projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Remove DRBG from SSL structure.
[openssl.git]
/
ssl
/
ssl_locl.h
diff --git
a/ssl/ssl_locl.h
b/ssl/ssl_locl.h
index e521152da384c1be18030b8891c66f9281dcb9a8..49c45109a801572818636adbb30a7d2d1af209ac 100644
(file)
--- a/
ssl/ssl_locl.h
+++ b/
ssl/ssl_locl.h
@@
-30,7
+30,7
@@
# include <openssl/ct.h>
# include "record/record.h"
# include "statem/statem.h"
# include <openssl/ct.h>
# include "record/record.h"
# include "statem/statem.h"
-# include "
packet_locl
.h"
+# include "
internal/packet
.h"
# include "internal/dane.h"
# include "internal/refcount.h"
# include "internal/tsan_assist.h"
# include "internal/dane.h"
# include "internal/refcount.h"
# include "internal/tsan_assist.h"
@@
-556,7
+556,6
@@
struct ssl_session_st {
const SSL_CIPHER *cipher;
unsigned long cipher_id; /* when ASN.1 loaded, this needs to be used to
* load the 'cipher' structure */
const SSL_CIPHER *cipher;
unsigned long cipher_id; /* when ASN.1 loaded, this needs to be used to
* load the 'cipher' structure */
- STACK_OF(SSL_CIPHER) *ciphers; /* ciphers offered by the client */
CRYPTO_EX_DATA ex_data; /* application specific data */
/*
* These are used to make removal of session-ids more efficient and to
CRYPTO_EX_DATA ex_data; /* application specific data */
/*
* These are used to make removal of session-ids more efficient and to
@@
-566,13
+565,7
@@
struct ssl_session_st {
struct {
char *hostname;
struct {
char *hostname;
-# ifndef OPENSSL_NO_EC
- size_t ecpointformats_len;
- unsigned char *ecpointformats; /* peer's list */
-# endif /* OPENSSL_NO_EC */
- size_t supportedgroups_len;
- uint16_t *supportedgroups; /* peer's list */
- /* RFC4507 info */
+ /* RFC4507 info */
unsigned char *tick; /* Session ticket */
size_t ticklen; /* Session ticket length */
/* Session lifetime hint in seconds */
unsigned char *tick; /* Session ticket */
size_t ticklen; /* Session ticket length */
/* Session lifetime hint in seconds */
@@
-1320,6
+1313,7
@@
struct ssl_st {
/* Per connection DANE state */
SSL_DANE dane;
/* crypto */
/* Per connection DANE state */
SSL_DANE dane;
/* crypto */
+ STACK_OF(SSL_CIPHER) *peer_ciphers;
STACK_OF(SSL_CIPHER) *cipher_list;
STACK_OF(SSL_CIPHER) *cipher_list_by_id;
/* TLSv1.3 specific ciphersuites */
STACK_OF(SSL_CIPHER) *cipher_list;
STACK_OF(SSL_CIPHER) *cipher_list_by_id;
/* TLSv1.3 specific ciphersuites */
@@
-1483,10
+1477,19
@@
struct ssl_st {
size_t ecpointformats_len;
/* our list */
unsigned char *ecpointformats;
size_t ecpointformats_len;
/* our list */
unsigned char *ecpointformats;
+
+ size_t peer_ecpointformats_len;
+ /* peer's list */
+ unsigned char *peer_ecpointformats;
# endif /* OPENSSL_NO_EC */
size_t supportedgroups_len;
/* our list */
uint16_t *supportedgroups;
# endif /* OPENSSL_NO_EC */
size_t supportedgroups_len;
/* our list */
uint16_t *supportedgroups;
+
+ size_t peer_supportedgroups_len;
+ /* peer's list */
+ uint16_t *peer_supportedgroups;
+
/* TLS Session Ticket extension override */
TLS_SESSION_TICKET_EXT *session_ticket;
/* TLS Session Ticket extension callback */
/* TLS Session Ticket extension override */
TLS_SESSION_TICKET_EXT *session_ticket;
/* TLS Session Ticket extension callback */
@@
-1642,7
+1645,6
@@
struct ssl_st {
size_t block_padding;
CRYPTO_RWLOCK *lock;
size_t block_padding;
CRYPTO_RWLOCK *lock;
- RAND_DRBG *drbg;
/* The number of TLS1.3 tickets to automatically send */
size_t num_tickets;
/* The number of TLS1.3 tickets to automatically send */
size_t num_tickets;
@@
-1658,6
+1660,13
@@
struct ssl_st {
/* Callback for SSL async handling */
SSL_async_callback_fn async_cb;
void *async_cb_arg;
/* Callback for SSL async handling */
SSL_async_callback_fn async_cb;
void *async_cb_arg;
+
+ /*
+ * Signature algorithms shared by client and server: cached because these
+ * are used most often.
+ */
+ const struct sigalg_lookup_st **shared_sigalgs;
+ size_t shared_sigalgslen;
};
/*
};
/*
@@
-1922,12
+1931,6
@@
typedef struct cert_st {
uint16_t *client_sigalgs;
/* Size of above array */
size_t client_sigalgslen;
uint16_t *client_sigalgs;
/* Size of above array */
size_t client_sigalgslen;
- /*
- * Signature algorithms shared by client and server: cached because these
- * are used most often.
- */
- const SIGALG_LOOKUP **shared_sigalgs;
- size_t shared_sigalgslen;
/*
* Certificate setup callback: if set is called whenever a certificate
* may be required (client or server). the callback can then examine any
/*
* Certificate setup callback: if set is called whenever a certificate
* may be required (client or server). the callback can then examine any
@@
-2258,8
+2261,8
@@
static ossl_inline int ssl_has_cert(const SSL *s, int idx)
static ossl_inline void tls1_get_peer_groups(SSL *s, const uint16_t **pgroups,
size_t *pgroupslen)
{
static ossl_inline void tls1_get_peer_groups(SSL *s, const uint16_t **pgroups,
size_t *pgroupslen)
{
- *pgroups = s->
session->ext.
supportedgroups;
- *pgroupslen = s->
session->ext.
supportedgroups_len;
+ *pgroups = s->
ext.peer_
supportedgroups;
+ *pgroupslen = s->
ext.peer_
supportedgroups_len;
}
# ifndef OPENSSL_UNIT_TEST
}
# ifndef OPENSSL_UNIT_TEST