not_resumable_session_cb)(SSL *ssl, int is_forward_secure);
+#ifndef OPENSSL_NO_EC
+       /* EC extension values inherited by SSL structure */
+       size_t tlsext_ecpointformatlist_length;
+       unsigned char *tlsext_ecpointformatlist;
+       size_t tlsext_ellipticcurvelist_length;
+       unsigned char *tlsext_ellipticcurvelist;
+#endif /* OPENSSL_NO_EC */
         };
  
  #endif
         };
  
  #endif
@@ -1618,7 +1625,10 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
  #define SSL_CTRL_CHAIN                         88
  #define SSL_CTRL_CHAIN_CERT                    89
  
  #define SSL_CTRL_CHAIN                         88
  #define SSL_CTRL_CHAIN_CERT                    89
  
-#define SSL_CTRL_GET_CURVELIST                 90
+#define SSL_CTRL_GET_CURVES                    90
+#define SSL_CTRL_SET_CURVES                    91
+#define SSL_CTRL_SET_CURVES_LIST               92
+#define SSL_CTRL_GET_SHARED_CURVE              93
  
  #define DTLSv1_get_timeout(ssl, arg) \
         SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
  
  #define DTLSv1_get_timeout(ssl, arg) \
         SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
@@ -1678,9 +1688,18 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
         SSL_ctrl(ctx,SSL_CTRL_CHAIN_CERT,0,(char *)x509)
  #define SSL_add1_chain_cert(ctx,x509) \
         SSL_ctrl(ctx,SSL_CTRL_CHAIN_CERT,1,(char *)x509)
         SSL_ctrl(ctx,SSL_CTRL_CHAIN_CERT,0,(char *)x509)
  #define SSL_add1_chain_cert(ctx,x509) \
         SSL_ctrl(ctx,SSL_CTRL_CHAIN_CERT,1,(char *)x509)
-#define SSL_get1_curvelist(ctx, s) \
-       SSL_ctrl(ctx,SSL_CTRL_GET_CURVELIST,0,(char *)s)
-
+#define SSL_get1_curves(ctx, s) \
+       SSL_ctrl(ctx,SSL_CTRL_GET_CURVES,0,(char *)s)
+#define SSL_CTX_set1_curves(ctx, clist, clistlen) \
+       SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CURVES,clistlen,(char *)clist)
+#define SSL_CTX_set1_curves_list(ctx, s) \
+       SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CURVES_LIST,0,(char *)s)
+#define SSL_set1_curves(ctx, clist, clistlen) \
+       SSL_ctrl(ctx,SSL_CTRL_SET_CURVES,clistlen,(char *)clist)
+#define SSL_set1_curves_list(ctx, s) \
+       SSL_ctrl(ctx,SSL_CTRL_SET_CURVES_LIST,0,(char *)s)
+#define SSL_get_shared_curve(s, n) \
+       SSL_ctrl(s,SSL_CTRL_GET_SHARED_CURVE,n,NULL)
  
  #ifndef OPENSSL_NO_BIO
  BIO_METHOD *BIO_f_ssl(void);
  
  #ifndef OPENSSL_NO_BIO
  BIO_METHOD *BIO_f_ssl(void);