projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Remove some dead code from libssl
[openssl.git]
/
ssl
/
ssl_locl.h
diff --git
a/ssl/ssl_locl.h
b/ssl/ssl_locl.h
index fa0d2a2549b5846e7ad41dce24de7b399632bbb4..ac8c826a0a5e2d8ed518e076783cc12bbff6a271 100644
(file)
--- a/
ssl/ssl_locl.h
+++ b/
ssl/ssl_locl.h
@@
-830,6
+830,10
@@
struct ssl_ctx_st {
ENGINE *client_cert_engine;
# endif
ENGINE *client_cert_engine;
# endif
+ /* Early callback. Mostly for extensions, but not entirely. */
+ SSL_early_cb_fn early_cb;
+ void *early_cb_arg;
+
/* TLS extensions. */
struct {
/* TLS extensions servername callback */
/* TLS extensions. */
struct {
/* TLS extensions servername callback */
@@
-1171,6
+1175,9
@@
struct ssl_st {
int use_etm;
} ext;
int use_etm;
} ext;
+ /* Parsed form of the ClientHello, kept around across early_cb calls. */
+ CLIENTHELLO_MSG *clienthello;
+
/*-
* no further mod of servername
* 0 : call the servername extension callback.
/*-
* no further mod of servername
* 0 : call the servername extension callback.
@@
-1309,8
+1316,9
@@
typedef struct ssl3_state_st {
# endif
/* used for certificate requests */
int cert_req;
# endif
/* used for certificate requests */
int cert_req;
- int ctype_num;
- char ctype[SSL3_CT_NUMBER];
+ /* Certificate types in certificate request message. */
+ uint8_t *ctype;
+ size_t ctype_len;
STACK_OF(X509_NAME) *ca_names;
size_t key_block_length;
unsigned char *key_block;
STACK_OF(X509_NAME) *ca_names;
size_t key_block_length;
unsigned char *key_block;
@@
-1599,13
+1607,9
@@
typedef struct cert_st {
/* Flags related to certificates */
uint32_t cert_flags;
CERT_PKEY pkeys[SSL_PKEY_NUM];
/* Flags related to certificates */
uint32_t cert_flags;
CERT_PKEY pkeys[SSL_PKEY_NUM];
- /*
- * Certificate types (received or sent) in certificate request message.
- * On receive this is only set if number of certificate types exceeds
- * SSL3_CT_NUMBER.
- */
- unsigned char *ctypes;
- size_t ctype_num;
+ /* Custom certificate types sent in certificate request message. */
+ uint8_t *ctype;
+ size_t ctype_len;
/*
* supported signature algorithms. When set on a client this is sent in
* the client hello as the supported signature algorithms extension. For
/*
* supported signature algorithms. When set on a client this is sent in
* the client hello as the supported signature algorithms extension. For
@@
-1972,6
+1976,8
@@
static ossl_inline int ssl_has_cert(const SSL *s, int idx)
# ifndef OPENSSL_UNIT_TEST
# ifndef OPENSSL_UNIT_TEST
+__owur int ssl_read_internal(SSL *s, void *buf, size_t num, size_t *readbytes);
+__owur int ssl_write_internal(SSL *s, const void *buf, size_t num, size_t *written);
void ssl_clear_cipher_ctx(SSL *s);
int ssl_clear_bad_session(SSL *s);
__owur CERT *ssl_cert_new(void);
void ssl_clear_cipher_ctx(SSL *s);
int ssl_clear_bad_session(SSL *s);
__owur CERT *ssl_cert_new(void);
@@
-1991,6
+1997,12
@@
__owur STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
**sorted,
const char *rule_str,
CERT *c);
**sorted,
const char *rule_str,
CERT *c);
+__owur int ssl_cache_cipherlist(SSL *s, PACKET *cipher_suites,
+ int sslv2format, int *al);
+__owur int bytes_to_cipher_list(SSL *s, PACKET *cipher_suites,
+ STACK_OF(SSL_CIPHER) **skp,
+ STACK_OF(SSL_CIPHER) **scsvs, int sslv2format,
+ int *al);
void ssl_update_cache(SSL *s, int mode);
__owur int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
const EVP_MD **md, int *mac_pkey_type,
void ssl_update_cache(SSL *s, int mode);
__owur int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
const EVP_MD **md, int *mac_pkey_type,
@@
-2001,7
+2013,8
@@
__owur int ssl_cipher_get_overhead(const SSL_CIPHER *c, size_t *mac_overhead,
size_t *ext_overhead);
__owur int ssl_cipher_get_cert_index(const SSL_CIPHER *c);
__owur const SSL_CIPHER *ssl_get_cipher_by_char(SSL *ssl,
size_t *ext_overhead);
__owur int ssl_cipher_get_cert_index(const SSL_CIPHER *c);
__owur const SSL_CIPHER *ssl_get_cipher_by_char(SSL *ssl,
- const unsigned char *ptr);
+ const unsigned char *ptr,
+ int all);
__owur int ssl_cert_set0_chain(SSL *s, SSL_CTX *ctx, STACK_OF(X509) *chain);
__owur int ssl_cert_set1_chain(SSL *s, SSL_CTX *ctx, STACK_OF(X509) *chain);
__owur int ssl_cert_add0_chain_cert(SSL *s, SSL_CTX *ctx, X509 *x);
__owur int ssl_cert_set0_chain(SSL *s, SSL_CTX *ctx, STACK_OF(X509) *chain);
__owur int ssl_cert_set1_chain(SSL *s, SSL_CTX *ctx, STACK_OF(X509) *chain);
__owur int ssl_cert_add0_chain_cert(SSL *s, SSL_CTX *ctx, X509 *x);
@@
-2197,7
+2210,6
@@
__owur int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
__owur int tls1_alert_code(int code);
__owur int tls13_alert_code(int code);
__owur int ssl3_alert_code(int code);
__owur int tls1_alert_code(int code);
__owur int tls13_alert_code(int code);
__owur int ssl3_alert_code(int code);
-__owur int ssl_ok(SSL *s);
# ifndef OPENSSL_NO_EC
__owur int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s);
# ifndef OPENSSL_NO_EC
__owur int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s);
@@
-2370,7
+2382,7
@@
void custom_exts_free(custom_ext_methods *exts);
void ssl_comp_free_compression_methods_int(void);
void ssl_comp_free_compression_methods_int(void);
-# else
+# else
/* OPENSSL_UNIT_TEST */
# define ssl_init_wbio_buffer SSL_test_functions()->p_ssl_init_wbio_buffer
# define ssl3_setup_buffers SSL_test_functions()->p_ssl3_setup_buffers
# define ssl_init_wbio_buffer SSL_test_functions()->p_ssl_init_wbio_buffer
# define ssl3_setup_buffers SSL_test_functions()->p_ssl3_setup_buffers